A Rule-Based Trust Negotiation System

Open distributed environments, such as the World Wide Web, facilitate information sharing but provide limited support to the protection of sensitive information and resources. Trust negotiation (TN) frameworks have been proposed as a better solution for open environments, in which parties may get in touch and interact without being previously known to each other. In this paper, we illustrate Protune, a rule-based TN system. By describing Protune, we will illustrate the advantages that arise from an advanced rule-based approach in terms of deployment efforts, user friendliness, communication efficiency, and interoperability. The generality and technological feasibility of Protune's approach are assessed through an extensive analysis and experimental evaluations.

[1]  Piero A. Bonatti,et al.  Comparing Rule-Based Policies , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[2]  Zhi-Zhong Chen,et al.  The complexity of selecting maximal solutions , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[3]  Marianne Winslett,et al.  Requirements for policy languages for trust negotiation , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[4]  Ninghui Li,et al.  RT: a Role-based Trust-management framework , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[5]  Michael Backes,et al.  Efficient comparison of enterprise privacy policies , 2004, SAC '04.

[6]  Michael Kifer,et al.  Semantic Web Service Choreography: Contracting and Enactment , 2008, International Semantic Web Conference.

[7]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[8]  Tommi Syrjänen Omega-Restricted Logic Programs , 2001, LPNMR.

[9]  Dennis G. Kafura,et al.  First experiences using XACML for access control in distributed systems , 2003, XMLSEC '03.

[10]  Pierangela Samarati,et al.  Logics for Authorization and Security , 2003, Logics for Emerging Applications of Databases.

[11]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[12]  Jürgen Dix,et al.  Heterogenous Active Agents , 2000 .

[13]  Anne H. Anderson An introduction to the Web Services Policy Language (WSPL) , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[14]  Steffen Staab,et al.  The Pudding of Trust , 2004, IEEE Intell. Syst..

[15]  Timothy W. Finin,et al.  A policy language for a pervasive computing environment , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[16]  Georg Gottlob,et al.  Complexity and expressive power of logic programming , 2001, CSUR.

[17]  Francesco M. Donini,et al.  Concept abduction and contraction for semantic-based discovery of matches and negotiation spaces in an e-marketplace , 2004, ICEC '04.

[18]  Chris Hanson,et al.  Using Dependency Tracking to Provide Explanations for Policy Management , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[19]  Marianne Winslett,et al.  PeerAccess: a logic for distributed authorization , 2005, CCS '05.

[20]  Gunter Saake,et al.  Logics for Emerging Applications of Databases , 2003, Springer Berlin Heidelberg.

[21]  Xi Deng,et al.  Resolution Based Explanations for Reasoning in the Description Logic ALC , 2006, CSWWS.

[22]  T. Eiter,et al.  Automated Negotiation Mechanisms , 2006 .

[23]  Piero A. Bonatti,et al.  Advanced Policy Explanations on the Web , 2006, ECAI.

[24]  Munindar P. Singh,et al.  Choice, interoperability, and conformance in interaction protocols and service choreographies , 2009, AAMAS.

[25]  Amir Herzberg,et al.  Access control meets public key infrastructure, or: assigning roles to strangers , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[26]  Deborah L. McGuinness,et al.  Explaining answers from the Semantic Web: the Inference Web approach , 2004, J. Web Semant..

[27]  Peter Sewell,et al.  Cassandra: distributed access control policies with tunable expressiveness , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[28]  Andrea Omicini,et al.  tu Prolog: A Light-Weight Prolog for Internet Applications and Infrastructures , 2001, PADL.

[29]  Marianne Winslett,et al.  No Registration Needed: How to Use Declarative Policies and Negotiation to Access Sensitive Resources on the Semantic Web , 2004, ESWS.

[30]  Nahid Shahmehri,et al.  Privacy in the Semantic Web: What Policy Languages Have to Offer , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).

[31]  Piero A. Bonatti,et al.  Driving and monitoring provisional trust negotiation with metapolicies , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).

[32]  Michael R. Wick Second generation expert system explanation , 1993 .

[33]  Meghyn Bienvenu,et al.  Complexity of Abduction in the EL Family of Lightweight Description Logics , 2008, KR.

[34]  Steven R. Haynes,et al.  Explanation in information systems : a design rationale approach , 2002 .

[35]  N. Shahmehri,et al.  An Integration of Reputation-based and Policy-based Trust Management , 2005 .

[36]  Ian Horrocks,et al.  Explaining ALC Subsumption , 2000, Description Logics.

[37]  Francesco M. Donini,et al.  Fully Automated Web Services Discovery and Composition Through Concept Covering and Concept Abduction , 2007, Int. J. Web Serv. Res..

[38]  K.E. Seamons,et al.  Automated trust negotiation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[39]  Jeffrey M. Bradshaw,et al.  KAoS policy and domain services: toward a description-logic approach to policy representation, deconfliction, and enforcement , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[40]  Pierangela Samarati,et al.  Regulating service access and information release on the Web , 2000, CCS.

[41]  Piero A. Bonatti,et al.  On Interoperable Trust Negotiation Strategies , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).