Towards a theory of declarative knowledge
Foundations of deductive databases and logic programming
Second generation expert system explanation
Second generation expert systems
Stable models and non-determinism in logic programs with negation
PODS '90 Proceedings of the ninth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
Dynamically distributed query evaluation
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
Explanations in Knowledge Systems: The Roles of the Task Structure and Domain Functional Models
IEEE Expert: Intelligent Systems and Their Applications
Explanations in Knowledge Systems: Design for Explainable Expert Systems
IEEE Expert: Intelligent Systems and Their Applications
KeyNote: Trust Management for Public-Key Infrastructures (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Agent-Oriented Enterprise Modeling Based on Business Rules
ER '01 Proceedings of the 20th International Conference on Conceptual Modeling: Conceptual Modeling
A Logical Framework for Reasoning on Data Access Control Policies
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Representation and reasoning for DAML-based policy and domain services in KAoS and nomads
AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
Requirements for Policy Languages for Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
The description logic handbook: theory, implementation, and applications
The description logic handbook: theory, implementation, and applications
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Security of shared data in large systems: state of the art and research directions
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Authorization and Privacy for Semantic Web Services
IEEE Intelligent Systems
IEEE Intelligent Systems
Driving and Monitoring Provisional Trust Negotiation with Metapolicies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Enhancing Web Privacy Protection through Declarative Policies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
PeerAccess: a logic for distributed authorization
Proceedings of the 12th ACM conference on Computer and communications security
A Distributed Tabling Algorithm for Rule Based Policy Systems
POLICY '06 Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks
Advanced Policy Explanations on the Web
Proceedings of the 2006 conference on ECAI 2006: 17th European Conference on Artificial Intelligence August 29 -- September 1, 2006, Riva del Garda, Italy
Explaining answers from the Semantic Web: the Inference Web approach
Web Semantics: Science, Services and Agents on the World Wide Web
Semantic web policies – a discussion of requirements and research issues
ESWC'06 Proceedings of the 3rd European conference on The Semantic Web: research and applications
Ontology-Based policy specification and management
ESWC'05 Proceedings of the Second European conference on The Semantic Web: research and Applications
Trust negotiation for semantic web services
SWSWPC'04 Proceedings of the First international conference on Semantic Web Services and Web Process Composition
Leveraging the Social Semantic Web in Intelligent Tutoring Systems
ITS '08 Proceedings of the 9th international conference on Intelligent Tutoring Systems
SecurOntology: A semantic web access control framework
Computer Standards & Interfaces
Combining objects with rules to represent aggregation knowledge in data warehouse and OLAP systems
Data & Knowledge Engineering
Refinement of history-based policies
Logic programming, knowledge representation, and nonmonotonic reasoning
Approximations for explanations of inconsistency in partially known multi-context systems
LPNMR'11 Proceedings of the 11th international conference on Logic programming and nonmonotonic reasoning
A framework and implementation for secure knowledge management in large communities
i-KNOW '11 Proceedings of the 11th International Conference on Knowledge Management and Knowledge Technologies
Journal of Computer and System Sciences
Hi-index | 0.00 |
The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines the identity of the requester in order to either grant or deny access, depending on its associated information (e.g., by looking up its set of permissions). In the Semantic Web, any two strangers can interact with each other automatically and therefore this assumption does not hold. Hence, a semantically enriched process is required in order to regulate an automatic access to sensitive information. Policy-based access control provides sophisticated means in order to support protecting sensitive resources and information disclosure. However, the term policy is often overloaded. A general definition might be "a statement that defines the behaviour of a system". However, such a general definition encompasses different notions, including security policies, trust management policies, business rules and quality of service specifications, just to name a few. Researchers have mainly focussed on one or more of such notions separately but not on a comprehensive view. Policies are pervasive in web applications and play crucial roles in enhancing security, privacy, and service usability as well. Interoperability and self-describing semantics become key requirements and here is where Semantic Web comes into play. There has been extensive research on policies, also in the Semantic Web community, but there still exist some issues that prevent policy frameworks from being widely adopted by users and real world applications. This document aims at providing an overall view of the state of the art (requirements for a policy framework, some existing policy frameworks/ languages, policy negotiation, context awareness, etc.) as well as open research issues in the area (policy understanding in a broad sense, integration of trust management, increase in system cooperation, user awareness, etc.) required to develop a successful Semantic Policy Framework.