Deploying Trust Policies on the Semantic Web Brian Matthews and Theo Dimitrakos.
-
Upload
arnold-benson -
Category
Documents
-
view
214 -
download
0
Transcript of Deploying Trust Policies on the Semantic Web Brian Matthews and Theo Dimitrakos.
Deploying Trust Policies on the Semantic Web
Brian Matthews and Theo Dimitrakos
A Service Vision• Dynamic virtual organisations over Web Services
– Establishing trust between agents that have no prior knowledge of each other
– Transferring trust from third parties– Establishing service-level agreements which can be relied upon
• Could prevent the growth of future wide area distributed systems
• Distributed collaborations– On demand – Dynamic – Goal oriented.
• Within a service vision we need confidence that parties will behave “as advertised”– Security, reliability, confidentiality
• Confidence in the behaviour of parties is formed by a combination of:– Trust– Control measures
Towards a Service Framework• A framework process to support service architecture:
– Publication– Discovery– Establishment– Monitoring– Enforcement– Review
• At all stages in the process, parties need to communicate their needs
– Need to establish a common vocabulary to support the collaboration– Need to communicate constraints– Dependent on the business context– This is likely to be different for each party.
• Problem in establishing the common language.
Semantic Web:A Layered Architecture
Basic Syntax of the Web
Language of triples for describing resources
Formalism for defining and sharing vocabularies
Reasoning over statements about resources
“The Web of Trust”
So can it help?• Can the Semantic Web help us to ease the
development of Service oriented architecture?– “Yes” – Semantic Web Services.
• In particular, can it help support the trust management in such a system?– “Yes”– Some work done already– Need completing and joining up.
• But Why?– Because it is there!– Offers an established way of describing resources and their
properties– Designed to work over distributed resources– Lots of cheap tools and experience available– “The Network Effect”
Service Discovery
• Semantic matching of service descriptions• Establishing relationships between terms• “Sufficiently good” matching• Lots of work in this area
– Semantic web services, OWL-S…
• Expressiveness?• Non-functional requirements (privacy,
reliability, accuracy ...)
Policy Publication
• A vocabulary of rights and obligations• KAoS provides an OWL Ontology• Description logic reasoning• Combine with other ontologies describing the
business structure.• Needs to be integrated with a trust metrics.
Service Negotiation
• Negotiation of terms of use • Develop a SLA or Contract to access the
resource• Again we need to negotiate common
vocabulary – Semantic web has a role here– Use trust valuations– Expressiveness of constraints?
• A relatively open field
Trust Evaluation• The Semantic Web provides a
rich network of resources• Add trust valuations to links • Calculated the propagation of
trust• FOAF is a candidate for adding
trust values to links between people
• Needs a more comprehensive trust model
• Is it realistic?– Requires a birds-eye view– Recommender services – PICS
• Trust community can do better!Golbeck, Hendler and
Parsla 2002
A
B
T(A,B) = f(T(A,j), T(j,B))
Monitoring and review
• We need to keep the operation of the service under review
• Update our trust metrics– Especially as other relationships may be going on
in parallel
• Modify actions appropriately• Work needed here.
Interoperability is key
• Policy and trust statements become part of the information assets of the company.
• Can be combined freely with other data expressed using the Semantic Web – And which are located anywhere.
“Give me all those services with description X provided by any company A who is recommended by any B whose judgement I trust to the level 0.8”
Waiting for the “network effect”
So Work to be Done!
• Bringing together a coherent scheme to support this framework in the Semantic Web
– Provide better modelling of “trust harvesting” in the Semantic Web
– Representation of Policies– Using Trust valuation and monitoring to control
behaviour– Integrating policies with service negotiation– Contract negotiation and representation
SWAD-Europe
Thesuari Queries
Trust
Semantic Portals
SW + WS Semantic Blogging
XML + RDFAccessibility
Scaleability
AnnotationsDatabases
Visualisation
What we are doing?
• Survey of Web and trust methods– Those already in Semantic Web: PICS, P3P, CC/PP– Other Web trust initiatives: XSig, XEncrypt, XACML, SAML, – Other distributed trust work: e.g. Ponder, trust evaluation.
• Usage scenarios of trust on the Web– E-Commerce, access control, …
• Framework for Trust within the Semantic Web.– Ontologies for trust statements– Applying trust policies
• Develop tools for processing RDF statements against policies.
• Relate general trust values across all the applications– A general trust framework for the Semantic Web
Influence the community – e.g. TrustCoM!
Brian Matthews: [email protected]
Theo Dimitrakos: [email protected]
http://www.w3.orghttp://www.w3c.rl.ac.uk/swad