UMBC ebiquity

Securing the Semantic Web: A Trust Management Approach

Status: Past project

Project Description:
A three year project funded by NSF (final approval pending) directed by PI Tm Finin and CO-PI Anupam Joshi to be carried out 2003-2006 with $240K in funding from the NSF Division of Information and Intelligent Systems, Data and Applications Security Program under the direction of program officer Bhavani Thuraisingham.

This research investigates distributed trust management as an alternative to traditional authentication and access control schemes in dynamic and pen computing environments such as multiagent systems, web services and pervasive computing. Distributed trust management handles security with techniques used in human societies, where people are judged on their abilities, assets, relationships and reputations. Authorization decisions are made through the application of relevant security and trust policies, expressed in a high-level declarative language. The policies define rules and constraints on agents (human or software) and the actions they can take on objects in terms of their credentials and properties. This work extends the principles of trust management with deontic notions of rights, obligations, and prohibitions. An ontology grounded in a semantic language (e.g., RDF, DAML or OWL) is used to represent security information constituting credentials, policies, beliefs, and proofs as well as relevant domain-specific properties to characterize the agents, actions and objects. An important results will be a better understanding of how the semantic web can address the critical issues of security, trust and privacy in distributed open environments. The new concepts and techniques will be evaluated and demonstrated through the implementation of prototype tools and applications.

Start Date: June 2003

End Date: September 2006

Anupam Joshi

Lalana Kagal
Pranam Kolari
Anjali Bharat Shah

Tags: semantic web, security, trust, policy


There are 31 associated publications:  Hide the list...

28 Refereed Publications


1. Pranam Kolari et al., "Enhancing Web Privacy Protection through Declarative Policies", InProceedings, Proceedings of the IEEE Workshop on Policy for Distributed Systems and Networks(POLICY 2005), June 2005, 6416 downloads.

2. Ryusuke Masuoka et al., "Policy-based Access Control for Task Computing Using Rei ", InProceedings, Proceedings of the Policy Management for the Web Workshop, May 2005, 2366 downloads.

3. Lalana Kagal et al., "Proceedings of the Policy Management for the Web workshop", Proceedings, World Wide Web Consirtium, May 2005, 2005 downloads.

4. Mohinder Chopra, "Applying Policy Based Access Control and XML Digital Signatures for Security in Pervasive Computing Environments", MastersThesis, , May 2005, 2499 downloads.

5. Anjali Bharat Shah, "An integrated development environment for policies", MastersThesis, University of Maryland, Baltimore County, March 2005, 1966 downloads.

6. Lalana Kagal et al., "Modeling Communicative Behavior using Permissions and Obligations", InBook, Developments in Agent Communication, Eds. Frank Dignum, Rogier van Eijk, Marc-Philippe Huget, January 2005, 2581 downloads.


7. Lalana Kagal et al., "Security, Privacy and Trust in Mobile Computing Environments", InBook, Handbook of Mobile Computing, Editors Imad Mahgoub and Mohammad Ilyas, December 2004.

8. Lalana Kagal et al., "Declarative Policies for Describing Web Service Capabilities and Constraints", InProceedings, W3C Workshop on Constraints and Capabilities for Web Services, October 2004, 7133 downloads.

9. Lalana Kagal, "A Policy-Based Approach to Governing Autonomous Behavior in Distributed Environments", PhdThesis, University of Maryland Baltimore County, September 2004.

10. Mark Cornwell et al., "A Policy Based Collaboration Infrastructure for P2P Networking", InProceedings, Twelfth International Conference on Telecommunication Systems, Modeling and Analysis, July 2004.

11. Lalana Kagal et al., "Modeling Conversation Policies using Permissions and Obligations", InProceedings, AAMAS 2004 Workshop on Agent Communication (AC2004), July 2004, 3656 downloads.

12. Lalana Kagal et al., " Authorization and Privacy for Semantic Web Services", Article, IEEE Intelligent Systems (Special Issue on Semantic Web Services), July 2004, 2023 downloads.

13. Pranam Kolari, "Enhancing Web Privacy with Policy Language and Trust", MastersThesis, UMBC Master's thesis, May 2004, 3987 downloads.

14. Mark Cornwell et al., "Autonomic Policy-Based Collaboration for Cross-Agency Human Teams", InProceedings, Conference on the Human Impact and Application of Autonomic Computing Systems (CHIACS2), April 2004, 3254 downloads.

15. Lalana Kagal et al., "Authorization and Privacy for Semantic Web Services", InProceedings, First International Semantic Web Services Symposium, AAAI 2004 Spring Symposium, March 2004, 7934 downloads.


16. Grit Denker et al., "Security for DAML Web Services: Annotation and Matchmaking", InProceedings, Second International Semantic Web Conference , September 2003, 3514 downloads.

17. Lalana Kagal et al., "A Policy Based Approach to Security for the Semantic Web", InProceedings, 2nd International Semantic Web Conference (ISWC2003), September 2003, 10088 downloads.

18. Lalana Kagal et al., "A Policy Language for A Pervasive Computing Environment", InCollection, IEEE 4th International Workshop on Policies for Distributed Systems and Networks, June 2003, 4212 downloads.


19. Lalana Kagal et al., "Centaurus : An Infrastructure for Service Management in Ubiquitous Computing", Article, ACM Wireless Networks Journal, November 2002, 2005 downloads.

20. Lalana Kagal et al., "A Security Architecture Based on Trust Management for Pervasive Computing Systems", InProceedings, Grace Hopper Celebration of Women in Computing, October 2002, 4814 downloads.

21. Lalana Kagal et al., "An Approach to Dynamic Service Management in Pervasive Computing", InProceedings, Proceedings of the Grace Hopper Celebration of Women in Computing, October 2002, 2315 downloads.

22. Lalana Kagal, "An Agent Approach to Security for Pervasive Computing Environments", InProceedings, Doctoral Consortium, The Eighteenth National Conference on Artificial Intelligence (AAAI 02), July 2002.

23. Lalana Kagal et al., "Developing Secure Agent Systems Using Delegation Based Trust Management", InProceedings, Security of Mobile Multi-Agent Systems Workshop, Autonomous Agents and Multiagent Systems (AAMAS 2002) , July 2002, 4603 downloads.

24. Lalana Kagal et al., "Agents Making Sense of the Semantic Web", InProceedings, First GSFC/JPL Workshop on Radical Agent Concepts (WRAC), January 2002, 3515 downloads.


25. Lalana Kagal et al., "Trust-Based Security in Pervasive Computing Environments", Article, IEEE Computer, December 2001, 7991 downloads.

26. Lalana Kagal et al., "A Delegation Based Model for Distributed Trust", InProceedings, Workshop on Autonomy, Delegation, and Control: Interacting with Autonomous Agents, International Joint Conferences on Artificial Intelligence, August 2001, 366 downloads.

27. Lalana Kagal et al., "A Framework for Distributed Trust Management", InProceedings, Second Workshop on Norms and Institutions in multi-agent systems, June 2001, 2997 downloads.

28. Lalana Kagal et al., "Centaurus : A Framework for Intelligent Services in a Mobile Environment", InProceedings, International Workshop of Smart Appliances and Wearable Computing at the 21st International Conference of Distributed Computing Systems, April 2001, 4997 downloads.

3 Non-Refereed Publications


1. Pranam Kolari et al., "Enhancing P3P Framework through Policies and Trust", TechReport, UMBC Technical Report, TR-CS-04-13, September 2004, 3196 downloads.

2. Anjali Bharat Shah et al., "Policy Development Software for Security Policies", TechReport, DIMACS workshop on Usable Privacy and Security Software, July 2004.


3. Lalana Kagal et al., "Vigil: Providing Trust for Enhanced Security in Pervasive Systems", TechReport, University of Maryland, Baltimore County, August 2002, 4558 downloads.


There are 14 associated resources:  Hide the list...

1. A Policy Specification Language for Governing Open, Dynamic Distributed Environments, Presentation.

2. Authorization and Privacy for Semantic Web Services, Web Site.

3. Chiacs 2004 presentation, Presentation.

4. DAS poster, Poster.

5. Integrated Development Environment for Policies, Presentation.

6. Modeling Conversation Policies as Policies, Presentation.

7. RAP Implementation Presentation, Presentation.

8. RAP: RDF Access-control Policies Presentation, Presentation.

9. Rei in Task Computing, Presentation.

10. Rei in Task Computing Movie, Web Site.

11. Rei and RUles, Presentation.

12. Rei examples, Web Site.

13. Rei Ontologies, Web Site.

14. Rei Specifications, Web Site.


Research Areas:
 Security, Trust and Privacy
 Semantic Web