A policy based approach to security for the Semantic Web

Abstract

Along with developing specifications for the description of meta-data and the extraction of information for the Semantic Web, it is important to maximize security in this environment, which is fundamentally dynamic, open and devoid of many of the clues human societies have relied on for security assessment. Our research investigates the marking up of web entities with a semantic policy language and the use of distributed policy management as an alternative to traditional authentication and access control schemes. The policy language allows policies to be described in terms of deontic concepts and models speech acts, which allows the dynamic modification of existing policies, decentralized security control and less exhaustive policies. We present a security framework, based on this policy language, which addresses security issues for web resources, agents and services in the Semantic Web. © Springer-Verlag Berlin Heidelberg 2003.