Skip to main content
SpringerLink
Log in

Rule-Based Policy Representation and Reasoning for the Semantic Web

  • Chapter
Reasoning Web (Reasoning Web 2007)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4636))

Included in the following conference series:

Abstract

The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines the identity of the requester in order to either grant or deny access, depending on its associated information (e.g., by looking up its set of permissions). In the Semantic Web, any two strangers can interact with each other automatically and therefore this assumption does not hold. Hence, a semantically enriched process is required in order to regulate an automatic access to sensitive information. Policy-based access control provides sophisticated means in order to support protecting sensitive resources and information disclosure.

However, the term policy is often overloaded. A general definition might be “a statement that defines the behaviour of a system”. However, such a general definition encompasses different notions, including security policies, trust management policies, business rules and quality of service specifications, just to name a few. Researchers have mainly focussed on one or more of such notions separately but not on a comprehensive view. Policies are pervasive in web applications and play crucial roles in enhancing security, privacy, and service usability as well. Interoperability and self-describing semantics become key requirements and here is where Semantic Web comes into play. There has been extensive research on policies, also in the Semantic Web community, but there still exist some issues that prevent policy frameworks from being widely adopted by users and real world applications.

This document aims at providing an overall view of the state of the art (requirements for a policy framework, some existing policy frameworks languages, policy negotiation, context awareness, etc.) as well as open research issues in the area (policy understanding in a broad sense, integration of trust management, increase in system cooperation, user awareness, etc.) required to develop a successful Semantic Policy Framework.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.95
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Berners-Lee, T., Hendler, J., Lassila, O.: The Semantic Web. Scientific American (May 2001)

    Google Scholar 

  2. Antoniou, G., Baldoni, M., Bonatti, P.A., Nejdl, W., Olmedilla, D.: Rule-based policy specification. In: Yu, T., Jajodia, S. (eds.) Secure Data Management in Decentralized Systems. Advances in Information Security, vol. 33, Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  3. Blaze, M., Feigenbaum, J., Keromytis, A.D.: Keynote: Trust management for public-key infrastructures (position paper). In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols. LNCS, vol. 1550, pp. 59–63. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  4. Blaze, M., Feigenbaum, J., Strauss, M.: Compliance checking in the policymaker trust management system. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 254–274. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  5. Uszok, A., Bradshaw, J.M., Jeffers, R., Suri, N., Hayes, P.J., Breedy, M.R., Bunch, L., Johnson, M., Kulkarni, S., Lott, J.: KAoS policy and domain services: Toward a description-logic approach to policy representation, deconfliction, and enforcement. In: POLICY, p. 93 (2003)

    Google Scholar 

  6. Kagal, L., Finin, T.W., Joshi, A.: A policy based approach to security for the semantic web. In: Fensel, D., Sycara, K.P., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 402–418. Springer, Heidelberg (2003)

    Google Scholar 

  7. Gavriloaie, R., Nejdl, W., Olmedilla, D., Seamons, K.E., Winslett, M.: No registration needed: How to use declarative policies and negotiation to access sensitive resources on the semantic web. In: Bussler, C.J., Davies, J., Fensel, D., Studer, R. (eds.) ESWS 2004. LNCS, vol. 3053, pp. 342–356. Springer, Heidelberg (2004)

    Google Scholar 

  8. Bonatti, P.A., Olmedilla, D.: Driving and monitoring provisional trust negotiation with metapolicies. In: POLICY 2005. 6th IEEE International Workshop on Policies for Distributed Systems and Networks, Stockholm, Sweden, pp. 14–23. IEEE Computer Society Press, Los Alamitos (2005)

    Google Scholar 

  9. Tonti, G., Bradshaw, J.M., Jeffers, R., Montanari, R., Suri, N., Uszok, A.: Semantic web languages for policy representation and reasoning: A comparison of KAoS, Rei, and Ponder. In: International Semantic Web Conference, pp. 419–437 (2003)

    Google Scholar 

  10. Kagal, L., Paolucci, M., Srinivasan, N., Denker, G., Finin, T.W., Sycara, K.P.: Authorization and privacy for semantic web services. IEEE Intelligent Systems 19(4), 50–56 (2004)

    Article  Google Scholar 

  11. Taveter, K., Wagner, G.: Agent-oriented enterprise modeling based on business rules. In: Kunii, H.S., Jajodia, S., Sølvberg, A. (eds.) ER 2001. LNCS, vol. 2224, pp. 527–540. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition, IEEE Press, Los Alamitos (2000)

    Google Scholar 

  13. Nejdl, W., Olmedilla, D., Winslett, M., Zhang, C.C.: Ontology-based policy specification and management. In: Gómez-Pérez, A., Euzenat, J. (eds.) ESWC 2005. LNCS, vol. 3532, pp. 290–302. Springer, Heidelberg (2005)

    Google Scholar 

  14. Bonatti, P.A., Duma, C., Fuchs, N., Nejdl, W., Olmedilla, D., Peer, J., Shahmehri, N.: Semantic web policies - a discussion of requirements and research issues. In: Sure, Y., Domingue, J. (eds.) ESWC 2006. LNCS, vol. 4011, Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. Olmedilla, D.: Security and privacy on the semantic web. In: Petkovic, M., Jonker, W. (eds.) Security, Privacy and Trust in Modern Data Management, Springer, Heidelberg (to appear, 2007)

    Google Scholar 

  16. Bradshaw, J.M., Uszok, A., Jeffers, R., Suri, N., Hayes, P.J., Burstein, M.H., Acquisti, A., Benyo, B., Breedy, M.R., Carvalho, M.M., Diller, D.J., Johnson, M., Kulkarni, S., Lott, J., Sierhuis, M., von Hoof, R.: Representation and reasoning for DAML-based policy and domain services in KAoS and nomads. In: The Second International Joint Conference on Autonomous Agents & Multiagent Systems (AAMAS), Melbourne, Victoria, Australia (2003)

    Google Scholar 

  17. Dean, M., Schreiber, G.: OWL web ontology language reference (2004)

    Google Scholar 

  18. Baader, F., Calvanese, D., McGuinness, D.L., Nardi, D., Patel-Schneider, P.F. (eds.): The Description Logic Handbook: Theory, Implementation, and Applications. Cambridge University Press, Cambridge (2003)

    MATH  Google Scholar 

  19. Kagal, L.: A Policy-Based Approach to Governing Autonomous Behaviour in Distributed Environments. PhD thesis, University of Maryland Baltimore County (2004)

    Google Scholar 

  20. Bonatti, P., Samarati, P.: Regulating Service Access and Information Release on the Web. In: CCS 2000. Conference on Computer and Communications Security, Athens (2000)

    Google Scholar 

  21. Li, N., Mitchell, J.C.: RT: A Role-based Trust-management Framework. In: DISCEX. DARPA Information Survivability Conference and Exposition, Washington, DC (2003)

    Google Scholar 

  22. Trevor, J., Suciu, D.: Dynamically distributed query evaluation. In: Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, Santa Barbara, CA, USA, ACM, New York (2001)

    Google Scholar 

  23. Alves, M., Damásio, C.V., Nejdl, W., Olmedilla, D.: A distributed tabling algorithm for rule based policy systems. In: POLICY 2006. 7th IEEE International Workshop on Policies for Distributed Systems and Networks, London, Ontario, Canada, pp. 123–132. IEEE Computer Society, Los Alamitos (2006)

    Google Scholar 

  24. Bonatti, P.A., Olmedilla, D., Peer, J.: Advanced policy explanations on the web. In: ECAI 2006. 17th European Conference on Artificial Intelligence, Riva del Garda, Italy, pp. 200–204. IOS Press, Amsterdam (2006)

    Google Scholar 

  25. Kolari, P., Ding, L., Ganjugunte, S., Joshi, A., Finin, T.W., Kagal, L.: Enhancing web privacy protection through declarative policies. In: POLICY 2005. 6th IEEE International Workshop on Policies for Distributed Systems and Networks, Stockholm, Sweden, pp. 57–66. IEEE Computer Society, Los Alamitos (2005)

    Google Scholar 

  26. Staab, S., Bhargava, B.K., Lilien, L., Rosenthal, A., Winslett, M., Sloman, M., Dillon, T.S., Chang, E., Hussain, F.K., Nejdl, W., Olmedilla, D., Kashyap, V.: The pudding of trust. IEEE Intelligent Systems 19(5), 74–88 (2004)

    Article  Google Scholar 

  27. Denker, G., Kagal, L., Finin, T.W., Paolucci, M., Sycara, K.P.: Security for daml web services: Annotation and matchmaking. In: Fensel, D., Sycara, K.P., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 335–350. Springer, Heidelberg (2003)

    Google Scholar 

  28. Olmedilla, D., Lara, R., Polleres, A., Lausen, H.: Trust negotiation for semantic web services. In: Cardoso, J., Sheth, A.P. (eds.) SWSWPC 2004. LNCS, vol. 3387, pp. 81–95. Springer, Heidelberg (2005)

    Google Scholar 

  29. Grid Security Infrastructure, http://www.globus.org/security/overview.html

  30. Uszok, A., Bradshaw, J.M., Jeffers, R.: Kaos: A policy and domain services framework for grid computing and semantic web services. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 16–26. Springer, Heidelberg (2004)

    Google Scholar 

  31. Constandache, I., Olmedilla, D., Nejdl, W.: Policy based dynamic negotiation for grid services authorization. In: Semantic Web Policy Workshop in conjunction with 4th International Semantic Web Conference, Galway, Ireland (2005)

    Google Scholar 

  32. Li Gong: Inside Java 2 Platform Security: Architecture, API Design, and Implementation. Addison-Wesley, Reading (1999)

    Google Scholar 

  33. Gelfond, M., Lifschitz, V.: The stable model semantics for logic programming. In: Proc. of the 5th ICLP, pp. 1070–1080. MIT Press, Cambridge (1988)

    Google Scholar 

  34. Bertino, E., Ferrari, E., Buccafurri, F., Rullo, P.: A logical framework for reasoning on data access control policies. In: CSFW 1999. Proc. of the 12th IEEE Computer Security Foundations Workshop, pp. 175–189. IEEE Computer Society, Los Alamitos (1999)

    Google Scholar 

  35. Brewer, D.F.C., Nash, M.J.: The chinese wall security policy. In: IEEE Symposium on Security and Privacy, pp. 206–214. IEEE Computer Society Press, Los Alamitos (1989)

    Chapter  Google Scholar 

  36. Palopoli, L., Zaniolo, C.: Polynomial-time computable stable models. Ann. Math. Artif. Intell. 17(3-4), 261–290 (1996)

    Article  MATH  MathSciNet  Google Scholar 

  37. Saccà, D., Zaniolo, C.: Stable models and non-determinism in logic programs with negation. In: PODS 1990. Proc. of the Ninth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, pp. 205–217. ACM, New York (1990)

    Chapter  Google Scholar 

  38. Apt, K.R., Blair, H.A., Walker, A.: Towards a theory of declarative knowledge. In: Foundations of Deductive Databases and Logic Programming, pp. 89–148. Morgan Kaufmann, San Francisco (1988)

    Google Scholar 

  39. Bonatti, P.A., Shahmehri, N., Duma, C., Olmedilla, D., Nejdl, W., Baldoni, M., Baroglio, C., Martelli, A., Patti, V., Coraggio, P., Antoniou, G., Peer, J., Fuchs, N.E.: Rule-based policy specification: State of the art and future work. Technical report, Working Group I2, EU NoE REWERSE (August 2004), http://rewerse.net/deliverables/i2-d1.pdf

  40. Subrahmanian, V.S., Adali, S., Brink, A., Emery, R., Lu, J.J., Rajput, A., Rogers, T.J., Ross, R., Ward, C.: Hermes: Heterogeneous reasoning and mediator system, http://www.cs.umd.edu/projects/publications/abstracts/hermes.html

  41. Subrahmanian, V.S., Bonatti, P.A., Dix, J., Eiter, T., Kraus, S., Ozcan, F., Ross, R.: Heterogenous Active Agents. MIT Press, Cambridge (2000)

    Google Scholar 

  42. Rosenthal, A., Winslett, M.: Security of shared data in large systems: State of the art and research directions. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, Paris, France, June 13-18, 2004, pp. 962–964. ACM, New York (2004)

    Chapter  Google Scholar 

  43. Bonatti, P.A., Duma, C., Olmedilla, D., Shahmehri, N.: An integration of reputation-based and policy-based trust management. In: Semantic Web Policy Workshop in conjunction with 4th International Semantic Web Conference, Ireland (2005)

    Google Scholar 

  44. Blaze, M., Feigenbaum, J., Strauss, M.: Compliance Checking in the PolicyMaker Trust Management System. In: Financial Cryptography, British West Indies (February 1998)

    Google Scholar 

  45. Bonatti, P.A., Samarati, P.: A uniform framework for regulating service access and information release on the web. Journal of Computer Security 10(3), 241–272 (2000)

    Google Scholar 

  46. Winsborough, W., Seamons, K., Jones, V.: Negotiating Disclosure of Sensitive Credentials. In: Second Conference on Security in Communication Networks, Amalfi, Italy (September 1999)

    Google Scholar 

  47. Winsborough, W., Seamons, K., Jones, V.: Automated Trust Negotiation. In: DARPA Information Survivability Conference and Exposition, Hilton Head Island, SC (2000)

    Google Scholar 

  48. Winslett, M., Yu, T., Seamons, K.E., Hess, A., Jacobson, J., Jarvis, R., Smith, B., Yu, L.: Negotiating trust on the web. IEEE Internet Computing 6(6), 30–37 (2002)

    Article  Google Scholar 

  49. Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans. Inf. Syst. Secur. 6(1), 1–42 (2003)

    Article  MATH  Google Scholar 

  50. Becker, M.Y., Sewell, P.: Cassandra: distributed access control policies with tunable expressiveness. In: 5th IEEE International Workshop on Policies for Distributed Systems and Networks, Yorktown Heights (2004)

    Google Scholar 

  51. Seamons, K., Winslett, M., Yu, T., Smith, B., Child, E., Jacobsen, J., Mills, H., Yu, L.: Requirements for Policy Languages for Trust Negotiation. In: 3rd International Workshop on Policies for Distributed Systems and Networks, Monterey, CA (2002)

    Google Scholar 

  52. Li, N., Winsborough, W., Mitchell, J.C.: Distributed Credential Chain Discovery in Trust Management (Extended Abstract). In: ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, ACM, New York (2001)

    Google Scholar 

  53. Zhang, C., Bonatti, P.A., Winslett, M.: Peeraccess: A logic for distributed authorization. In: CCS 2005. 12th ACM Conference on Computer and Communication Security, Alexandria, VA, USA, ACM Press, New York (2005)

    Google Scholar 

  54. McGuinness, D.L., da Silva, P.P.: Explaining answers from the semantic web: The inference web approach. Journal of Web Semantics 1(4), 397–413 (2004)

    Google Scholar 

  55. McGuinness, D.L., da Silva, P.P.: Trusting answers from web applications. In: New Directions in Question Answering, pp. 275–286 (2004)

    Google Scholar 

  56. da Silva, P.P., McGuinness, D.L., Fikes, R.: A proof markup language for semantic web services. Technical Report KSL Tech Report KSL-04-01 (January 2004)

    Google Scholar 

  57. Swartout, W., Paris, C., Moore, J.: Explanations in knowledge systems: Design for explainable expert systems. IEEE Expert: Intelligent Systems and Their Applications 6(3), 58–64 (1991)

    Google Scholar 

  58. Tanner, M.C., Keuneke, A.M.: Explanations in knowledge systems: The roles of the task structure and domain functional models. IEEE Expert: Intelligent Systems and Their Applications 6(3), 50–57 (1991)

    Google Scholar 

  59. Wick, M.R.: Second generation expert system explanation. In: David, J.-M., Krivine, J.-P., Simmons, R. (eds.) Second Generation Expert Systems, pp. 614–640. Springer, Heidelberg (1993)

    Google Scholar 

  60. Kolovski, V., Katz, Y., Hendler, J., Weitzner, D., Berners-Lee, T.: Towards a policy-aware web. In: Semantic Web Policy Workshop in conjunction with 4th International Semantic Web Conference, Galway, Ireland (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Università di Napoli Federico II, Napoli, Italy

    Piero A. Bonatti

  2. L3S Research Center and University of Hannover,  

    Daniel Olmedilla

Authors
  1. Piero A. Bonatti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daniel Olmedilla
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Grigoris Antoniou Uwe Aßmann Cristina Baroglio Stefan Decker Nicola Henze Paula-Lavinia Patranjan Robert Tolksdorf

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Bonatti, P.A., Olmedilla, D. (2007). Rule-Based Policy Representation and Reasoning for the Semantic Web. In: Antoniou, G., et al. Reasoning Web. Reasoning Web 2007. Lecture Notes in Computer Science, vol 4636. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74615-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74615-7_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74613-3

  • Online ISBN: 978-3-540-74615-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation