Anupam Joshi University of Maryland, Baltimore County Joint work with Tim Finin and several students Computational/Declarative Policies.

Slides:



Advertisements
Similar presentations
ROWLBAC – Representing Role Based Access Control in OWL
Advertisements

1DAML PI meeting, October DAML and Agents DAML and Agents Breakout Session DAML PI Meeting 17 October 2002 Tim Finin.
Policy based Cloud Services on a VCL platform Karuna P Joshi, Yelena Yesha, Tim Finin, Anupam Joshi University of Maryland, Baltimore County.
Policy Description & Enforcement Languages Anis Yousefi
SmartER Semantic Cloud Sevices Karuna P Joshi University of Maryland, Baltimore County Advisors: Dr. Tim Finin, Dr. Yelena Yesha.
Pranam Kolari – Policy 2005 Enhancing Web Privacy Protection Through Declarative Policies Pranam Kolari 1 Li Ding 1, Lalana Kagal 2, Shashi Ganjugunte.
XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.
Chapter 25: Challenges and Extensions Service-Oriented Computing: Semantics, Processes, Agents – Munindar P. Singh and Michael N. Huhns, Wiley, 2005.
Robots & Responsibility. Asimov's Three Laws A robot may not injure a human being or, through inaction, allow a human being to come to harm. A robot must.
Virtual Organizations as Normative Multiagent Systems Guido Boella Università di Torino, Joris Hulstijn Vrije Universiteit, Amsterdam,
B. Proposed Revisions to UT HOP 3.16 Threatened Faculty Retrenchment (D )— Janet Staiger (professor, radio- television-film and committee chair).
Audumbar Chormale Advisor: Dr. Anupam Joshi M.S. Thesis Defense
1 of 30 Declarative Policies for Describing Web Service Capabilities and Constraints Lalana Kagal Tim Finin Anupam Joshi University of Maryland Baltimore.
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
Ethics and Social Responsibility
An Intelligent Broker Architecture for Context-Aware Systems A PhD. Dissertation Proposal in Computer Science at the University of Maryland Baltimore County.
Katanosh Morovat.   This concept is a formal approach for identifying the rules that encapsulate the structure, constraint, and control of the operation.
Anupam Joshi and Tim Finin Ebiquity UMBC
Pranam Kolari – Policy 2005 Enhancing Web Privacy Protection Through Declarative Policies Pranam Kolari 1 Li Ding 1, Lalana Kagal 2, Shashi Ganjugunte.
A Modeling Language to Model Norms Karen Figueiredo Viviane Torres da Silva Universidade Federal Fluminense (UFF)
Web Policy Zeitgeist Panel SWPW 2005 – Galway, Ireland Piero Bonatti, November 7th, 2005.
Intelligent Agents Meet the Semantic Web in Smart Spaces Harry Chen,Tim Finin, Anupam Joshi, and Lalana Kagal University of Maryland, Baltimore County.
Robotic Ethics Shahid Iqbal Tarar. Robotics and Ethics Is new science or branch or a field of application of Engineering? Actually Discipline born from.
SOUPA: Standard Ontology for Ubiquitous and Pervasive Applications Harry Chen, Filip Perich, Tim Finin, Anupam Joshi Department of Computer Science & Electrical.
MITREMITRE Coalition Security Policy Language Project 11 December 2000.
Tim Finin University of Maryland, Baltimore County 29 January 2013 Joint work with Anupam Joshi, Laura Zavala and our students SRI Social Media Workshop.
Modeling  Conversation  Policies using Permissions  and  Obligations Lalana Kagal and Tim Finin University of Maryland, Baltimore County AAMAS Workshop.
Pervasive software interoperability for the Operating Room of the Future May 10, 2005.
Ontology-based and Rule-based Policies: Toward a Hybrid Approach to Control Agents in Pervasive Environments The Semantic Web and Policy Workshop – ISWC.
AMPol-Q: Adaptive Middleware Policy to support QoS Raja Afandi, Jianqing Zhang, Carl A. Gunter Computer Science Department, University of Illinois Urbana-Champaign.
PLANNING IN THE PRESENCE OF ETHICAL REQUIREMENTS RONALD C. ARKIN SCHOOL OF INTERACTIVE COMPUTING GEORGIA TECH.
Rei and Rules Tim Finin, UMBC Lalana Kagal, MIT Tim Finin, UMBC Lalana Kagal, MIT.
Semantics for Cybersecurity and Privacy Tim Finin, UMBC Joint work with Anupam Joshi, Karuna Joshi, Zareen Syed andmany UMBC graduate students
1 Vigil : Enforcing Security in Ubiquitous Environments Authors : Lalana Kagal, Jeffrey Undercoffer, Anupam Joshi, Tim Finin Presented by : Amit Choudhri.
The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.
11 Usage policies for end point access control  XACML is Oasis standard to express enterprise security policies with a common XML based policy language.
Refrain Policy Vocabulary HL7 Security WG Kathleen Connor VA (ESC) January 2012.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
I.H. TorosluESSW Workshop Budapest May 20, A Semantic based Privacy Framework for Web Services Arif Tumer, Asuman Dogac, Hakki Toroslu Middle East.
What’s MPEG-21 ? (a short summary of available papers by OCCAMM)
A Policy Based Approach to Security for the Semantic Web Lalana Kagal, Tim Finin and Anupam Joshi.
Introduction to Semantic Web Service Architecture ► The vision of the Semantic Web ► Ontologies as the basic building block ► Semantic Web Service Architecture.
Temporal Ontology Shervin Daneshpajouh ce.sharif.edu/~daneshpajouh.
11 Restricting key use with XACML* for access control * Zack’-a-mul.
Computational Policies in a Need to Share Environment Tim Finin University of Maryland, Baltimore County SemGrail workshop, Redmond WA, 21 June 2007.
Robotic Ethics Shahid Iqbal Tarar. Robotics and Ethics A new science or an integral part of Engineering? Actually Discipline born from Computer Science,
1 Security and Services in Mobiquitous Computing Tim Finin University of Maryland, Baltimore County Mobiquitous ’04, 24 August 2004
DS - Spring 2006 Ontology & Pervasive Computing 1 ONTOLOGY & PERVASIVE COMPUTING Elham Paikari Distributed Systems – Spring 2006 Computer Engineering Department.
Ethics Systematizing, defending, and recommending concepts of right and wrong behavior
1 Ethical Issues in Computer Science CSCI 328, Fall 2013 Session 7 Ethics in IT Societies.
Policy-Based Dynamic Negotiation for Grid Services Authorization Ionut Constandache, Daniel Olmedilla, Wolfgang Nejdl Semantic Web Policy Workshop, ISWC’05.
15 Copyright © 2004, Oracle. All rights reserved. Adding JAAS Security to the Client.
1 T. Hill Review of: ROWLBAC – Representing Role Based Access Control in OWL T. Finin, A. Joshi L. Kagal, B. Thuraisingham, J. Niu, R. Sandhu, W. Winsborough.
Semantic Web in Context Broker Architecture Presented by Harry Chen, Tim Finin, Anupan Joshi At PerCom ‘04 Summarized by Sungchan Park
NSF Cyber Trust Annual Principal Investigator Meeting September 2005 Newport Beach, California UMBC an Honors University in Maryland Trust and Security.
Selected Semantic Web UMBC CoBrA – Context Broker Architecture  Using OWL to define ontologies for context modeling and reasoning  Taking.
1 Web Services for Semantic Interoperability and Integration Tim Finin University of Maryland, Baltimore County Dagstuhl, 20 September 2004
DON Code of Privacy Act Fair Information Principles DON has devised a list of principles to be applied when handling Protected Personal Information (PPI).
COUNTY COUNSEL Brown Act Public Records Act Presenter: Janice D. Killion Public Records Act – Ethics – Conflicts of Interest.
Service-Oriented Computing: Semantics, Processes, Agents
Argumentation Protocol
Policy based Cloud Services on a VCL platform
Service-Oriented Computing: Semantics, Processes, Agents
Service-Oriented Computing: Semantics, Processes, Agents
Exploring Computer Science Lesson 6-1
Service-Oriented Computing: Semantics, Processes, Agents
University of Maryland, Baltimore County
Policy reasoning A policy is a set of norms that define optimal behavior of agents in a system What does policy reasoning usually entail ? Proving that.
Access Control What’s New?
Presentation transcript:

Anupam Joshi University of Maryland, Baltimore County Joint work with Tim Finin and several students Computational/Declarative Policies

An early declarative policy 1 A robot may not injure a human being, or, through inaction, allow a human being to come to harm. 2 A robot must obey the orders given it by human beings except where such orders would conflict with the First Law. 3 A robot must protect its own existence as long as such protection does not conflict with the First or Second Law. -- Handbook of Robotics, 56th Edition, 2058 A.D.

On policies, rules and laws The interesting thing about Asimov’s laws were that robots did not always strictly follow them. This is a point of departure from more traditional “hard coded” rules like DB access control, and OS file permissions For autonomous agents, we need policies that describe “norms of behavior” that they should follow to be good citizens. So, it’s natural to worry about issues like – When an agent is governed by multiple policies, how does it resolve conflicts among them? – How can we define penalties when agents don’t fulfill their obligations? – How can we relate notions of trust and reputation to policies?

What’s a Declarative Policy? In computing contexts, a policy is a set of rules or constraints governing what to do in a situation Procedural policies are often written as code (e.g., if X do Y else do Z) and trigger actions Declarative policies are often written as logical constraints on a (requested) action and decide whether it is permitted, prohibited or required Access control mechanisms in an OS or DB are examples of declarative policies 4/46

General approach A declarative policy describes a system’s actions or behavior “Describes” can be – Specifies: whenever X, do Y – Constrains: doing X is permitted – Advises: whenever X, doing Y is preferred to doing Z Public policies and common policies foster interoperability and cooperation – Languages based on semantic web technologies

The Role of Ontologies We will require shared ontologies to support this framework A common ontology to represent basic concepts: agents, actions, permissions, obligations, prohibitions, delegations, credentials, etc. Appropriate shared ontologies to describe classes, properties and roles of people and agents, e.g., – “any device owned by Don Norris” – “any request from a faculty member at UMBC” Ontologies to encode policy rules

Need to Know, Need to Share Traditional information security frame-works are based on “need to know” Unless you can prove that you have a pre-arranged right to access this information, you can’t have it The 9/11 commission recommended moving from this to “need to share” I think this information may be important for you to accomplish your mission and would like to share it with you Need to share modulated by context!

Required Capabilities Semantic Interoperability Unknown principals Context Speech acts and negotiation Adjustable privacy Usage control, enforcement, accountability Explanations and provenance Ramifications

9