Securing the Semantic Web: A Trust Management Approach

June 1, 2003 - September 1, 2006

A three year project funded by NSF (final approval pending) directed by PI Tm Finin and CO-PI Anupam Joshi to be carried out 2003-2006 with $240K in funding from the NSF Division of Information and Intelligent Systems, Data and Applications Security Program under the direction of program officer Bhavani Thuraisingham.

This research investigates distributed trust management as an alternative to traditional authentication and access control schemes in dynamic and pen computing environments such as multiagent systems, web services and pervasive computing. Distributed trust management handles security with techniques used in human societies, where people are judged on their abilities, assets, relationships and reputations. Authorization decisions are made through the application of relevant security and trust policies, expressed in a high-level declarative language. The policies define rules and constraints on agents (human or software) and the actions they can take on objects in terms of their credentials and properties. This work extends the principles of trust management with deontic notions of rights, obligations, and prohibitions. An ontology grounded in a semantic language (e.g., RDF, DAML or OWL) is used to represent security information constituting credentials, policies, beliefs, and proofs as well as relevant domain-specific properties to characterize the agents, actions and objects. An important results will be a better understanding of how the semantic web can address the critical issues of security, trust and privacy in distributed open environments. The new concepts and techniques will be evaluated and demonstrated through the implementation of prototype tools and applications.

policy, security, semantic web, trust

OWL Tweet

Faculty

  1. Anupam Joshi

Publications

2005

  1. P. Kolari, L. Ding, S. Ganjugunte, L. Kagal, A. Joshi, and T. Finin, "Enhancing Web Privacy Protection through Declarative Policies", InProceedings, Proceedings of the IEEE Workshop on Policy for Distributed Systems and Networks(POLICY 2005), June 2005, 8274 downloads, 27 citations.
  2. R. Masuoka, M. Chopra, Z. Song, Y. K. Labrou, L. Kagal, and T. Finin, "Policy-based Access Control for Task Computing Using Rei", InProceedings, Proceedings of the Policy Management for the Web Workshop, May 2005, 3176 downloads, 15 citations.
  3. L. Kagal, T. Finin, and J. A. Hendler, "Proceedings of the Policy Management for the Web workshop", Proceedings, World Wide Web Consortium, May 2005, 2861 downloads.
  4. M. Chopra, "Applying Policy Based Access Control and XML Digital Signatures for Security in Pervasive Computing Environments", MastersThesis, May 2005, 2908 downloads.
  5. A. B. Shah, "An integrated development environment for policies", MastersThesis, University of Maryland, Baltimore County, March 2005, 2752 downloads.
  6. L. Kagal and T. Finin, "Modeling Communicative Behavior using Permissions and Obligations", InBook, Developments in Agent Communication, Eds. Frank Dignum, Rogier van Eijk, Marc-Philippe Huget, January 2005, 3924 downloads, 14 citations.

2004

  1. L. Kagal, J. Parker, H. Chen, A. Joshi, and T. Finin, "Security, Privacy and Trust in Mobile Computing Environments", InBook, Handbook of Mobile Computing, Editors Imad Mahgoub and Mohammad Ilyas, December 2004, 3 citations.
  2. L. Kagal, T. Finin, and A. Joshi, "Declarative Policies for Describing Web Service Capabilities and Constraints", InProceedings, W3C Workshop on Constraints and Capabilities for Web Services, October 2004, 8736 downloads, 23 citations.
  3. L. Kagal, "A Policy-Based Approach to Governing Autonomous Behavior in Distributed Environments", PhdThesis, University of Maryland Baltimore County, September 2004, 10 citations.
  4. P. Kolari, L. Ding, L. Kagal, S. Ganjugunte, A. Joshi, and T. Finin, "Enhancing P3P Framework through Policies and Trust", TechReport, UMBC Technical Report, TR-CS-04-13, September 2004, 4345 downloads.
  5. M. Cornwell, J. E. Just, L. Kagal, and T. Finin, "A Policy Based Collaboration Infrastructure for P2P Networking", InProceedings, Twelfth International Conference on Telecommunication Systems, Modeling and Analysis, July 2004, 2 citations.
  6. L. Kagal and T. Finin, "Modeling Conversation Policies using Permissions and Obligations", InProceedings, AAMAS 2004 Workshop on Agent Communication (AC2004), July 2004, 5187 downloads, 50 citations.
  7. L. Kagal, M. Paoucci, N. Srinivasan, G. Denker, T. Finin, and K. Sycara, "Authorization and Privacy for Semantic Web Services", Article, IEEE Intelligent Systems (Special Issue on Semantic Web Services), July 2004, 2947 downloads, 1 citation.
  8. P. Kolari, "Enhancing Web Privacy with Policy Language and Trust", MastersThesis, UMBC Master's thesis, May 2004, 4764 downloads.
  9. M. Cornwell, J. E. Just, and L. Kagal, "Autonomic Policy-Based Collaboration for Cross-Agency Human Teams", InProceedings, Conference on the Human Impact and Application of Autonomic Computing Systems (CHIACS2), April 2004, 3923 downloads.
  10. L. Kagal, M. Paoucci, N. Srinivasan, G. Denker, T. Finin, and K. Sycara, "Authorization and Privacy for Semantic Web Services", InProceedings, First International Semantic Web Services Symposium, AAAI 2004 Spring Symposium, March 2004, 9629 downloads, 1 citation.

2003

  1. G. Denker, L. Kagal, T. Finin, K. Sycara, and M. Paoucci, "Security for DAML Web Services: Annotation and Matchmaking", InProceedings, Second International Semantic Web Conference, September 2003, 4529 downloads, 125 citations.
  2. L. Kagal, T. Finin, and A. Joshi, "A Policy Based Approach to Security for the Semantic Web", InProceedings, 2nd International Semantic Web Conference (ISWC2003), September 2003, 11682 downloads, 218 citations.
  3. L. Kagal, T. Finin, and A. Joshi, "A Policy Language for A Pervasive Computing Environment", InCollection, IEEE 4th International Workshop on Policies for Distributed Systems and Networks, June 2003, 5091 downloads, 341 citations.

2002

  1. L. Kagal, V. Korolev, S. Avancha, A. Joshi, T. Finin, and Y. Yesha, "Centaurus : An Infrastructure for Service Management in Ubiquitous Computing", Article, ACM Wireless Networks Journal, November 2002, 2853 downloads, 19 citations.
  2. L. Kagal, F. Perich, A. Joshi, and T. Finin, "A Security Architecture Based on Trust Management for Pervasive Computing Systems", InProceedings, Grace Hopper Celebration of Women in Computing, October 2002, 5759 downloads, 30 citations.
  3. L. Kagal, V. Korolev, S. Avancha, A. Joshi, and T. Finin, "An Approach to Dynamic Service Management in Pervasive Computing", InProceedings, Proceedings of the Grace Hopper Celebration of Women in Computing, October 2002, 3281 downloads.
  4. L. Kagal, F. Perich, A. Joshi, Y. Yesha, and T. Finin, "Vigil: Providing Trust for Enhanced Security in Pervasive Systems", TechReport, University of Maryland, Baltimore County, August 2002, 5510 downloads, 11 citations.
  5. L. Kagal, "An Agent Approach to Security for Pervasive Computing Environments", InProceedings, Doctoral Consortium, The Eighteenth National Conference on Artificial Intelligence (AAAI 02), July 2002.
  6. L. Kagal, T. Finin, and A. Joshi, "Developing Secure Agent Systems Using Delegation Based Trust Management", InProceedings, Security of Mobile Multi-Agent Systems Workshop, Autonomous Agents and Multiagent Systems (AAMAS 2002) , July 2002, 5505 downloads, 38 citations.
  7. L. Kagal, F. Perich, H. Chen, S. Tolia, Y. Zou, A. Joshi, Y. Peng, R. S. Cost, C. Nicholas, and T. Finin, "Agents Making Sense of the Semantic Web", InProceedings, Workshop on Radical Agent Concepts (WRAC): Innovative Concepts for Agent-Based Systems, January 2002, 4915 downloads, 9 citations.

2001

  1. L. Kagal, T. Finin, and A. Joshi, "Trust-Based Security in Pervasive Computing Environments", Article, IEEE Computer, December 2001, 9421 downloads, 214 citations.
  2. L. Kagal, T. Finin, and Y. Peng, "A Delegation Based Model for Distributed Trust", InProceedings, Workshop on Autonomy, Delegation, and Control: Interacting with Autonomous Agents, International Joint Conferences on Artificial Intelligence, August 2001, 1364 downloads, 69 citations.
  3. L. Kagal, T. Finin, R. S. Cost, and Y. Peng, "A Framework for Distributed Trust Management", InProceedings, Second Workshop on Norms and Institutions in multi-agent systems, May 2001, 4051 downloads, 1 citation.
  4. L. Kagal, V. Korolev, H. Chen, A. Joshi, and T. Finin, "Centaurus : A Framework for Intelligent Services in a Mobile Environment", InProceedings, International Workshop of Smart Appliances and Wearable Computing at the 21st International Conference of Distributed Computing Systems, April 2001, 6403 downloads, 57 citations.

Poster

  1. DAS poster