Abstract
Enforcing rich policies in open environments will increasingly require the ability to dynamically identify external sources of information necessary to enforce different policies (e.g. finding an appropriate source of location information to enforce a location-sensitive access control policy). In this paper, we introduce a semantic web framework and a meta-control model for dynamically interleaving policy reasoning and external service discovery and access. Within this framework, external sources of information are wrapped as web services with rich semantic profiles allowing for the dynamic discovery and comparison of relevant sources of information. Each entity (e.g. user, sensor, application, or organization) relies on one or more Policy Enforcing Agents responsible for enforcing relevant privacy and security policies in response to incoming requests. These agents implement meta-control strategies to dynamically interleave semantic web reasoning and service discovery and access. The paper also presents preliminary empirical results. This research has been conducted in the context of myCampus, a pervasive computing environment aimed at enhancing everyday campus life at Carnegie Mellon University.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ashri, R., Payne, T., Marvin, D., Surridge, M., Taylor, S.: Towards a Semantic Web Security Infrastructure. In: Proceedings of Semantic Web Services Symposium (2004)
Bauer, L., Schneider, M.A., Felten, E.W.: A General and Flexible Access Control System for the Web. In: Proceedings of the 11th USENIX Security Symposium (August 2002)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proceedings of IEEE Conference on Security and Privacy, Oakland, CA (May 1996)
Ding, L., Kolari, P., Finin, T., Joshi, A., Peng, Y., Yesha, Y.: On Homeland Security and the Semantic Web: A Provenance and Trust Aware Inference Framework. In: Proceedings of the AAAI Spring Symposium on AI Technologies for Homeland Security (2005)
IBM. EPAL 1.1, http://www.zurich.ibm.com/security/enterprise-privacy/epal/
Friedman-Hill, E.: Jess in Action: Java Rule-based Systems. Manning Publications Company (2003), ISBN 1930110898 http://herzberg.ca.sandia.gov/jess/
Gandon, F., Sadeh, N.: A semantic e-wallet to reconcile privacy and context awareness. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 385–401. Springer, Heidelberg (2003)
Gandon, F., Sadeh, N.: Semantic web technologies to reconcile privacy and context awareness. Web Semantics Journal 1(3) (2004)
Hull, R., Kumar, B., Lieuwen, D., Patel-Schneider, P., Sahuguet, A., Varadarajan, S., Vyas, A.: Enabling context-aware and privacy-conscious user data sharing. In: Proceedings of 2004 IEEE International Conference on Mobile Data Management (January 2004)
Horrocks, I., Patel-Schneider, P.F., Boley, H., Tabet, S., Grosof, B., Dean, M.: SWRL: Semantic Web Rule Language Combining OWL and RuleML. Version 0.6.
van der Horst, T., Sundelin, T., Seamons, K.E., Knutson, C.D.: Mobile Trust Negotiation: Authentication and Authorization in Dynamic Mobile Networks. In: Eighth IFIP Conference on Communications and Multimedia Security, Lake Windermere, England (2004)
Kagal, L., Finin, T., Joshi, A.: A policy language for a pervasive computing environment. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (2003)
Kagal, L., Paolucci, M., Srinivasan, N., Denker, G., Finin, T., Sycara, K.: Authorization and Privacy for Semantic Web Services. In: Proceedings of Semantic Web Services Symposium, AAAI 2004. Spring Symposium Series, Stanford University, California (March 2004)
Bauer, L., Garriss, S., McCune, J., Reiter, M.K., Rouse, J., Rutenbar, P.: Device-Enabled Authorization in the Grey System, Submitted to USENIX Security (2005)
Leithead, T., Nejdl, W., Olmedilla, D., Seamons, K., Winslett, M., Yu, T., Zhang, C.: How to Exploit Ontologies in Trust Negotiation. In: Workshop on Trust, Security, and Reputation on the Semantic Web, part of ISWC 2004, Hiroshima, Japan (November 2004)
OASIS. eXtensible Access Control Markup Language (XACML)
OASIS.Security Assertion Markup Language (SAML)
The Rule Markup Initiative, http://www.ruleml.org
Sadeh, N.M., Chan, T.C., Van, L., Kwon, O., Takizawa, K.: Creating an open agent environment for context-aware m-commerce. In: Agentcities: Challenges in Open Agent Environments (2003)
Sadeh, N.M., Gandon, F., Kwon, O.B.: Ambient Intelligence: The MyCampus Experience. Carnegie Mellon University Technical Report. CMU-ISRI-05-123 (June 2005)
O’Sullivan, J., Edmond, D., Hofstede, A.T.: What’s in a service? Towards accurate description of non-functional service properties. Distributed and Parallel Databases 12 (117), 133 (2002)
SweetRules, http://sweetrules.projects.semwebcentral.org/
Undercoffer, J., Perich, F., Cedilnik, A., Kagal, L., Joshi, A.: A secure infrastructure for service discovery and access in pervasive computing. ACM Monet: Special Issue on Security in Mobile Computing Environments (October 2003)
Uszok, J.M., Bradshaw, R., Jeffers, M., Johnson, A., Tate, J., Dalton, S., Aitken, S.: Policy and Contract Management for Semantic Web Services. In: Proceedings of Semantic Web Services Symposium, AAAI 2004. Spring Symposium Series, Stanford, California (2004)
A P3P Preference Exchange Language (APPEL1.0), http://www.w3.org/TR/P3P-preferences/
OWL-S.: Semantic Markup for Web Services, http://www.w3.org/Submission/OWL-S
Web Service Modeling Ontology, WSMO, http://www.wsmo.org/
Paolucci, M., Kawamura, T., Payne, T.R., Sycara, K.: Semantic Matching of Web Services Capabilities. In: Proceedings of the First Intl. Semantic Web Conference (2002)
Denker, G., Kagal, L., Finin, T., Paolucci, M., Sycara, K.: Security For DAML Web Services: Annotation and Matchmaking. In: Proceedings of the Second Intl. Semantic Web Conference (2003)
Rao, J.: Semantic Web Service Composition via Logic-based Program Synthesis. PhD Thesis. Norwegian University of Science and Technology (December 10, 2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rao, J., Sadeh, N. (2005). A Semantic Web Framework for Interleaving Policy Reasoning and External Service Discovery. In: Adi, A., Stoutenburg, S., Tabet, S. (eds) Rules and Rule Markup Languages for the Semantic Web. RuleML 2005. Lecture Notes in Computer Science, vol 3791. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11580072_6
Download citation
DOI: https://doi.org/10.1007/11580072_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29922-6
Online ISBN: 978-3-540-32270-2
eBook Packages: Computer ScienceComputer Science (R0)