Web Policy Zeitgeist Panel SWPW 2005 – Galway, Ireland Piero Bonatti, November 7th, 2005.

Slides:

Advertisements

Similar presentations

4. May 2007 Workshop on Dynamic Service Level AgreementsPage 1 Dynamic SLA Negotiation in BREIN Bastian Koller High Performance Computing Center Stuttgart.

Advertisements

Infrastructure Working Group. Infrastructure vs. Services SecurityAuthentication Service Infrastructure.

Infrastructure vs. Services SecurityAuthenticationTransactions Services.

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Semantic Web Policies - A Discussion of Requirements and Research Issues SHIVARAMAN RAGHURAMAN SHIVARAMAN RAGHURAMAN MUKESH SUSILKUMAR MUKESH SUSILKUMAR.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

Trust, Security and Privacy in Learning Networks Daniel Olmedilla L3S Research Center / Hannover University Learning Networks in Practice 10 th May, 2007.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

1 CSIT600f: Introduction to Semantic Web Conclusion and Outlook Dickson K.W. Chiu PhD, SMIEEE Text: Antoniou & van Harmelen: A Semantic Web PrimerA Semantic.

0 General information Rate of acceptance 37% Papers from 15 Countries and 5 Geographical Areas –North America 5 –South America 2 –Europe 20 –Asia 2 –Australia.

A Context Framework for Ambient Intelligence. Context servers Motivation interoperable Machine processable Security & privacy.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Alan Dekok, CTO Terena June 2 Why Identity Management is hard.

Protecting Children Leon Thomas Head of Regulatory Compliance, PartyGaming EGBA Chair of Compliance and Responsible Gaming Committee.

Using Digital Credentials On The World-Wide Web M. Winslett.

Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations Philipp Kärger, Daniel Olmedilla, Wolf-Tilo Balke L3S Research.

Can Network Security be Fun? An agent-based Simulation Model and Game Proposal "A computer lets you make more mistakes faster than any invention in human.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Chapter 7 Storing Organizational Information - Databases.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Republic of Sudan Ministry of Telecoms & Information Technology National Committee for Digital Certification ELECTRONIC ID IN ONLINE ADMISSION FOR UNIVERSITIES.

1 Network Quarantine At Cornell University Steve Schuster Director, Information Security Office.

Windows 2003 and 802.1x Secure Wireless Deployments.

An Intelligent Broker Architecture for Context-Aware Systems A PhD. Dissertation Proposal in Computer Science at the University of Maryland Baltimore County.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.

Model Bank Testing Accelerators “Ready-to-use” test scenarios to reduce effort, time and money.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Multi-faceted Cyber Security Research Group edited strategy.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Identity and Privacy: the.

Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, October 2002 Marco Casassa Mont Richard.

Mining the Semantic Web: Requirements for Machine Learning Fabio Ciravegna, Sam Chapman Presented by Steve Hookway 10/20/05.

X-Road – Estonian Interoperability Platform

Privacy provision in e-learning standardized systems: status and improvements 指導教授：溫嘉榮教授暑資碩三：吳清淵 M

EMI INFSO-RI SA2 - Quality Assurance Alberto Aimar (CERN) SA2 Leader EMI First EC Review 22 June 2011, Brussels.

CSC8320. Outline Content from the book Recent Work Future Work.

Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.

Linked-data and the Internet of Things Payam Barnaghi Centre for Communication Systems Research University of Surrey March 2012.

UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma

A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

Protune Rule-based Policies on the Semantic Web Daniel Olmedilla L3S Research Center & Hannover University PUC Seminar Aug. 21st, 2007, Rio de Janeiro,

I.H. TorosluESSW Workshop Budapest May 20, A Semantic based Privacy Framework for Web Services Arif Tumer, Asuman Dogac, Hakki Toroslu Middle East.

Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Vision for Semantic Web.

ISPAB Panel on Usable Security Mary Frances Theofanos - NIST Ellen Cram Kowalczyk - Microsoft.

Of 33 lecture 1: introduction. of 33 the semantic web vision today’s web (1) web content – for human consumption (no structural information) people search.

16/11/ Semantic Web Services Language Requirements Presenter: Emilia Cimpian

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Smart, Secure and Sustainable Home: A Socio-Technological Perspective Aleksandr.

Computer Science and Engineering 1 Mobile Computing and Security.

Policy-Based Dynamic Negotiation for Grid Services Authorization Ionut Constandache, Daniel Olmedilla, Wolfgang Nejdl Semantic Web Policy Workshop, ISWC’05.

E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.

Internet 2 and DoDHE: Research Issues From The iSchool Perspective Mike Eisenberg Dean and Professor The Information School University of Washington, Oct.

Basic Security Cor Loef Philips Medical Systems Co-Chair IHE Radiology Technical Committee.

Security Bob Cowles

Chapter 8A Semantic Web Primer 1 Chapter 8 Conclusion and Outlook Grigoris Antoniou Frank van Harmelen.

Anupam Joshi University of Maryland, Baltimore County Joint work with Tim Finin and several students Computational/Declarative Policies.

Semantic Web Technologies Readings discussion Research presentations Projects & Papers discussions.

Context-Aware Middleware for Resource Management in the Wireless Internet US Lab 신현정.

A Context Framework for Ambient Intelligence

Stop Those Prying Eyes Getting to Your Data

Module 8: Securing Network Traffic by Using IPSec and Certificates

SECURITY MECHANISM & E-COMMERCE

CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION

THREE TIER MOBILE COMPUTING ARCHITECTURE

Securing Windows 7 Lesson 10.

Module 8: Securing Network Traffic by Using IPSec and Certificates

On Parametric Obligation Policies: Enabling Privacy-aware Information Lifecycle Management in Enterprises IEEE Policy Workshop 2007 Marco Casassa Mont.

Understanding Android Security

Presentation transcript:

Web Policy Zeitgeist Panel SWPW 2005 – Galway, Ireland Piero Bonatti, November 7th, 2005

SWPW, Nov The SWPW Panel2 Piero Bonatti, University of Naples Topics 1) Policies are not just about security or privacy 2) Policies are not islands 3) Policies must be integrated with ontologies 4) Policies must be norms 5) Policies must be X

SWPW, Nov The SWPW Panel3 Piero Bonatti, University of Naples 1. Policies are not just about security / privacy Aren't these policies, too? Business rules Quality of Service directives Visa eligibility criteria... All these policies make decisions grant/deny access, establish eligibility (visas), make discounts Based on similar pieces of information user / agent / server properties age, nationality, profile, identity, reputation, certifications...

SWPW, Nov The SWPW Panel4 Piero Bonatti, University of Naples Policies are not (only) passive objects Policies may specify Event logging Communications and notifications Workflow triggering such as (partly) manual registration procedures... So policies are about Decision support + behavior specifications declarative (despite the word “behavior”)

SWPW, Nov The SWPW Panel5 Piero Bonatti, University of Naples 2. Policies are not islands Decisions need data, information, and knowledge Each organization has its own Already available through legacy software and data A realistic solution must interoperate with them Third parties Credit card sites for validity checking Credential repositories Short term solution Mediation and integration techniques maybe wrappers instantiation efforts needed a challenge for SW interoperation approaches in the long run

SWPW, Nov The SWPW Panel6 Piero Bonatti, University of Naples 2. Policies are not islands What about standard security mechanisms? They are so robust and efficient Border routers Firewalls DBMS access control, maybe Web Server access control (well...) Can't we exploit them in our smart frameworks? Further advantage: avoid bottlenecks Centralized security monitors for high-level policies (XACML) Standard mechanisms are already widely supported credits: Arnie Rosenthal

SWPW, Nov The SWPW Panel7 Piero Bonatti, University of Naples 3. Policies must be integrated with ontologies Why, policies are already integrated with ontologies! Rules immersed in the policy Definition of authenticated user Definition of accepted ID Definition of accepted credit card Trusted CA Currently formulated in terms of credentials and declarations x.509 web forms rules No complex prerequisites!

SWPW, Nov The SWPW Panel8 Piero Bonatti, University of Naples 3. Policies must be integrated with ontologies Challenges: Interoperability on a larger scale interplay with legacy software and third parties lightweight evidence can be based on any web contents how to explain requirements in a machine- understandable way? a standard semantic web issue – ontologies still lightweight?... infrastructural prerequisites

SWPW, Nov The SWPW Panel9 Piero Bonatti, University of Naples 4. Policies must be norms How strict? Which logic? A lesson from IMPACT: Deontic “Agent Programs” Approach 1: what is possible determines a space of allowed actions what is obligatory determines concrete actions Redundant – eventually we didn't use possibility Approach 2: “obligatory” implies “possible” whatever concrete action you make becomes automatically possible Possibility is useless Should we really start with “traditional” approaches?

SWPW, Nov The SWPW Panel10 Piero Bonatti, University of Naples 4. Policies must be norms In our scenarios norms establish: A space of possible choices Please disclose a library card or a driving licence Release VISA or MASTERCARD credit card Maybe preferences A SSN is more sensitive than a library card And constraints Date of birth and address should not be disclosed together It is not immediately clear which is the right choice Is it really so much about deontic logic? Optimization, games,...?

SWPW, Nov The SWPW Panel11 Piero Bonatti, University of Naples 5. Policies must be X X = ACCESSIBLE Users should understand the policies applied by the systems that users interact with and users should be able to personalize those policies With pre-defined policies: machine violated in 5 min. With personalized policy: secure for 2 weeks (end of experiment) Know what your policy does not check (and avoid pitfalls) A social problem: Everybody's machine is on the internet Millions of computers can be exploited for attacks by taking advantage of the users' lack of technical competence

SWPW, Nov The SWPW Panel12 Piero Bonatti, University of Naples 5. Policies must be accessible Challenges: Make rules intelligible to the common user Use natural language? Suitably restricted to avoid ambiguities Explain policies and system decisions A classical AI problem – perfectly in line with SW Encourage people to personalize their policies

SWPW, Nov The SWPW Panel13 Piero Bonatti, University of Naples Conclusions (?) Polices & Trust Negotiation are important because: They might prove the effectiveness of semantic web ideas in the short term Nontrivial shared ontologies based on X rules Rule-based policies are important because: They might alleviate users' lack of awareness about their system's policy The main cause of today's world-scale security problems It is important to keep promises and deliver solutions