Securing the Semantic Web: A Trust Management Approach

This research investigates distributed trust management as an alternative to traditional authentication and access control schemes in dynamic and pen computing environments such as multiagent systems, web services and pervasive computing. Distributed trust management handles security with techniques used in human societies, where people are judged on their abilities, assets, relationships and reputations. Authorization decisions are made through the application of relevant security and trust policies, expressed in a high-level declarative language. The policies define rules and constraints on agents (human or software) and the actions they can take on objects in terms of their credentials and properties. This work extends the principles of trust management with deontic notions of rights, obligations, and prohibitions. An ontology grounded in a semantic language (e.g., RDF, DAML or OWL) is used to represent security information constituting credentials, policies, beliefs, and proofs as well as relevant domain-specific properties to characterize the agents, actions and objects. An important results will be a better understanding of how the semantic web can address the critical issues of security, trust and privacy in distributed open environments. The new concepts and techniques will be evaluated and demonstrated through the implementation of prototype tools and applications.

For more information, contact finin@umbc.edu.