|
|
|
|
|
|
Means to describe certificates, security
policies, delegation, ... |
|
Linking info with its pedigree, trusting
pedigree? |
|
Security and DAML-S |
|
devices, ubiquitous computing, web services |
|
Reasoning about security |
|
Enforcing security policies |
|
Identify the value added by DAML security |
|
vs “security in existing systems” |
|
Security for COTS products |
|
|
|
|
|
|
|
|
|
Security mark-up of documents to support
decisions: |
|
Which (part of) document/service is accessible
to whom? |
|
How can this document being transported (secure
channel, bandwith, etc)? |
|
Reasoning about security |
|
What can a device do/not do? |
|
Can I trust the results of the computing system? |
|
Basis for enforcing security requirements and
policies |
|
Clarity of representation of security
requirements |
|
Enables negotiation, supports decision making
and conflict resolution, support an agent in retrieving the “right” items |
|
|
|
|
|
|
|
What do you want to show? What is the value
added by DAML security? |
|
|
|
Suggestion: |
|
Networked environment |
|
Wireless environment (ubiquitous computing) |
|
JBI |
|
Ultralog |
|
Homeland defense |
|
Benchmarks: Apply ontologies to express PGP,
Role-Based Access Control |
|
|
|
Notes