Authorization and Privacy for Semantic Web Services

Thumbnail Image

Files

308.pdf (167.74 KB)

Links to Files

https://ieeexplore.ieee.org/document/1333035

Permanent Link

10.1109/MIS.2004.23
 http://hdl.handle.net/11603/12255

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2004-07-01

Type of Work

journal articles
Text

Department

Program

Citation of Original Publication

Lalana Kagal, Massimo Paoucci, Naveen Srinivasan, Grit Denker, Tim Finin, and Katia Sycara, Authorization and Privacy for Semantic Web Services, IEEE Intelligent Systems (Special Issue on Semantic Web Services), 2004, DOI: 10.1109/MIS.2004.23

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
© 2004 IEEE

Subjects

semantic Web
authorisation
data privacy
ontologies
virtual machining
privacy
policy
semantic Web service
UMBC Ebiquity Research Group

Abstract

When choosing, composing, invoking or monitoring a service it may be important or even critical to understand it's security attributes and policies. By security, we refer to a range of related aspects including authentication, authorization, confidentiality and privacy. We discuss how to incorporate security information into the OWL-S Semantic Web service model by integrating descriptions of semantically rich policies for authorization, privacy and confidentiality. These policies can include conditions on attributes of the service requester, provider, and the general context. We describe the ontologies used to annotate OWL-S input and output parameters with respect to their security characteristics, including various types of encryption and digital signatures. We present an algorithm for testing policy compliance that can be integrated into the service selection process of the OWL-S MatchMaker. This integration allows the requester to invoke only those services that match the formers policies and whose policies are met by the requester.