NSF Cyber Trust Annual Principal Investigator Meeting September 2005 Newport Beach, California UMBC an Honors University in Maryland Trust and Security for the Semantic Web Autonomous agents need policies as “norms of behavior” In OS, networking, data management, applications, multiagent systems, pervasive environments, etc. Especially to secure complex open, distributed, dynamic environments Traditional “hard coded” rules like DB access control & file permissions depending on known entities won’t work! Trust associations based on attributes are needed Interesting issues abound How agents governed by multiple policies can resolve conflicts among them How to enforce policies via sanctions, reputation, escalation, etc. How to modify policies dynamically How to make policy engineering easier than software engineering Tim Finin and Anupam Joshi Current policy frameworks Procedural policies prevent reasoning Limited representational power complicates authoring Lack of grounding in common, shared ontologies Rei policy language Declarative policies based on deontic logic enable reasoning Descriptions grounded in Semantic Web promote shared models OWL + rules provide greater expressive power Rei is a declarative policy language developed in Lalana Kagal’s Ph.D. dissertation (2004)Rei is a declarative policy language developed in Lalana Kagal’s Ph.D. dissertation (2004) Based on deontic concepts of permission, prohibition, obligation, and dispensationBased on deontic concepts of permission, prohibition, obligation, and dispensation Supports policy amendment via speech acts including delegation, revocation, request, and cancelSupports policy amendment via speech acts including delegation, revocation, request, and cancel Meta policies govern priority, modality preference & defaultsMeta policies govern priority, modality preference & defaults Policy engineering tools include a policy IDE in EclipsePolicy engineering tools include a policy IDE in Eclipse 1 A robot may not injure a human being, or, through inaction, allow a human being to come to harm. 2 A robot must obey the orders given it by human beings except where such orders would conflict with the First Law. 3 A robot must protect its own existence as long as such protection does not conflict with the First or Second Law. An early policy for agents This symbol is the Kanji character Rei (meaning “essence”) as well as the Chinese character Li (meaning “proper norms of behavior”) Applications of Rei Security in semantic web services Privacy and trust on the Internet Access control for an RDF triple store Policies for team formation, collaboration, and information flow in multi-agent systems Authorization and privacy policies for pervasive computing environments Security policy enforcement on hand-held devices Coordinating access in supply chain management systems XSB FLORA YAJXB USER JAVA API FOWL REI REI INTERFACE Rei is implemented in the XSB logic programming system using the Flora F-Logic package and the F-OWL reasoning system for the Web ontology language OWL. A user interface and a JAVA API are provided as well as modules for the Eclipse IDE.