- From: Lalana Kagal <lkagal1@cs.umbc.edu>
- Date: Fri, 16 Nov 2001 11:50:56 -0500 (EST)
- To: <www-rdf-logic@w3.org>
Hi,
I am a graduate student at the University of Maryland Baltimore County.
We have been using delegation based trust for authentication and access
control in distributed systems.
A couple of our papers are
http://umbc.edu/~finin/papers/ieee01/ : This is an overview of what we are
working on and the approach we are taking
http://www.csee.umbc.edu/~lkagal1/papers/vigil.pdf : This describes our
implementation of a trust based security architecture for pervasive
systems.
Thanks,
Lalana
-------- Original Message --------
Subject: semantic web, proof and trust
Date: Thu, 15 Nov 2001 11:04:26 -0800
From: "Smith, Ned" <ned.smith@intel.com>
To: www-rdf-logic@w3.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In a semantic web paper by James Hendler, a layer cake of
technologies is presented with Unicode/URI at the bottom followed by
XML, RDF, Ontology vocabulary, logic, proof and finally trust. The
intermediate layers (RDF, ontology, logic and proof) are protected
ala digital signature (I presume W3C DSIG).
I'd like to undersand the proof and trust layers, namely what is
being prooved and what is being trusted?
The use of digital signature suggests that key management is some how
involved. Can anyone clarify? Is there the expectation that a PKI
will be used (for example)?
Regarding proofs. One possible dimension to proof is the idea that
one party must prove possession of a secret (a basic element of
authentication). Is this an aspect of the proof layer? What other
dimensions are implied by the proof layer?
Trust has been used in a variety of ways. In DOD Orange Book systems
it describes the Trusted Computing Base which does not rely on
external checking mechanisms for its assurances. In financial systems
trust is better understood as risk management and can include
indemnity protection - not relying exclusively on techniques for risk
mitigation. The semantic web seems to apply the "web of trust"
abstraction which could imply a system of distributed cross-checked
nodes. I presume these nodes contain a TCB of sorts. Can anyone
elaborate on the intended architecture for web of trust or the Trust
layer?
Thanks,
Ned
Ned M. Smith
Intel Architecture Labs Phone: 503.264.2692
2111 N.E. 25th Ave Fax: 503.264.6225
Hillsoboro OR. 97124 mailto:ned.smith@intel.com
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.3
iQA/AwUBO/QRuhdTablCCzU/EQLdkQCcCUPFxVLnVFBTTaBAZbye77uXUg8AoNvE
QMpDjWEynaav2v2XiyC/tkmJ
=IhCo
-----END PGP SIGNATURE-----
-------- Original Message --------
Subject: Re: semantic web, proof and trust
Date: Thu, 15 Nov 2001 17:06:16 -0600
From: Dan Connolly <connolly@w3.org>
Organization: World Wide Web Consortium (http://www.w3.org/)
To: "Smith, Ned" <ned.smith@intel.com>
CC: www-rdf-logic@w3.org
"Smith, Ned" wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In a semantic web paper by James Hendler, a layer cake of
> technologies is presented with Unicode/URI at the bottom followed by
> XML, RDF, Ontology vocabulary, logic, proof and finally trust. The
> intermediate layers (RDF, ontology, logic and proof) are protected
> ala digital signature (I presume W3C DSIG).
>
> I'd like to undersand the proof and trust layers, namely what is
> being prooved and what is being trusted?
Coincidently, I was just updating a description of our work
on that, and I discovered a new paper:
A Proof-Carrying Authorization System. Lujo Bauer,
Michael A. Schneider, and Edward W. Felten. Technical
report CS-TR-638-01, Department of Computer Science,
Princeton University, April 2001.
http://ncstrl.cs.princeton.edu/expand.php?id=TR-638-01
linked from
SIP: Proof-Carrying Authorization
http://www.cs.princeton.edu/sip/projects/pca/
linked from
The Semantic Web as a language of logic
http://www.w3.org/DesignIssues/Logic#PCA
linked from
Access Control Rules, Logic, and Proof
in Semantic Web Activity: Advanced Development
http://www.w3.org/2000/01/sw/#access
While I was at it, I discovered a really nice diagram/slide
by Marja:
SW Principles 3: Web of Trust
http://www.w3.org/Talks/2001/1102-semweb-fin/slide14-0.html
> The use of digital signature suggests that key management is some how
> involved. Can anyone clarify? Is there the expectation that a PKI
> will be used (for example)?
The proofs pretty much subsume credentials and traditional
PKI stuff.
> Regarding proofs. One possible dimension to proof is the idea that
> one party must prove possession of a secret (a basic element of
> authentication). Is this an aspect of the proof layer?
Sort of.
> What other
> dimensions are implied by the proof layer?
>
> Trust has been used in a variety of ways. In DOD Orange Book systems
> it describes the Trusted Computing Base which does not rely on
> external checking mechanisms for its assurances. In financial systems
> trust is better understood as risk management and can include
> indemnity protection - not relying exclusively on techniques for risk
> mitigation. The semantic web seems to apply the "web of trust"
> abstraction which could imply a system of distributed cross-checked
> nodes. I presume these nodes contain a TCB of sorts. Can anyone
> elaborate on the intended architecture for web of trust or the Trust
> layer?
The trusted computing base is expected to be:
a proof checker, which includes the ability to verify
digital signatures, plus a knowledge base of policies.
see also Necula's proof-carrying code stuff:
http://www.cs.berkeley.edu/~necula/pcc.html
--
Dan Connolly, W3C http://www.w3.org/People/Connolly/
-------- Original Message --------
Subject: Re: semantic web, proof and trust
Date: Thu, 15 Nov 2001 19:11:48 -0500
From: Jim Hendler <hendler@cs.umd.edu>
To: "Smith, Ned" <ned.smith@intel.com>, www-rdf-logic@w3.org
Aaron Swartz and I recently wrote a paper that tried to explain more
about the layer cake -- see:
http://blogspace.com/rdf/SwartzHendler
-JH
p.s. Layer cake is from Tim Berners-Lee, not me.
--
Prof. James Hendler Director, Semantic Web and
Agent Technology
301-405-2696 (phone) Maryland Information and Network Dynamics Lab
301-405-8488 (fax) University of Maryland
http://www.cs.umd.edu/~hendler College Park, MD 20742
Received on Friday, 16 November 2001 11:50:58 UTC