RE:[semantic web] proof and trust from Smith, Ned on 2001-11-21 (www-rdf-logic@w3.org from November 2001)

From: Smith, Ned <ned.smith@intel.com>
Date: Wed, 21 Nov 2001 12:22:38 -0800
To: www-rdf-logic@w3.org
Message-ID: <0DCC27458EB5D51181840002A507069E0C30F3@orsmsx117.jf.intel.com>
In [1][2] a logic framework LF language is used to encode security and
safety logics. I'm not a logician. However, I do understand SpeaksFor and
Says relationships ala SPKI.   I don't believe I truely appreciate the
logicians approach taken by [1]. There are implementations of SPKI [3] and
SPKI authorization computation engine [4] implemented in procedural
languages (Java, C). Proofs expressed in LF appear to be equally difficult
to read/program as those expressed in a procedural language. Why would a
domain expert/security expert choose to express proofs/rules in a logic
language vs. procedural - aside from style preferences?

I understand DAML+OIL accommodates inference, but I don't believe it
specifically addresses SpeaksFor and Says. [1] suggests that these logical
constructs are elements of an application logic rather than a core (more
primitive) logic. WOW-G is chartered to develop a language for
defining/building ontologies. To what extent should DAML be enabled to
describe security logics - specifically referring to core logic in [1]?
Note: I draw a distinction between security logics as described in [1] and
security ontology as described in [5] even though both might be expressed in
the same language (e.g. DAML). It may be incorrect for me to draw such a
distinction, but as I said I'm not a logician.

[1] A Proof-Carrying Authorization System. Lujo Bauer,
                  Michael A. Schneider, and Edward W. Felten. Technical
                  report CS-TR-638-01, Department of Computer Science,
                  Princeton University, April 2001. 
   http://ncstrl.cs.princeton.edu/expand.php?id=TR-638-01

[2] Proof Carrying Code, Peter Lee CMU
	http://www-2.cs.cmu.edu/~petel/papers/pcc/pcc.htm

[3] HP Espeak http://www.espeak.com

[4] Common Data Security Architecture (CDSA), AuthCompute Module.
http://www.opengroup.org

[5] A Delegation-based Distributed Trust Model for Multi-Agent Systems,
Lalana Kagal et.al., University of Maryland. mailto:lkagal1@cs.umbc.edu 

Ned M. Smith
Intel Architecture Labs          Phone: 503.264.2692
2111 N.E. 25th Ave               Fax: 503.264.6225
Hillsoboro OR. 97124            mailto:ned.smith@intel.com


> -----Original Message-----
> From: Dan Connolly [mailto:connolly@w3.org]
> Sent: Thursday, November 15, 2001 3:06 PM
> To: Smith, Ned
> Cc: www-rdf-logic@w3.org
> Subject: Re: semantic web, proof and trust
> 
> 
> "Smith, Ned" wrote:
> > 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > In a semantic web paper by James Hendler, a layer cake of
> > technologies is presented with Unicode/URI at the bottom followed by
> > XML, RDF, Ontology vocabulary, logic, proof and finally trust. The
> > intermediate layers (RDF, ontology, logic and proof) are protected
> > ala digital signature (I presume W3C DSIG).
> > 
> > I'd like to undersand the proof and trust layers, namely what is
> > being prooved and what is being trusted?
> 
> Coincidently, I was just updating a description of our work
> on that, and I discovered a new paper:
> 
> A Proof-Carrying Authorization System. Lujo Bauer,
>                  Michael A. Schneider, and Edward W. Felten. Technical
>                  report CS-TR-638-01, Department of Computer Science,
>                  Princeton University, April 2001. 
>   http://ncstrl.cs.princeton.edu/expand.php?id=TR-638-01
> 
> linked from
> 
>   SIP: Proof-Carrying Authorization
>   http://www.cs.princeton.edu/sip/projects/pca/
> 
> linked from
> 
>   The Semantic Web as a language of logic
>   http://www.w3.org/DesignIssues/Logic#PCA
> 
> linked from
> 
>   Access Control Rules, Logic, and Proof
>   in Semantic Web Activity: Advanced Development
>   http://www.w3.org/2000/01/sw/#access
> 
> 
> While I was at it, I discovered a really nice diagram/slide
> by Marja:
> 
>   SW Principles 3: Web of Trust
>   http://www.w3.org/Talks/2001/1102-semweb-fin/slide14-0.html
> 
> > The use of digital signature suggests that key management 
> is some how
> > involved. Can anyone clarify? Is there the expectation that a PKI
> > will be used (for example)?
> 
> The proofs pretty much subsume credentials and traditional
> PKI stuff.
> 
> > Regarding proofs. One possible dimension to proof is the idea that
> > one party must prove possession of a secret (a basic element of
> > authentication). Is this an aspect of the proof layer?
> 
> Sort of.
> 
> > What other
> > dimensions are implied by the proof layer?
> > 
> > Trust has been used in a variety of ways. In DOD Orange Book systems
> > it describes the Trusted Computing Base which does not rely on
> > external checking mechanisms for its assurances. In 
> financial systems
> > trust is better understood as risk management and can include
> > indemnity protection - not relying exclusively on 
> techniques for risk
> > mitigation. The semantic web seems to apply the "web of trust"
> > abstraction which could imply a system of distributed cross-checked
> > nodes. I presume these nodes contain a TCB of sorts. Can anyone
> > elaborate on the intended architecture for web of trust or the Trust
> > layer?
> 
> The trusted computing base is expected to be:
> a proof checker, which includes the ability to verify
> digital signatures, plus a knowledge base of policies.
> 
> see also Necula's proof-carrying code stuff:
>   http://www.cs.berkeley.edu/~necula/pcc.html
> 
> -- 
> Dan Connolly, W3C http://www.w3.org/People/Connolly/
>
Received on Wednesday, 21 November 2001 15:22:43 UTC