Abstract
Policy-based management of distributed system has become a commonly accepted approach for such systems. However, there are a number of open technical issues that might put large-scale deployment of policy-based management techniques at risk. They include automated policy translation (i.e., refinement from abstract business goals to final configurations); development of integrated policy architectures for network, service and application management, and dynamic service creation; and methods for policy conflict detection and resolution. Regarding this last issue, there exist some relevant efforts in the security area, but they are still in the design phase and it is not clear how flexible and powerful they will become when they deal with different kinds of security-related policies and scenarios. This article provides the main ideas behind the semantically enriched specification of security policies and describes an automated process for doing conflict detection on these policies.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
García Clemente FJ, Martínez Perez G, Botía Blaya JA, Gómez Skarmeta AF (2006) Description of policies enriched by semantics for security management. In: Taniar D, Rahayu JW (eds) Book on Web Semantics and Ontology. Idea Group, Hershey, pp 362–388
Tonti G, Bradshaw JM, Jeffers R, Montanari R, Suri N, Uszok A (2003) Semantic Web languages for policy representation and reasoning: a comparison of KAoS, Rei, and Ponder. In: Fensel D, Sycara K, Mylopoulos J (eds) Proceedings of the Second International Semantic Web Conference. Sanibel Island, USA, LNCS. Springer, Berlin Heidelberg New York, pp 419–437
Bradshaw JM et al (2003) Representation and reasoning for DAML-based policy and domain services in KAoS and Nomads. Proceedings of the Autonomous Agents and Multi-Agent Systems Conference (AAMAS 2003), Melbourne, Australia. ACM, New York
Kagal L, Finin T, Anupam J (2003) A policy language for pervasive systems. Fourth IEEE International Workshop on Policies for Distributed Systems and Networks, Lake Como, June
Common Information Model (2007) Standards, DMTF, http://www.dmtf.org/standards/cim, WWW
Martínez Perez G, García Clemente FJ, Botía Blaya JA, Gómez Skarmeta AF (2005) Extending the Common Information Model for Incorporating Semantics and Ontology-based Reasoning in the Specification of Security Policies. 12th Workshop of HP OpenView University Association (HP-OVUA), Porto, Portugal
Horrocks I et al (2004) SWRL: a Semantic Web Rule Language Combining OWL and RuleML, The Rule Markup Initiative. http://www.w3.org/Submission/SWRL/, WWW
Ontology Rule Editor (2007) http://sourceforge.net/projects/ore/, WWW
Kakas A, Maudet N, Moraitis P (2005) Modular representation of agent interaction rules through argumentation. Auton AgentMulti Agent Syst 11(2):189–206
Policy-based Security Tools and Framework (POSITIF) (2007) EU IST FP6 Project Framework, http://www.positif.org/framework.html, WWW
Muñoz Ortega A, Botía Blaya JA, García Clemente FJ, Martínez Pérez G, Gómez Skarmeta AF (2007) Approach to solve security policy conflicts by means of argumentation in multi-agent system based pervasive environments. 14th HP Software University Association Workshop, Garching/Munich, Germany, July
Pras A, Schönwälder J, Burgess M, Festor O, Martínez Pérez G, Stadler R, Stiller B (2007) Key Research Challenges in Network Management. IEEE Commun Mag 45(10):104–110, October
Acknowledgements
This work has been partially funded by European Union POSITIF (IST-2002-002314, http://www.positif.org/) IST FP6 project. This work has been also supported by the Spanish Ministerio de Educación y Ciencia and European Commission FEDER funds under grants “Consolider Ingenio-2010 CSD2006-00046” and “TIN2006-15516-C04-03”. Authors would also like to thank the Spanish Ministerio de Educación y Ciencia for sponsoring the research activities under the grant AP2006-4154 of the FPU program.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
García Clemente, F.J., Martínez Pérez, G., Muñoz Ortega, A. et al. Towards semantic web-based management of security services. Ann. Telecommun. 63, 183–193 (2008). https://doi.org/10.1007/s12243-008-0020-y
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-008-0020-y