W3C home > Mailing lists > Public > public-pling@w3.org > December 2007

Re: Policy Negotiation

From: Daniel Olmedilla <olmedilla@l3s.de>
Date: Thu, 6 Dec 2007 03:08:47 +0100
To: Rigo Wenning <rigo@w3.org>
Cc: ashok.malhotra@oracle.com, Renato Iannella <renato@nicta.com.au>, Paul Denning <pauld@mitre.org>, public-pling@w3.org
Message-Id: <200712060308.47608.olmedilla@l3s.de>


first of all, I should introduce myself. My name is Daniel Olmedilla 
(http://www.L3S.de/~olmedilla), and one of my topics of research has been and 
is policy-driven trust negotiation.

Regarding to the information exchanged so far, here some additions:

- Definition of policy-based trust negotiation (one possible kind of 
negotiation). See the papers [1] and [2]. Basically, the idea is that 
resources are protected by policies, and policies are also resources (that 
is, they might be protected too). A request from party A for a resource R 
triggers an evaluation at party B. If B's policy for R depends on input from 
A (e.g., A must provide some credentials), then B needs to inform A about 
such requirements (e.g., sending the policy). Party A analyses the 
requirements, and if the requested credentials are protected too (requiring 
some credentials from B), she sends the policy protecting her credentials to 
B. And so on. In this way, the negotiation process iterates based on both 
parties policies towards a common agreement. A credential or policy is only 
disclosed if the conditions protecting it are satisfied. Also, in order to 
select which part of a party's policy is disclosed, a filtering process is 
needed [3]

- There are two example use cases (we inputted one) on policy (rule) based 
negotiation into the W3C RIF working group, available at 
http://www.w3.org/TR/rif-ucr/ . Since they are a bit long, I don't include 
them here but you can check "Negotiating eCommerce Transactions Through 
Disclosure of Buyer and Seller Policies and Preferences" [4] and "Negotiating 
eBusiness Contracts Across Rule Platforms" [5].

In addition, I participated in a tutorial on Semantic Web Policies, and part 
of that tutorial focuses on the benefits of negotiations exchanging policy 
rules. Among them
a) it is a compact representation of all combinations of credentials required 
to make the negotiation advance and
b) it provides the full semantics to the other party, and therefore allows for 
e.g., policy explanations generated at client side [6]

Hope this helps to continue with the discussion :-).



[1] William H. Winsborough, Kent E. Seamons, and Vicki E. Jones. Automated 
trust negotiation. DARPA Information Survivability Conference and Exposition, 
IEEE Press, Jan 2000.

[2] Marianne Winslett: An Introduction to Trust Negotiation. iTrust 2003: 

[3] Piero A. Bonatti and Daniel Olmedilla. Driving and monitoring provisional 
trust negotiation with metapolicies. In 6th IEEE Policies for Distributed 
Systems and Networks (POLICY 2005), pages 14-23, Stockholm, Sweden, June 
2005. IEEE Computer Society.



[6] Piero A. Bonatti, Daniel Olmedilla, and Joachim Peer. Advanced policy 
explanations on the web. In 17th European Conference on Artificial 
Intelligence (ECAI 2006), pages 200-204, Riva del Garda, Italy, Aug-Sep 2006. 
IOS Press.

On Thursday 22 November 2007, Rigo Wenning wrote:
> Ashok,
> P3P had exactly the same issue as there was no feedback channel to
> tell why the matching had failed. This was mainly annoying for the
> server side. IBM wrote a paper on how to create a feedback channel
> and presented it on WWW10 in Hongkong. Despite some search I did not
> find it but perhaps Tony can give us the pointer.
> Furthermore, look at the P3P Workshop in Kiel:
> http://www.w3.org/2003/p3p-ws/
> You may also look at the PRIME framework:
> https://www.prime-project.eu/prime_products/reports/fmwk/
> that tries to do some negotiation.
> Best,
> Rigo
> On Wednesday 21 November 2007, ashok malhotra wrote:
> > WS-Policy defines Policy Intersection but the result is a Boolean.
> > There is no feedback on why Policy Intersection failed.
> > Often it is because the namespace of some assertion changed.  If
> > there was some feedback then some follow on action could  be
> > defined to correct the problem.

     Dr. Daniel Olmedilla
     L3S Research Center and Hannover University
     Appelstr. 9a
     D - 30167 Hannover

     Phone: +49 (0)511-762.17741
     Fax:   +49 (0)511-762.17779

     E-Mail: olmedilla@L3S.de
Received on Thursday, 6 December 2007 02:09:26 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:50:39 UTC