A Policy Based Approach to Security for the Semantic Web
Lalana Kagal,
Tim Finin and Anupam Joshi Abstract : The Semantic Web is a future generation of the current Web, where resources are annotated with machine understandable meta-data, allowing the automation of the retrieval and usage of these resources in their correct contexts. Along with developing specifications for the description of meta-data and the extraction of information, there is an immediate and critical need - the ability to maximize security in an environment that is fundamentally dynamic, open and devoid of many of the clues human societies have relied on for security assessment. Our research investigates the marking up of web entities with a semantic policy language and the use of distributed policy management as an alternative to traditional authentication and access control schemes, for providing a security framework for the Semantic Web. The policy language represents an ontology grounded in Resource Description Framework Schema (RDF-S). The language allows policies to be described in terms of deontic concepts and models speech acts that allow for dynamic modification of existing policies, decentralized security control and that allow policies to be less exhaustive. We present a security framework built around a policy engine that addresses the issues of security for web resources, agents and services in the Semantic Web. In Proceedings of 2nd International Semantic Web Conference (ISWC2003), Sanibel Island, Florida, USA, October 20-23, 2003 |