Skip to main content
SpringerLink
Log in

No Registration Needed: How to Use Declarative Policies and Negotiation to Access Sensitive Resources on the Semantic Web

  • Conference paper
The Semantic Web: Research and Applications (ESWS 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3053))

Included in the following conference series:

Abstract

Gaining access to sensitive resources on the Web usually involves an explicit registration step, where the client has to provide a predetermined set of information to the server. The registration process yields a login/password combination, a cookie, or something similar that can be used to access the sensitive resources. In this paper we show how an explicit registration step can be avoided on the Semantic Web by using appropriate semantic annotations, rule-oriented access control policies, and automated trust negotiation. After presenting the PeerTrust language for policies and trust negotiation, we describe our implementation of implicit registration and authentication that runs under the Java-based MINERVA Prolog engine. The implementation includes a PeerTrust policy applet and evaluator, facilities to import local metadata, policies and credentials, and secure communication channels between all parties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)

    Google Scholar 

  2. Camenisch, J., Herreweghen, E.: Design and Implementation of the Idemix Anonymous Credential System. In: ACM Conference on Computer and Communication Security, Washington D.C. (November 2002)

    Google Scholar 

  3. Eastlake, D., Reagle, J., Solo, D.: Xml-signature syntax and processing. W3C Recommendation (February 2002)

    Google Scholar 

  4. Grosof, B.: Representing e-business rules for the semantic web: Situated courteous logic programs in RuleML. In: Proceedings of the Workshop on Information Technologies and Systems (WITS), New Orleans, LA, USA (December 2001)

    Google Scholar 

  5. Grosof, B., Poon, T.: SweetDeal: Representing agent contracts with exceptions using XML rules, ontologies, and process descriptions. In: Proceedings of the 12th World Wide Web Conference, Budapest, Hungary (May 2003)

    Google Scholar 

  6. Hess, A., Jacobson, J., Mills, H., Wamsley, R., Seamons, K., Smith, B.: Advanced Client/Server Authentication in TLS. In: Network and Distributed System Security Symposium, San Diego, CA (February 2002)

    Google Scholar 

  7. International Telecommunication Union. Rec. X.509 - Information Technology - Open Systems Interconnection - The Directory: Authentication Framework (August 1997)

    Google Scholar 

  8. Jim, T.: SD3: A Trust Management System With Certified Evaluation. In: IEEE Symposium on Security and Privacy, Oakland, CA (May 2001)

    Google Scholar 

  9. Kagal, L., Finin, T., Joshi, A.: A policy based approach to security for the semantic web. In: Proceedings of the 2nd International Semantic Web Conference, Sanibel Island, Florida, USA (October 2003)

    Google Scholar 

  10. Lloyd, J.W.: Foundations of Logic Programming, 2nd edn. Springer, Heidelberg (1987)

    MATH  Google Scholar 

  11. Nejdl, W., Olmedilla, D., Winslett, M.: PeerTrust: automated trust negotiation for peers on the semantic web. Technical Report (October 2003)

    Google Scholar 

  12. Schneier, B.: Applied Cryptography, second edition. John Wiley and Sons. Inc., Chichester (1996)

    Google Scholar 

  13. Simon, B., Miklös, Z., Nejdl, W., Sintek, M., Salvachua, J.: Smart space for learning: A mediation infrastructure for learning services. In: Proceedings of the Twelfth International Conference on World Wide Web, Budapest, Hungary (May 2003)

    Google Scholar 

  14. Tonti, G., Bradshaw, J.M., Jeffers, R., Montanari, R., Suri, N., Uszok, A.: Semantic web languages for policy representation and reasoning: A comparison of KAoS, Rei and Ponde. In: Proceedings of the 2nd International Semantic Web Conference, Sanibel Island, Florida, USA (October 2003)

    Google Scholar 

  15. Trevor, J., Suciu, D.: Dynamically distributed query evaluation. In: Proceedings of the twentieth ACMSIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, Santa Barbara, CA, USA (May 2001)

    Google Scholar 

  16. Ueda, K.: Guarded horn clauses. In: Wada, E. (ed.) Logic Programming 1985. LNCS, vol. 221, pp. 168–179. Springer, Heidelberg (1986)

    Google Scholar 

  17. W3C Platform for Privacy Preferences (P3P) Specification, http://www.w3.org/TR/WD-P3P/Overview.html

  18. Yu, T., Winslett, M., Seamons, K.: Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies in Automated Trust Negotiation. ACM Transactions on Information and System Security 6(1) (February 2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. L3S and University of Hannover, Germany

    Rita Gavriloaie, Wolfgang Nejdl & Daniel Olmedilla

  2. Department of Computer Science, Brigham Young University, USA

    Kent E. Seamons

  3. Dept. of Computer Science, University of Illinois at Urbana-Champaign, USA

    Marianne Winslett

Authors
  1. Rita Gavriloaie
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wolfgang Nejdl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel Olmedilla
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kent E. Seamons
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Marianne Winslett
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cisco Systems, Inc., 95134, San Jose, CA, USA

    Christoph J. Bussler

  2. Next Generation Web Research Group, BT Group,, Adastral Park, Ipswich, UK

    John Davies

  3. DERI Innsbruck, University of Innsbruck, Austria

    Dieter Fensel

  4. Institute AIFB, Universität Karlsruhe, Germany

    Rudi Studer

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gavriloaie, R., Nejdl, W., Olmedilla, D., Seamons, K.E., Winslett, M. (2004). No Registration Needed: How to Use Declarative Policies and Negotiation to Access Sensitive Resources on the Semantic Web. In: Bussler, C.J., Davies, J., Fensel, D., Studer, R. (eds) The Semantic Web: Research and Applications. ESWS 2004. Lecture Notes in Computer Science, vol 3053. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25956-5_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-25956-5_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-21999-6

  • Online ISBN: 978-3-540-25956-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation