Abstract
Pervasive systems are characterised by networked heterogeneous devices. To fulfill the security requirements of an application, these devices have to abide by certain policies. However, as the contingent interaction between devices in all possible contexts within evolving pervasive systems devices cannot be known at development time, policies cannot be dedicated to concrete security mechanisms which might later not be supported by the devices present in the network. Therefore, policies need to be expressed at a more abstract level and refined appropriately to suit applicable mechanisms at run time. In this paper we describe how security policies can be combined with ontologies to support such an automated policy refinement. As thereby policy decisions depend on semantic descriptions, the correctness of these descriptions must be verifiable at a later time for policy decisions to be evidential. We therefore propose Trusted Computing-based approaches on generating proofs of correctness of semantic descriptions deployed in policies.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Semantic Annotations for WSDL and XML Schema. W3C Recommendation (August 2007)
Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–39. Springer, Heidelberg (2001)
Ferrini, R., Bertino, E.: Supporting RBAC with XACML+OWL. In: 14th ACM symposium on Access control models and technologies (SACMAT), pp. 145–154 (2009)
Horridge, M., Drummond, N., Goodwin, J., Rector, A.L., Stevens, R., Wang, H.: The manchester owl syntax. In: CEUR Workshop Proceedings. OWLED, vol. 216 (2006)
Kagal, L., Berners-Lee, T., Connolly, D., Weitzner, D.: Using semantic web technologies for policy management on the web. In: National Conference on Artificial Intelligence, AAAI (July 2006)
Klie, T., Ernst, B., Wolf, L.: Automatic policy refinement using owl-s and semantic infrastructure information. In: Proc. 2nd IEEE Int. Workshop on Modelling Autonomic Communications Environments (MACE), San Jose, US (October 2007)
Kagal, L.: The rein policy framework for the semantic web (2006), http://dig.csail.mit.edu/2006/06/rein/
Lamparter, S., Agarwal, S.: Specification of policies for automatic negotiations of web services. In: Kagal, L., Finin, T., Hendler, J. (eds.) Semantic Web and Policy Workshop, Galway, Ireland, November 2005, pp. 99–109 (2005)
TCG MPWG. The TCG mobile trusted module specification. TCG specification version 0.9 revision, 1
National Institute of Standards and Technology. Security Requirements for Cryptographic Modules. Federal Information Processing Standards Publication 140-2 (2002)
Patwardhan, A., Korolev, V., Kagal, L., Joshi, A.: Enforcing Policies in Pervasive Environments. In: International Conference on Mobile and Ubiquitous Systems: Networking and Services (August 2004)
Sadeghi, A.R., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Workshop on New security paradigms, pp. 67–77 (2004)
Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proc. of the 13th USENIX Security Symposium, pp. 223–238 (2004)
Stumpf, F., Fuchs, A., Katzenbeisser, S., Eckert, C.: Improving the scalability of platform attestation. In: Workshop on Scalable Trusted Computing (ACM STC 2008), Fairfax, USA, October 31, pp. 1–10. ACM Press, New York (2008)
Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: Proteus: A semantic context-aware adaptive policy model. In: IEEE 2007 International Workshop on Policies for Distributed Systems and Networks (POLICY), Bologna, Italy, June 2007. IEEE Computer Society Press, Los Alamitos (2007)
Tonti, G., Bradshaw, J.M., Jeffers, R., Montanari, R., Suri, N., Uszok, A.: Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KAoS, Rei, and Ponder. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 419–437. Springer, Heidelberg (2003)
Twidle, K., Dulay, N., Lupu, E., Sloman, M.: Ponder2: A Policy System for Autonomous Pervasive Environments. In: The Fifth International Conference on Autonomic and Autonomous Systems, ICAS 2009 (April 2009)
Uszok, A., Bradshaw, J.: Kaos policies for web services. In: W3C Workshop on Constraints and Capabilities for Web Services (October 2004)
Verma, K., Akkiraju, R., Goodwin, R.: Semantic matching of web service policies. In: Proceedings of the Second Workshop on SDWP (2005)
Yoshihama, S., Ebringer, T., Nakamura, M., Munetoh, S., Maruyama, H.: WS-attestation: efficient and fine-grained remote attestation on Web services. In: International Conference on Web Services (ICWS 2005), p. 750 (2005)
Zhang, W., Schütte, J., Ingstrup, M., Hansen, K.M.: A Genetic Algorithms-based approach for Optimized Self-protection in a Pervasive Service Middleware. In: Baresi, L., Chi, C.-H., Suzuki, J. (eds.) ICSOC-ServiceWave 2009. LNCS, vol. 5900, pp. 404–419. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Schütte, J., Kuntze, N., Fuchs, A., Badii, A. (2010). Authentic Refinement of Semantically Enhanced Policies in Pervasive Systems. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds) Security and Privacy – Silver Linings in the Cloud. SEC 2010. IFIP Advances in Information and Communication Technology, vol 330. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15257-3_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-15257-3_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15256-6
Online ISBN: 978-3-642-15257-3
eBook Packages: Computer ScienceComputer Science (R0)