AIC Seminar Series
Using OWL Policies for Security in Dynamic, Distributed Environments
|Lalana Kagal||University of Maryland, Baltimore County|
Date: 2004-05-21 at 10:30
Location: EJ228 (Directions)
Security is a critical problem in dynamic and open distributed
environments such as those enabled by the semantic web and pervasive
computing technologies. The presence of heterogeneous entities that are
neither pre-determined nor permanent, and the lack of central control are
some of its challenges. We believe that declarative policies address
these issues while maintaining openness and flexibility. We propose the
use of policies defined in OWL to constrain the behavior of entities in
these environments as OWL provides the extensibility required to
incorporate different kinds of application-specific knowledge.
Rei is a policy language based in OWL-Lite that allows policies to be
specified as constraints over allowable and obligated actions on resources
in the environment. Rei also includes logic-like variables giving it the
flexibility to specify relations like role value maps that are not
directly possible in OWL. Rei includes meta policy specifications for
conflict resolution, speech acts for remote policy management and policy
analysis specifications like what-if analysis and use-case management
making it a suitable candidate for adaptable security in the environments
under consideration. The Rei engine, developed in XSB, reasons over Rei
policies and domain knowledge represented in RDF and OWL to provide
answers about the current permissions and obligations of an entity, which
are used to guide an entitys behavior.
I will describe Rei specifications and discuss several of its implemented
applications : (i) Semantic web services where policies are integrated
into OWL-S, (ii) Internet privacy where the privacy policies of users
are described in Rei and enforced by a proxy, (iii) collaborative
multi-agent systems where Rei is used to describe policies governing team
formation, collaboration and information flow, and (iv) pervasive
computing environments in which the actions allowed on a mobile, handheld
device are restricted by its context. Though I will briefly describe how
Rei is used in all these scenarios, I will concentrate on its application
in the semantic web services framework.
Please arrive at least 10 minutes early as you will need to sign in by
following instructions by the lobby phone at Building E. SRI is located
at 333 Ravenswood Avenue in Menlo Park. Visitors may park in the parking
lots off Fourth Street. Detailed directions to SRI, as well as maps, are
available from the Visiting AIC web page.
There are two entrances to SRI International located on Ravenswood Ave.
Please check the Builing E entrance signage.
©2015 SRI International 333 Ravenswood Avenue, Menlo Park, CA 94025-3493