| |
|
|
|
Conferences
@INPROCEEDINGS{08-secrypt-comparison,
author = {Juri L. De Coi and
Daniel Olmedilla},
title = {A Review of Trust Management, Security and Privacy Policy Languages},
booktitle = {International Conference on Security and Cryptography (SECRYPT 2008)},
publisher = {INSTICC Press},
month = JUL,
year = {2008},
kind = {conference},
category = {policies,security},
url = {2008/2008-SECRYPT-comparison.pdf},
abstract = {Policies are a well-known approach to protecting security and privacy of users as well as for flexible trust
management in distributed environments. In the last years a number of policy languages were proposed to
address different application scenarios. In order to help both developers and users in choosing the language
best suiting her needs, policy language comparisons were proposed in the literature. Nevertheless available
comparisons address only a small number of languages, are either out-of-date or too narrow in order to provide
a broader picture of the research field. In this paper we consider twelve relevant policy languages and compare
them on the strength of ten criteria which should be taken into account in designing every policy language.
Some criteria are already known in the literature, others are introduced in our work for the first time.
By comparing the choices designers made in addressing such criteria, useful conclusions can be drawn about
strong points and weaknesses of each policy language.}
}
@INPROCEEDINGS{protuneDemo08,
author = {Juri L. De Coi and
Daniel Olmedilla and
Sergej Zerr and
Piero A. Bonatti and
Luigi Sauro},
title = {A Trust Management package for Policy-Driven Protection \& Personalization of Web Content},
booktitle = {IEEE International Policies for Distributed Systems and Networks (POLICY 2008)},
month = JUN,
year = 2008,
address = {Palisades, NY, USA},
publisher = {IEEE Computer Society},
kind = {conference},
category = {policies,security},
url = {2008/2008-policy-protune-demo.pdf},
abstract = {This paper/demo presents an advanced approach to access
control on the Web. It presents an easy deployable package
that exploits emerging trust negotiation approaches by integrating them in a Web scenario. In such a scenario
advance decisions can be made based on expressive conditions,
including credentials exchanged among entities in order to
establish enough trust to be granted access to a resource, while
preserving the privacy of information released. In addition,
policies can be used in scripting languages such as JSP in order
to personalize dynamically generated content, based on locally
stored information or requester information obtained through
negotiations. Furthermore, using policies allows us to make use
of many of the results in the area, including policy verification
techniques and the use of our automatically generated natural
language explanations describing i.e. the requirements to
be satisfied before access to a resource is granted or why a
previous attempt has been denied.}
}
@INPROCEEDINGS{DBLP:conf/edbt/ZerrDONWM08,
author = {Sergej Zerr and
Elena Demidova and
Daniel Olmedilla and
Wolfgang Nejdl and
Marianne Winslett and
Soumyadeb Mitra},
title = {Zerber: r-Confidential Indexing for Distributed Documents},
booktitle = {11th International Conference on Extending Database Technology (EDBT 2008)},
address = {Nantes,France},
month = MAR,
year = {2008},
pages = {287-298},
ee = {http://doi.acm.org/10.1145/1353343.1353380},
publisher = {ACM},
series = {ACM International Conference Proceeding Series},
volume = {261},
isbn = {978-1-59593-926-5},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {dbir,security},
url = {2008/2008-EDBT-Zerber.pdf},
abstract = {To carry out work assignments, small groups distributed within a
larger enterprise often need to share documents among themselves
while shielding those documents from others' eyes. In this
situation, users need an indexing facility that can quickly locate
relevant documents that they are allowed to access, without (1)
leaking information about the remaining documents, (2) imposing
a large management burden as users, groups, and documents
evolve, or (3) requiring users to agree on a central completely
trusted authority. To address this problem, we propose the
concept of r-confidentiality, which captures the degree of
information leakage from an index about the terms contained in
inaccessible documents. Then we propose the r-confidential
Zerber indexing facility for sensitive documents, which uses
secret splitting and term merging to provide tunable limits on
information leakage, even under statistical attacks; requires only
limited trust in a central indexing authority; and is extremely easy
to use and administer. Experiments with real-world data show that
Zerber offers excellent performance for index insertions and
lookups while requiring only a modest amount of storage space
and network bandwidth.}
}
@INPROCEEDINGS{DBLP:conf/semweb/AbelCHKKO07,
author = {Fabian Abel and
Juri Luca De Coi and
Nicola Henze and
Arne Wolf Koesling and
Daniel Krause and
Daniel Olmedilla},
title = {Enabling Advanced and Context-Dependent Access Control in
RDF Stores},
booktitle = {6th International Semantic Web Conference,
2nd Asian Semantic Web Conference, ISWC 2007 + ASWC 2007},
address = {Busan, Korea},
month = NOV,
year = {2007},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {4825},
isbn = {978-3-540-76297-3},
pages = {1-14},
ee = {http://dx.doi.org/10.1007/978-3-540-76298-0_1},
kind = {conference},
category = {dbir,semanticWeb,policies,security},
url = {2007/2007_ISWC_rdf_policies.pdf},
abstract = {Semantic Web databases allow efficient storage and access to RDF statements.
Applications are able to use expressive query languages in order to retrieve
relevant metadata to perform different tasks. However, access to metadata may
not be public to just any application or service. Instead, powerful and flexible
mechanisms for protecting sets of RDF statements are required for many Semantic
Web applications. Unfortunately, current RDF stores do not provide fine-grained
protection. This paper fills this gap and presents a mechanism by which complex
and expressive policies can be specified in order to protect access to metadata
in multi-service environments.}
}
@INPROCEEDINGS{DBLP:conf/iat/CoiO07,
author = {Juri L. De Coi and
Daniel Olmedilla},
title = {A Flexible Policy-Driven Trust Negotiation Model},
booktitle = {2007 IEEE/WIC/ACM International Conference
on Intelligent Agent Technology},
month = NOV,
year = {2007},
address = {Silicon Valley, CA, USA},
pages = {450-453},
ee = {http://doi.ieeecomputersociety.org/10.1109/IAT.2007.7},
publisher = {IEEE Computer Society},
kind = {conference},
category = {policies,security},
url = {2007/2007_IAT_TNModel.pdf},
bibsource = {DBLP, http://dblp.uni-trier.de},
abstract = {Policy-driven negotiations are gaining interest among
the research community. A large number of policy languages
with different expressiveness have been developed in
order to suit different scenarios. This paper summarizes the
general requirements a negotiation framework must cover
and presents a flexible negotiation model that addresses all
these requirements and subsumes existing models to date.
An instantiation of this model and an architecture with
reusable components that integrates two existing trust negotiation
languages (PeerTrust and Protune) are provided.}
}
@INPROCEEDINGS{DBLP:conf/ectel/CoiKKO07,
author = {Juri L. De Coi and
Philipp K{\"a}rger and
Arne W. Koesling and
Daniel Olmedilla},
title = {Exploiting Policies in an Open Infrastructure for Lifelong
Learning},
booktitle = {2nd European Conference on Technology Enhanced Learning (EC-TEL)},
month = {Sep},
year = 2007,
address = {Crete, Greece},
pages = {26-40},
ee = {http://dx.doi.org/10.1007/978-3-540-75195-3_3},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {4753},
isbn = {978-3-540-75194-6},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {policies,eLearning},
url = {2007/2007_ec-tel_policies.pdf},
abstract = {Nowadays, people are in need for continuous learning in order to keep up to date
or be upgraded in their job. An infrastructure for lifelong learning requires
continuous adaptation to learners needs and must also provide flexible ways for
students to use and personalize them. Controlling who can access a document,
specifying when a student may be contacted for interactive instant messaging or
periodical reminders in order to increase motivation for collaboration are just
some examples of typical statements that may be specified by e.g., learners and
learning management system administrators. This paper shows how policies can
represent a way of expressing these statements and describes the extra benefits
of its adoption like flexibility, dynamicity and interoperability.}
}
@INPROCEEDINGS{DBLP:conf/ectel/AbelHKOS07,
author = {Fabian Abel and
Eelco Herder and
Philipp K{\"a}rger and
Daniel Olmedilla and
Wolf Siberski},
title = {Exploiting Preference Queries for Searching Learning Resources},
booktitle = {2nd European Conference on Technology Enhanced Learning (EC-TEL)},
month = {Sep},
year = 2007,
address = {Crete, Greece},
pages = {143-157},
ee = {http://dx.doi.org/10.1007/978-3-540-75195-3_11},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {4753},
isbn = {978-3-540-75194-6},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {eLearning},
url = {2007/2007_ec-tel_preferences.pdf},
abstract = {While the growing number of learning resources increases the choice for
learners, it also makes it more and more difficult to find suitable courses.
Thus, improved search capabilities on learning resource repositories are
required. We propose an approach for learning resource search based on
preference queries. A preference query does not only allow for hard constraints
(like ’return lectures about Mathematics’) but also for soft constraints (such
as ’I prefer a course on Monday, but Tuesday is also fine’). Such queries always
return the set of optimal items with respect to the given preferences. We show
how to exploit this technique for the learning domain, and present the Personal
Preference Search Service (PPSS) which offers significantly enhanced search
capabilities compared to usual search facilities for learning resources.}
}
@INPROCEEDINGS{DBLP:conf/icalt/DemidovaKOTDDMS07,
author = {Elena Demidova and
Philipp K{\"a}rger and
Daniel Olmedilla and
Stefaan Ternier and
Erik Duval and
Michele Dicerto and
Carlos Mendez and
Krassen Stefanov},
title = {Services for Knowledge Resource Sharing {\&} Management
in an Open Source Infrastructure for Lifelong Competence
Development.},
booktitle = {7th IEEE International Conference on
Advanced Learning Technologies (ICALT 2007)},
month = JUL,
year = {2007},
address = {Niigata, Japan},
pages = {691-693},
publisher = {IEEE Computer Society},
isbn = {978-0-7695-2916-5},
ee = {http://doi.ieeecomputersociety.org/10.1109/ICALT.2007.223},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {eLearning},
url = {2007/2007_ICALT_krms.pdf},
abstract = {Access to learning information is still restricted due to
the lack of technical and semantic interoperability,
locking knowledge resources in disconnected islands.
This situation does not provide learners with a
motivating environment in which to access and share
learning information. In order to target emerging
needs for lifelong competence development, a flexible
and open source environment for management and
sharing of knowledge resources must be built on top of
an infrastructure that maximizes the amount of
information available, therefore integrating
centralised repositories and user desktop resources as
well as emergent Web 2.0 applications. This paper
describes the challenges and requirements that need to
be addressed and presents a set of interfaces and our
current implementation of the Knowledge Resource
Sharing and Management service oriented
architecture.}
}
@INPROCEEDINGS{DBLP:conf/policy/ConstandacheOS07,
author = {Ionut Constandache and
Daniel Olmedilla and
Frank Siebenlist},
title = {Policy-Driven Negotiation for Authorization in the Grid.},
booktitle = {IEEE International Policies for Distributed
Systems and Networks (POLICY 2007)},
month = JUN,
year = 2007,
address = {Bologna, Italy},
publisher = {IEEE Computer Society},
pages = {211-220},
ee = {http://doi.ieeecomputersociety.org/10.1109/POLICY.2007.36},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {policies,security},
url = {2007/2007_policy_grid.pdf},
abstract = {In many Grid services deployments, the clients and
servers reside in different administrative domains. Hence,
there is a requirement both to discover each other’s authorization
policy, in order to be able to present the right assertions
that allow access, and to reveal as little as possible
of the access policy details to unauthorized parties.
This paper describes a mechanism where the client and
servers are semantically annotated with policies that protect
their resources. These annotations specify both constraints
and capabilities that are used during a negotiation
to reason about and communicate the need to see certain
credentials from the other party and to determine whether
requested credentials can be obtained and revealed. The result
of the negotiation is a state where both parties have satisfied
their policy constraints for a subsequent interaction
or where such interaction is disallowed by either or both.
Furthermore, we present an implementation of a prototype,
based on the PeerTrust policy language, and a reasoning
engine that is integrated in the Web services runtime component
of the Globus Toolkit. The negotiation process is
facilitated through the implementation of WSRF-compliant
service interfaces for protocol message exchanges.}
}
@INPROCEEDINGS{competence07,
author = {Juri L. De Coi and
Eelco Herder and
Arne Koesling and
Christoph Lofi and
Daniel Olmedilla and
Odysseas Papapetrou and
Wolf Siberski},
title = {A Model for Competence Gap Analysis},
booktitle = {WEBIST 2007, Proceedings of the Third International Conference
on Web Information Systems and Technologies: Internet Technology
/ Web Interface and Applications},
month = {Mar},
year = 2007,
address = {Barcelona, Spain},
publisher = {INSTICC Press},
kind = {conference},
category = {eLearning},
url = {2007/2007_WEBIST_competence.pdf},
abstract = {Modeling competences is an integral part of many
Human Resource (HR) and e-Learning related activities. HR departments use
competence descriptions to define requirements needed for performing specific
tasks or jobs. The same competences are acquired by employees and applicants by
e.g. experience or certifications. Typically, HR departments need to match such
required and acquired competences in order to find suitable candidates. In
e-Learning a similar situation arises. Curricula or training programmes need to
describe prerequisites that must be fulfilled before joining and the competences
that will be acquired after successful completion. This paper analyses the
limitations and extends existing approaches for modeling competences in order to
allow \hbox{(semi-)automatic} competence matching.}
}
@INPROCEEDINGS{DBLP:conf/ectel/BrunkhorstO06,
author = {Ingo Brunkhorst and
Daniel Olmedilla},
title = {Interoperability for Peer-to-Peer Networks: Opening P2P
to the Rest of the World.},
booktitle = {Innovative Approaches for Learning and Knowledge Sharing,
First European Conference on Technology Enhanced Learning (EC-TEL)},
month = {Oct},
year = 2006,
address = {Heraklion, Greece},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {4227},
isbn = {3-540-45777-1},
pages = {45-60},
ee = {http://dx.doi.org/10.1007/11876663_6},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {eLearning},
url = {2006/2006_EC-TEL_proxies.pdf},
abstract = {Due to the information growth, distributed
environments are offered as a feasible and scalable solution.
Peer-to-Peer (P2P) networks have become one of the most important and
used distributed environments inside (and outside) the e-learning community.
They bring many advantages such as
high flexibility for peers to dynamically join or leave the network,
scalability, autonomy and high resilience against peer failures.
However, every single one of them typically uses an interface
specifically developed for that network, and it requires every peer to
implement it in order to join.
This is leading to increased development costs for potentially
new participants of the network, and usually makes different P2P
networks unable to interact with other systems and environments,
isolating the network as a whole.
In this paper, we report on a solution based on a proxy-based
architecture and semantic mappings in order to allow the sharing of
content between the set of peers inside a P2P network and other
systems outside the network. Furthermore, we present an open-source
implementation of the modules described in the paper.}
}
@INPROCEEDINGS{DBLP:conf/ecai/BonattiOP06,
author = {Piero A. Bonatti and
Daniel Olmedilla and
Joachim Peer},
title = {Advanced Policy Explanations on the Web.},
booktitle = {17th European Conference on Artificial Intelligence (ECAI 2006)},
month = {Aug-Sep},
year = {2006},
pages = {200-204},
isbn = {1-58603-642-4},
bibsource = {DBLP, http://dblp.uni-trier.de},
address = {Riva del Garda, Italy},
publisher = {IOS Press},
kind = {conference},
category = {policies,semanticWeb},
url = {2006/2006_ECAI_explanations.pdf},
abstract = {The frameworks for protecting security and privacy can be
effective only if
common users---with no training in computer science or logic---increase
their awareness and control over the policy applied by the systems they
interact with. Towards this end, we introduce a mechanism for answering
\emph{why, why-not, how-to}, and \emph{what-if} queries on rule-based
policies for trust negotiation. Our framework is \emph{lightweight} and
\emph{scalable} but it fulfills the main goals of modern explanation
facilities. We adopt a novel \emph{tabled explanation structure}, that
simultaneously shows local and global (intra-proof and inter-proof)
information, thereby facilitating navigation. To focus answers in the trust
negotiation domain, we introduce suitable heuristics for removing the
irrelevant parts of the derivations.}
}
@INPROCEEDINGS{DBLP:conf/icalt/SimonSWABDNHKMMNOSSZ06,
author = {Bernd Simon and
Stefan Sobernig and
Fridolin Wild and
Sandra Aguirre and
Stefan Brantner and
Peter Dolog and
Gustaf Neumann and
Gernot Huber and
Tomaz Klobucar and
Sascha Markus and
Zolt{\'a}n Mikl{\'o}s and
Wolfgang Nejdl and
Daniel Olmedilla and
Joaqu\'{\i}n Salvach{\'u}a and
Michael Sintek and
Thomas Zillinger},
title = {Building Blocks for a Smart Space for Learning$^{\mbox{TM}}$.},
booktitle = {6th IEEE International Conference on Advanced Learning Technologies (ICALT 2006)},
month = JUL,
year = {2006},
address = {Kerkrade, The Netherlands},
pages = {309-313},
ee = {http://doi.ieeecomputersociety.org/10.1109/ICALT.2006.97},
bibsource = {DBLP, http://dblp.uni-trier.de},
publisher = {IEEE Computer Society},
kind = {conference},
category = {eLearning},
url = {2006/2006_ICALT_Elena.pdf},
abstract = {This case study summarizes the demonstration of a
semantic network of interoperable educational systems
referred to as Smart Space for Learning. We started
connecting several educational nodes in projects such
as Elena, Prolearn, and Icamp. Integration was
achieved by using the interaction standard SQI, common
schemas for querying and results presentation,
and query exchange language, e.g. QEL.
The paper particularly focuses on how heterogeneous
nodes can be made interoperable by reusing generalizations
of mediating components –building blocks
for a Smart Space for Learning}
}
@INPROCEEDINGS{DBLP:conf/policy/AlvesDNO06,
author = {Miguel Alves and
Carlos Viegas Dam{\'a}sio and
Wolfgang Nejdl and
Daniel Olmedilla},
title = {A Distributed Tabling Algorithm for Rule Based Policy Systems.},
pages = {123-132},
ee = {http://doi.ieeecomputersociety.org/10.1109/POLICY.2006.4},
booktitle = {7th IEEE Policies for Distributed
Systems and Networks (POLICY 2006)},
month = JUN,
year = 2006,
address = {London, Ontario, Canada},
publisher = {IEEE Computer Society},
isbn = {0-7695-2598-9},
kind = {conference},
category = {policies},
url = {2006/2006_policy_distributed_tabling.pdf},
abstract = {Distributed Peer-to-Peer and Grid infrastructure require
distributed
access control mechanisms. These mechanisms can be implemented in
distributed trust management infrastructures and usually require
reasoning on more than one peer, as soon as authority is delegated
or requests involve several authorities. Building on previous work
of the authors which formalized such a distributed trust management
infrastructure based on distributed logic programs, we describe in
this paper how reasoning can be implemented as distributed logic
evaluation and how loops during this evaluation can be handled with.
Our solution is based on a loop tolerant distributed tabling
algorithm which includes in the process protection of sensitive
policies and generation of proofs without increasing the complexity
of the system.}
}
@INPROCEEDINGS{DBLP:conf/esws/BonattiDFNOPS06,
author = {Piero A. Bonatti and
Claudiu Duma and
Norbert Fuchs and
Wolfgang Nejdl and
Daniel Olmedilla and
Joachim Peer and
Nahid Shahmehri},
title = {Semantic Web Policies - A Discussion of Requirements and Research
Issues},
booktitle = {3rd European Semantic Web Conference (ESWC)},
month = JUN,
year = 2006,
address = {Budva, Montenegro},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {4011},
isbn = {3-540-34544-2},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {policies,semanticWeb},
url = {2006/2006_eswc_requirements.pdf},
abstract = {Policies are pervasive in web applications. They play crucial
roles in
enhancing security, privacy and usability of distributed services. There has
been extensive research in the area, including the Semantic Web community, but
several aspects still exist that prevent policy frameworks from widespread
adoption and real world application. This paper discusses important
requirements and open research issues in this context, focusing on policies in
general and their integration into trust management frameworks, as well as on
approaches to increase system cooperation, usability and user-awareness of
policy issues.}
}
@INPROCEEDINGS{DBLP:conf/dagstuhl/OlmedillaRMN05,
author = {Daniel Olmedilla and
Omer F. Rana and
Brian Matthews and
Wolfgang Nejdl},
title = {Security and Trust Issues in Semantic Grids},
booktitle = {Semantic Grid: The Convergence of Technologies},
month = JUL,
year = {2005},
publisher = {Internationales Begegnungs- und Forschungszentrum (IBFI), Schloss
Dagstuhl, Germany},
series = {Dagstuhl Seminar Proceedings},
volume = {05271},
ee = {http://drops.dagstuhl.de/opus/volltexte/2006/408},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {security},
url = {2005/2005_dagstuhl_trust_grid.pdf},
abstract = {Grid computing allows sharing of services and resources accross
institutions.
However, current Grid security mechanisms for authentication and authorization
are too rigid and they lack the ability to determine how ``trustworthy'' the
result obtained from a specific provider is likely to be. This paper describes
the different facets associated to Trust and identifies the need for Trust
Management approaches in the context of Virtual Organizations lifecycle and
resource access control in the Grid.}
}
@INPROCEEDINGS{tod05,
author = {Stefaan Ternier and
Daniel Olmedilla and
Erik Duval},
title = {Peer-to-Peer versus Federated Search: towards more Interoperable
Learning Object Repositories},
booktitle = {2005 World Conference on Education, Multimedia, Hypermedia \&
Telecommunications (ED-MEDIA)},
month = JUL,
year = 2005,
address = {Montreal, Canada},
publisher = {Association for the Advancement of Computing in Education
(AACE)},
kind = {conference},
category = {eLearning},
url = {2005/2005_ED-Media_p2pFederatedSearch.pdf},
abstract = {This paper reports on our experiences in bridging the world of
learning object
repositories and peer-to-peer learning networks. More specifically, we have been
developing interoperability 'bridges' between the ARIADNE Knowledge Pool System,
a distributed client-server based learning object repository, and the Edutella
peer-to-peer learning network. In our developments, we rely heavily on the
rapidly maturing Simple Query Interface (SQI) standard. Our work not only
demonstrates that it is possible to interconnect more centralized repositories
and more distributed peer-to-peer approaches. We also clarify how these two
approaches are complementary. Unifying the two paradigms for learning object
management and access will help to accelerate the evolution towards a critical
mass of easily available, relevant learning objects of high quality.}
}
@INPROCEEDINGS{DBLP:conf/policy/BonattiO05,
author = {Piero A. Bonatti and
Daniel Olmedilla},
title = {Driving and Monitoring Provisional Trust Negotiation with
Metapolicies},
booktitle = {6th IEEE Policies for Distributed
Systems and Networks (POLICY 2005)},
month = JUN,
year = 2005,
address = {Stockholm, Sweden},
pages = {14--23},
ee = {http://dx.doi.org/10.1109/POLICY.2005.13},
publisher = {IEEE Computer Society},
isbn = {0-7695-2265-3},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {policies,security,semanticWeb},
url = {2005/2005_policy_protune.pdf},
abstract = {We introduce the provisional trust negotiation framework
\textsc{Protune}, for
combining distributed trust management policies with provisional-style business
rules and access-control related actions. The framework features a
powerful declarative metalanguage for driving some critical
negotiation decisions, and integrity constraints for monitoring
negotiations and credential disclosure.}
}
@INPROCEEDINGS{DBLP:conf/esws/NejdlOWZ05,
author = {Wolfgang Nejdl and
Daniel Olmedilla and
Marianne Winslett and
Charles C. Zhang},
title = {Ontology-Based Policy Specification and Management},
booktitle = {2nd European Semantic Web Conference (ESWC)},
month = MAY,
year = 2005,
address = {Heraklion, Crete, Greece},
pages = {290--302},
ee = {http://dx.doi.org/10.1007/11431053_20},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {3532},
isbn = {3-540-26124-9},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {policies,semanticWeb},
url = {2005/2005_ESWC_policy_specification.pdf},
abstract = {The World Wide Web makes it easy to share information and
resources,
but offers few ways to limit the manner in which these resources are
shared. The specification and automated enforcement of
security-related policies offer promise as a way of providing
controlled sharing, but few tools are available to assist in policy
specification and management, especially in an open system such as
the Web, where resource providers and users are often strangers to
one another and exact and correct specification of policies will be
crucial. In this paper, we propose the use of ontologies to simplify
the tasks of policy specification and administration, discuss how to
represent policy inheritance and composition based on credential
ontologies, formalize these representations and the according
constraints in Frame-Logic, and present \textsc{PolicyTab}, a prototype
implementation of our proposed scheme as a Prot{\'e}g{\'e}
plug-in to support policy specification.}
}
@INPROCEEDINGS{DBLP:conf/webi/ChiritaON04,
author = {Paul-Alexandru Chirita and
Daniel Olmedilla and
Wolfgang Nejdl},
title = {Finding Related Pages Using the Link Structure of the {WWW}},
booktitle = {2004 IEEE/WIC/ACM International Conference on Web Intelligence
(WI 2004)},
month = SEP,
year = 2004,
address = {Beijing, China},
pages = {632-635},
ee = {http://doi.ieeecomputersociety.org/10.1109/WI.2004.69},
publisher = {IEEE Computer Society},
isbn = {0-7695-2100-2},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {dbir},
url = {2004/2004_WIC_hubs.pdf},
abstract = {Most of the current algorithms for finding related pages are
exclusively based on text corpora of the WWW or incorporate only
authority or hub values of pages. In this paper, we present HubFinder,
a new fast algorithm for finding related pages exploring the link
structure of the Web graph. Its criterion for filtering
output pages is ``pluggable'', depending on the user's interests, and
may vary from global page ranks to text content, etc. We also
introduce HubRank, a new ranking algorithm which gives a more complete
view of page ``importance'' by biasing the authority measure of Page\-Rank
towards hub values of pages. Finally, we present an evaluation of
these algorithms in order to prove their qualities experimentally.}
}
@INPROCEEDINGS{DBLP:conf/ah/ChiritaON04,
author = {Paul-Alexandru Chirita and
Daniel Olmedilla and
Wolfgang Nejdl},
title = {PROS: A Personalized Ranking Platform for Web Search},
booktitle = {3rd International Conference Adaptive Hypermedia and Adaptive
Web-Based Systems (AH 2004)},
month = AUG,
year = 2004,
address = {Eindhoven, The Netherlands},
pages = {34--43},
ee = {http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{
\&}volume=3137{\&}spage=34},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {3137},
isbn = {3-540-22895-0},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {dbir},
url = {2004/2004_AH_PROS.pdf},
abstract = {Current search engines rely on centralized page ranking
algorithms
which compute page rank values as single (global) values for each Web page.
Recent work on topic-sensitive PageRank and personalized PageRank has
explored how to extend PageRank values with personalization aspects. To achieve
personalization, these algorithms need specific input: for example a set
of personalized hub pages with high PageRank to drive the computation. In this
paper we show how to automate this hub selection process and build upon the
latter
algorithm to implement a platform for personalized ranking.We start from the
set of bookmarks collected by a user and extend it to contain a set of hubs with
high PageRank related to them. To get additional input about the user, we
implemented
a proxy server which tracks and analyzes user’s surfing behavior and
outputs a set of pages preferred by the user. This set is then enrichened using
our
HubFinder algorithm, which finds related pages, and used as extended input for
the Pagerank algorithm. All algorithms are integrated into a prototype of a
personalized
Web search system, for which we present a first evaluation.}
}
@INPROCEEDINGS{DBLP:conf/esws/GavriloaieNOSW04,
author = {Rita Gavriloaie and
Wolfgang Nejdl and
Daniel Olmedilla and
Kent E. Seamons and
Marianne Winslett},
title = {No Registration Needed: How to Use Declarative Policies
and Negotiation to Access Sensitive Resources on the Semantic
Web},
booktitle = {1st European Semantic Web Symposium (ESWS 2004)},
month = MAY,
year = 2004,
address = {Heraklion, Crete, Greece},
pages = {342--356},
ee = {http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{
\&}volume=3053{\&}spage=342},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {3053},
isbn = {3-540-21999-4},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {policies,security,semanticWeb},
url = {2004/2004_ESWC_PeerTrust-NoRegistration.pdf},
abstract = {Gaining access to sensitive resources on the Web usually involves
an
explicit registration step, where the client has to provide a
predetermined set of information to the server. The registration
process yields a login/password combination, a cookie, or something
similar that can be used to access the sensitive resources. In this
paper we show how an explicit registration step can be avoided on the
Semantic Web by using appropriate semantic annotations, rule-oriented
access control policies, and automated trust negotiation. After
presenting the PeerTrust language for policies and trust negotiation,
we describe our implementation of implicit registration and
authentication that runs under the Java-based MINERVA Prolog engine.
The implementation includes a PeerTrust policy applet and evaluator,
facilities to import local metadata, policies and credentials, and
secure communication channels between all parties.}
}
@INPROCEEDINGS{DBLP:conf/la-web/ChiritaON03,
author = {Paul-Alexandru Chirita and
Daniel Olmedilla and
Wolfgang Nejdl},
title = {Finding Related Hubs and Authorities},
booktitle = {1st Latin American Web Congress (LA-WEB 2003), Empowering Our
Web},
month = NOV,
year = 2003,
address = {Santiago, Chile},
pages = {214--215},
ee = {http://csdl.computer.org/comp/proceedings/la-web/2003/2058/00/20580214abs.htm},
publisher = {IEEE Computer Society},
isbn = {0-7695-2058-8},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {conference},
category = {dbir},
url = {2003/2003_LaWeb_hubs.pdf}
}
|
Journals
@ARTICLE{tlt08-preferences,
author = {Philipp K{\"a}rger and
Daniel Olmedilla and
Fabian Abel and
Eelco Herder and
Wolf Siberski},
title = {What do you prefer? Using Preferences to Enhance Learning Technology},
journal = {IEEE Transactions on Learning Technologies},
volume = {1},
number = {1},
year = {2008},
kind = {journal},
category = {eLearning,semanticWeb},
url = {2008/2008-TLT-preferences.pdf},
abstract = {While the growing number of learning resources increases the choice for
learners on how, what and when to learn, it also makes it more and more difficult
to find the learning resources that best match the learners' preferences and needs.
The same applies to learning systems that aim to adapt or recommend suitable courses and learning resources
according to a learner's wishes and requirements. Improved representations for a
learner's preferences as well as improved search capabilities that take these
preferences into account leverage these issues. In this paper, we propose an approach
for selecting optimal learning resources based on preference-enabled queries.
A preference-enabled query does not only allow for hard constraints (like 'return
lectures about Mathematics') but also for soft constraints (such as 'I prefer a
course on Monday, but Tuesday is also fine') and therefore allow for a more
fine-grained representation of a learner's requirements, interests and wishes.
We show how to
exploit the representation of learner's wishes and interests with preferences
and how to use preferences in order to find optimal learning resources. We
present the Personal Preference Search Service~(PPSS), which offers
significantly enhanced search capabilities for learning resources
by taking the learner's detailed preferences into account.}
}
@ARTICLE{tlt08-policies,
author = {Juri L. De Coi and
Philipp K\"arger and
Arne W. Koesling and
Daniel Olmedilla},
title = {Control your eLearning environment: Exploiting policies in an open infrastructure for lifelong learning},
journal = {IEEE Transactions on Learning Technologies},
volume = {1},
number = {1},
year = {2008},
kind = {journal},
category = {policies,eLearning},
url = {2008/2008-TLT-policies.pdf},
abstract = {Nowadays, people are in need for continuous learning in order to keep up to
date or to be upgraded in their job. An infrastructure for life-long learning
requires continuous adaptation to learners' needs and must also provide
flexible ways for students to use and personalize them. Controlling who can
access a document, specifying when a student may be contacted for interactive
instant messaging or periodical reminders in order to increase motivation for
collaboration are just some examples of typical statements that may be
specified by e.g., learners and learning management system administrators. This paper investigates how existing work in the area of policy representation and reasoning can be used in order to express these statements while at the same time obtaining the extra benefits policies provide (e.g., flexibility, dynamicity and interoperability). The paper analyzes existing policy languages and integrates one of them as part of a demonstration of its feasibility in providing more advanced and flexible eLearning environments.}
}
@ARTICLE{ijet08,
author = {Ivana Marenzi and
Elena Demidova and
Wolfgang Nejdl and
Daniel Olmedilla and
Sergej Zerr},
title = {Social Software for Lifelong Competence Development: Challenges and Infrastructure},
journal = {International Journal of Emerging Technologies in Learning (iJET)},
year = {2008},
volume = {3},
pages = {18---23},
kind = {journal},
category = {eLearning},
url = {2008/2008-IJET-LearnWeb-2.0.pdf},
abstract = {Within the TENCompetence project we aim to develop and integrate models and tools into an open source infrastructure for the creation, storage and exchange of learning objects, suitable knowledge resources as well as learning experiences. This contribution analyzes the potential of social software tools for providing part of the required functionality, as well as some challenges involved.}
}
@ARTICLE{ijai07,
author = {Daniel Burgos and
Eelco Herder and
Daniel Olmedilla},
title = {TENCompetence: Construyendo la Red Europea para el Desarrollo Continuo de Competencias},
journal = {Revista Iberoamericana de Inteligencia Artificial (IberoAmerican Journal of Artificial Intelligence)},
volume = {11},
number = {33},
year = {2007},
pages = {79--84},
kind = {journal},
category = {eLearning},
url = {2007/2007_IJAI_TENC.pdf},
abstract = {El proyecto TENCompetence (The European Network for Lifelong Competence Development) apoya a personas e instituciones europeas en el desarrollo de competencias profesionales más allá de la formación reglada oficial. El desarrollo de habilidades específicas y competencias laborales que enriquecen un curriculum y mejoran la valoración del individuo y sus capacidades profesionales centran el núcleo del proyecto. Como tal, existen dos áreas de trabajo principales: por un lado la implementación e integración de una estructura de servicios; por otro, la investigación de nuevas soluciones y técnicas a los problemas habituales en la materia. Específicamente, en referencia a la investigación, existen cuatro áreas complementarias de actuación, con diferente grado de granularidad: 1) Compartición y Administración de Recursos de Conocimiento, 2) Actividades y Unidades de Aprendizaje, 3) Programas de Desarrollo de Competencias, y 4) Redes para el Desarrollo de Competencias. Este artículo presenta los principales problemas encontrados en cada una de estas áreas y las técnicas de inteligencia artifical propuestas o en uso para resolverlos e impulsar el desarrollo contínuo de competencias dentro del proyecto TENCompetence.}
}
@ARTICLE{DBLP:journals/sigmod/FininKO06,
author = {Tim Finin and
Lalana Kagal and
Daniel Olmedilla},
title = {Report on the Models of Trust for the Web workshop ({MTW}'06).},
journal = {ACM SIGMOD Record},
volume = {35},
number = {4},
year = {2006},
pages = {54-56},
kind = {journal},
category = {security},
url = {2006/2006_SIGMOD_REC_MTW06.pdf},
ee = {http://doi.acm.org/10.1145/1228268.1228282},
bibsource = {DBLP, http://dblp.uni-trier.de}
}
@ARTICLE{DBLP:journals/ets/AsscheDMOSSTW06,
author = {Frans Van Assche and
Erik Duval and
David Massart and
Daniel Olmedilla and
Bernd Simon and
Stefan Sobernig and
Stefaan Ternier and
Fridolin Wild},
title = {Spinning Interoperable Applications for Teaching {\&} Learning
using the Simple Query Interface.},
journal = {Educational Technology {\&} Society. Special Issue (April 2006)
on Interoperability of Educational Systems},
volume = {9},
number = {2},
year = {2006},
pages = {51-67},
ee = {http://www.ifets.info/journals/9_2/5.pdf},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {journal},
category = {eLearning},
url = {2006/2006_JETS06_SQI.pdf},
abstract = {The Web puts a huge number of learning resources within reach of
anyone with Internet access. However, many valuable resources are difficult to
find due to the lack of interoperability among learning repositories. In order
to achieve interoperability, implementers require a common query framework. This
paper discusses a set of methods referred to as Simple Query Interface (SQI) as
a universal interoperability layer for educational networks. The methods
proposed can be used by a source for configuring and submitting queries to a
target system and retrieving results from it. The SQI interface can be
implemented in a synchronous or an asynchronous manner and is independent of
query languages and metadata schemas. In this paper SQI’s universal
applicability has been evaluated by more than a dozen implementations
demonstrated in three different case studies. SQI has been finalized as a
standard in the CEN/ISSS Learning Technologies Workshop. Latest developments of
SQI can be followed at http://www.prolearn-project.org/lori/.}
}
@ARTICLE{DBLP:journals/expert/StaabBLRWSDCHNOK04,
author = {Steffen Staab and
Bharat K. Bhargava and
Leszek Lilien and
Arnon Rosenthal and
Marianne Winslett and
Morris Sloman and
Tharam S. Dillon and
Elizabeth Chang and
Farookh Khadeer Hussain and
Wolfgang Nejdl and
Daniel Olmedilla and
Vipul Kashyap},
title = {The Pudding of Trust},
journal = {IEEE Intelligent Systems},
volume = {19},
number = {5},
year = 2004,
pages = {74--88},
ee = {http://doi.ieeecomputersociety.org/10.1109/MIS.2004.52},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {journal},
category = {policies,security},
url = {2004/2004_IISS_trust.pdf}
}
@ARTICLE{jime04,
author = {Bernd Simon and
Peter Dolog and
Zolt{\'a}n Mikl{\'o}s and
Daniel Olmedilla and
Michael Sintek},
title = {Conceptualising Smart Spaces for Learning},
journal = {Journal of Interactive Media in Education. Special Issue on the
Educational Semantic Web},
volume = {1},
year = 2004,
ee = {http://www-jime.open.ac.uk/2004/1/},
issn = {1365-893X},
kind = {journal},
category = {eLearning},
url = {2004/2004_JIME.pdf},
abstract = {Selecting appropriate learning services for a learner from the
large number of
heterogeneous knowledge sources is a complex and challenging task. This paper
presents the idea of Smart Spaces for Learning. A Smart Space for Learning is
defined as a distributed system (i.e. ``space'') that provides management
support for the ``smart'' retrieval and consumption of heterogeneous learning
services via Personal Learning Assistants. Personalisation and system
interoperability play an important role for the realisation of a Smart Space for
Learning. In this paper we illustrate and discuss how Semantic Web technologies
such as RDF, TRIPLE, QEL and ontologies can be applied to create a Smart Space
for Learning.}
}
@ARTICLE{digicult04,
author = {Peter Dolog and
Barbara Kieslinger and
Zolt{\'a}n Mikl{\'o}s and
Daniel Olmedilla and
Bernd Simon},
title = {Creating Smart Spaces for Learning},
journal = {Journal of Technology Challenges for Digital Culture},
volume = {7},
month = APR,
year = 2004,
issn = {1609-3941},
kind = {journal},
category = {eLearning},
url = {2004/2004_digicult_highres.pdf}
}
|
Books
@INPROCEEDINGS{DBLP:conf/rweb/BonattiO07,
author = {Piero A. Bonatti and
Daniel Olmedilla},
title = {Rule-Based Policy Representation and Reasoning for the Semantic
Web},
booktitle = {Reasoning Web, Third International Summer School 2007},
month = SEP,
year = {2007},
address = {Dresden, Germany},
pages = {240-268},
ee = {http://dx.doi.org/10.1007/978-3-540-74615-7_4},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {4636},
isbn = {978-3-540-74613-3},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {book},
category = {semanticWeb,policies,security},
url = {2007/2007_ReasoningWeb-policies.pdf},
abstract = {The Semantic Web aims at enabling sophisticated and autonomic machine to machine
interactions without human intervention, by providing machines not only with
data but also with its meaning (semantics). In this setting, traditional
security mechanisms are not suitable anymore. For example, identity-based access
control assumes that parties are known in advance. Then, a machine first
determines the identity of the requester in order to either grant or deny
access, depending on its associated information (e.g., by looking up its set of
permissions). In the Semantic Web, any two strangers can interact with each
other automatically and therefore this assumption does not hold. Hence, a
semantically enriched process is required in order to regulate an automatic
access to sensitive information. Policy-based access control provides
sophisticated means in order to support protecting sensitive resources and
information disclosure.
However, the term policy is often overloaded. A general definition might be ``a
statement that defines the behaviour of a system''. However, such a general
definition encompasses different notions, including security policies, trust
management policies, business rules and quality of service specifications,
just to name a few. Researchers have mainly focussed on one or more of such
notions separately but not on a comprehensive view. Policies are pervasive in
web applications and play crucial roles in enhancing security, privacy, and
service usability as well. Interoperability and self-describing semantics
become key requirements and here is where Semantic Web comes into play. There
has been extensive research on policies, also in the Semantic Web community,
but there still exist some issues that prevent policy frameworks from being
widely adopted by users and real world applications.
This document aims at providing an overall view of the state of the art
(requirements for a policy framework, some existing policy
frameworks/languages,
policy negotiation, context awareness, etc.) as well as open research issues
in the area (policy understanding in a broad sense, integration of trust
management, increase in system cooperation, user awareness, etc.) required to
develop a successful Semantic Policy Framework.}
}
@INCOLLECTION{book-sptmdm07,
author = {Daniel Olmedilla},
title = {Security and Privacy on the Semantic Web},
booktitle = {Security, Privacy and Trust in Modern Data Management},
series = {Data-Centric Systems and Applications},
editor = {Milan Petkovic and Willem Jonker},
publisher = {Springer},
year = {2007},
isbn = {978-3-540-69860-9},
kind = {book},
category = {semanticWeb,policies,security},
url = {2007/2007_book-sptmdm.pdf},
abstract = {The Semantic Web aims at enabling sophisticated and autonomic
machine to machine interactions without human intervention, by providing
machines not only with data but also with its meaning (semantics). In this
setting, traditional security mechanisms are not suitable anymore. For example,
identity-based access control assumes that parties are known in advance. Then, a
machine first determines the identity of the requester in order to either grant
or deny access, depending on its associated information (e.g., by looking up its
set of permissions). In the Semantic Web, any two strangers can interact with
each other automatically and therefore this assumption does not hold. Hence, a
semantically enriched process is required in order to regulate an automatic
access to sensitive information. Policy-based access control provide
sophisticated means in order to support protecting sensitive resources and
information
disclosure. This chapter provides an introduction to policy-based security and
privacy protection, by analyzing several existing policy languages. Furthermore,
it shows how these languages can be used in a number of Semantic Web scenarios.}
}
@INCOLLECTION{book-dds07,
author = {Grigoris Antoniou and
Matteo Baldoni and
Piero A. Bonatti and
Wolfgang Nejdl and
Daniel Olmedilla},
title = {Rule-Based Policy Specification},
booktitle = {Secure Data Management in Decentralized Systems},
volume = {33},
series = {Advances in Information Security},
editor = {Ting Yu and Sushil Jajodia},
publisher = {Springer},
year = {2007},
isbn = {978-0-387-27694-6},
kind = {book},
category = {semanticWeb,policies},
url = {2007/2007_bookDDMS_rule_policies.pdf},
abstract = {Policy-based access control is nowadays a common mechanism to
protect data in
distributed environments. However, the word policy has been given many different
meanings and is used in different contexts. This chapter gives an overview of
the existing approaches to logic- and rule-based system behavior specification
in the light of the peculiar needs of business and security rules.}
}
Proceedings
@PROCEEDINGS{DBLP:conf/semweb/2007peas,
editor = {Lalana Kagal and
Tim Finin and
Daniel Olmedilla},
title = {Proceedings of the ISWC'07 1st International Workshop on
Privacy Enforcement and Accountability with Semantics (PEAS)},
address = {Busan, Korea},
month = NOV,
year = 2007,
publisher = {CEUR-WS.org},
series = {CEUR Workshop Proceedings},
volume = {320},
kind = {proceeding},
category = {semanticWeb,security},
url = {http://www.l3s.de/~olmedilla/events/2007/PEAS07/},
pdf = {http://CEUR-WS.org/Vol-320/},
http = {2007/2007_PEAS_proceedings.pdf},
abstract = {The concept of information sharing has dramatically changed with the new digital
era. Handheld devices that could provide highly personal information about the
owner (e.g., RFID, GPS) are becoming more pervasive. Our use of the Web also
leads to the implicit sharing of information with others through our blogs,
websites, social networks, Semantic Desktop sharing, clickstream tracking, as
well as through the photographs, documents, and bookmarks we post on sites such
as Flickr, Zoomr, and Delicious. Disclosing information to third parties may
have unexpected consequences since a receiver of such information might easily
use, copy, and redistribute it in ways not intended for by the owner. Users must
understand the implications of using such devices or applications and providing
information to third parties. Even though users may prevent the direct
disclosure of sensitive information by an access control mechanism and the
information being leaked may not seem private, sensitive information may
revealed by inferences drawn from non-sensitive data and metadata. Examples
include identifying a user and providing her sensitive information through a
simple search engine query log, and retrieving medical data from sets of
anonymized records. Thus along with privacy enforcement, accountability is also
important because it may not always be possible to prevent third parties from
obtaining sensitive information but accountability helps ensure that this
information is used according to certain policies defined by the law or by the
owner.
The role of Semantic Web research in privacy and accountability is two-fold. On
the one hand, Semantic Web techniques may be used in order to provide advanced
privacy and accountability mechanisms. Using formal languages with well-defined
semantics in order to represent, reason about, and exchange such information
helps to make it non-ambiguously understood by others. Privacy ontologies,
sticky policies attached to data, accountability logics, and efforts such as the
Creative Commons are some examples. Semantic Web languages can also be used to
specify and track provenance of information, which is useful for accountability.
Representing information in Semantic Web languages can also prevent sensitive
information from being inferred by providing built in semantic models that can
be used to recognize some potential inference channels. Another possible way to
protect privacy is to disclose an appropriately generalized (or vague) answer to
a query. For example, the query ``where is John now'' might be answered with ``in
room ITE 329 on the UMBC Campus'' or ``on the UMBC campus'' or ``somewhere in
Maryland'' depending on John's privacy preferences and the identify of the
requester. Semantic Web languages provide a natural mechanism for generalization
through their subclass structuring. The second role of Semantic Web research in
this area is that privacy enforcement and accountability also apply to many
emergent Semantic Web research topics. As an example, semantic desktop sharing
poses questions about what to share, under which conditions, and how to control
the usage of such information in a way that the privacy of the user is not
violated. Understanding the new requirements that these scenarios pose is
crucial for the short-term research in the area.
This workshop brings together researchers interested in the field in order to
discuss and analyze important requirements and open research issues in this
context, taking into account both perspectives: how can Semantic Web techniques
help and which requirements arise from current Semantic Web research lines.}
}
@PROCEEDINGS{proceedingsSwpw06,
editor = {Piero A. Bonatti and
Li Ding and
Tim Finin and
Daniel Olmedilla},
title = {Proceedings of the ISWC'06 2nd International Semantic Web Policy
Workshop (SWPW)},
address = {Athens, Georgia, USA},
month = NOV,
year = 2006,
kind = {proceeding},
category = {semanticWeb,policies},
http = {http://www.l3s.de/~olmedilla/events/2006/SWPW06/},
url = {http://CEUR-WS.org/Vol-207/},
abstract = {Policies are pervasive in web applications. They play crucial
roles in enhancing
security, privacy and usability of distributed services, and indeed may
determine the success (or failure) of a web service. However, users will not be
able to benefit from these protection mechanisms unless they understand and are
able to personalize policies applied in such contexts. For web services this
includes policies for access control, privacy and business rules, among others.
There has been extensive research in the area, including the Semantic Web
community, but several aspects still exist that prevent policy frameworks from
widespread adoption and real world application like for example:
\begin{item}
\item Adoption of a broad notion of policy, encompassing not only access control
policies, but also privacy policies, business rules, quality of service, and
others.
\item Strong and lightweight evidence: Policies make decisions based on
properties of the peers interacting with the system. These properties may be
strongly certified by cryptographic techniques, or may be reliable to some
intermediate degree with lightweight evidence gathering and validation.
\item Policy-driven negotiations may be one of the main ingredients that can be
used to make heterogeneous peers effectively interoperate.
\item Lightweight knowledge representation and reasoning should also reduce the
effort to specialize general frameworks to specific application domains
\item Solutions like controlled natural language syntax for policy rules, to be
translated by a parser into the internal logical format, will definitively ease
the adoption of any policy language.
\item Cooperative policy enforcement: A secure cooperative system should
(almost) never say no. Whenever prerequisites for accessing a service are not
met, web applications should explain what is missing and help the user in
obtaining the required permissions.
\item Advanced explanation mechanisms are necessary to help users in
understanding policy decisions and obtaining the permission to access a desired
service.
\end{itemize}
This workshop will bring together researchers interested in the field in order
to discuss and analyze important requirements and open research issues in this
context, focusing on policies in general and their integration into trust
management frameworks, as well as on approaches to increase system cooperation,
usability and user-awareness of policy issues.}
}
@PROCEEDINGS{proceedingsL3ncd06,
editor = {Daniel Burgos and Martin Memmel and Daniel Olmedilla and Eric Ras and Stephan
Weibelzahl and Martin Wolpers},
title = {Proceedings of the EC-TEL'06 Joint International Workshop on Professional Learning, Competence
Development and Knowledge Management},
address = {Heraklion, Greece},
month = OCT,
year = 2006,
booktitle = {EC-TEL Joint International Workshop on Professional Learning,
Competence Development and Knowledge Management},
kind = {proceeding},
category = {eLearning},
url = {http://www.dfki.uni-kl.de/~memmel/ectel2006/},
pdf = {2006/2006_LOKMOL-L3NCD_proceedings.pdf},
abstract = {In many organizations most working processes are very knowledge
intensive and involve many people working at different locations and on
different tasks. The context in which people are working is changing constantly
through changing work processes, different tasks or problems to be solved, and
evolving technologies which are used at work. These facts require life-long
competence development. Competency development takes mostly place during
informal learning at the workplace. The learning process is characterized by
self-organized activities such as selecting the environment for learning (e.g.,
Internet), defining learning goals (e.g., related to a work problem), finding
and selecting content for learning (e.g., websites or colleagues), and following
a preferred learning path. Beside a continuous formal competence development,
sharing knowledge among members of the organizations and making ones knowledge
explicit for others is crucial. Working and learning takes place in a network of
people, tools, environments, and knowledge. These networks facilitate
interaction and communication The use of available e-Learning and Knowledge
Management applications in a network setting can help to address the challenge
of continuous competence development.
However, questions arise how these methodologies and technologies of the
different domains fit together in order to ensure that the learned can be
transferred to the workplace and to improve the performance of each individual?
How can we foster interaction and provide a personalized learning experience
according to the current situation and context (e.g., flexible guidance for
self-directed learning, adaptive content selection and structuring)? How can we
better use existing networks for competence development and how can we ensure
that learning goals are based on real-world needs? How can we engage learners
and actively involve them in the learning process through interaction?
This workshop is made out of two different calls for papers: LOKMOL
(Learner-Oriented Knowledge Management & KM-Oriented E-Learning) and L3NCD (Life
Long Learning Networks for Competence Development), based on the experience of
the European projects TENCompentence (\url{www.tencompetence.org}) and ProLearn
(\url{www.prolearn-project.org}). As a result of these two calls for papers,
LOKMOL and L3NCD bring together a common workshop providing a pool of
interesting and highly related topics: Professional Learning, Competence
Development and Knowledge Management.}
}
@PROCEEDINGS{DBLP:conf/mtw/2006,
editor = {Tim Finin and
Lalana Kagal and
Daniel Olmedilla},
title = {Proceedings of the WWW'06 Workshop on Models of Trust for
the Web},
address = {Edinburgh, Scotland, UK},
month = MAY,
year = 2006,
publisher = {CEUR-WS.org},
series = {CEUR Workshop Proceedings},
volume = {190},
kind = {proceeding},
category = {security},
bibsource = {DBLP, http://dblp.uni-trier.de},
http = {http://www.l3s.de/~olmedilla/events/MTW06_Workshop.html},
url = {http://ceur-ws.org/Vol-190},
pdf = {2006/2006_MTW_proceedings.pdf},
abstract = {``There are three types of lies - lies, damn lies, and facts
found on the Web.''\\
Dr. Tim Finin, paraphrasing the well known quotation by Benjamin Disraeli on
Statistics
As it gets easier to add information to the web via html pages, wikis, blogs,
and other documents, it gets tougher to distinguish accurate information from
inaccurate or untrustworthy information. A search engine query usually results
in several hits that are outdated and/or from unreliable sources and the user is
forced to go through the results and pick what she/he considers the most
reliable information based on her/his trust requirements. With the introduction
of web services, the problem is further exacerbated as users have to come up
with a new set of requirements for trusting web services and web services
themselves require a more automated way of trusting each other. Apart from
inaccurate or outdated information, we also need to anticipate Semantic Web Spam
(SWAM) -- where spammers publish false facts and scams to deliberately mislead
users. This workshop is interested in all aspects of enabling trust on the web.
This workshop will bring together researchers and experts from different
communities (e.g., Information Systems, Database, Semantic Web, Web Services)
interested in topics like trust, provenance, privacy, security, reputation and
spam, in order to address current challenges of their application to distributed
environments like the Web. The workshop will deliver a state-of-the-art
overview, successful research advances in the area as well as guidelines for
future research.}
}
@PROCEEDINGS{JETS06,
editor = {Daniel Olmedilla and
Nobuo Saito and
Bernd Simon},
title = {Educational Technology {\&} Society. Special Issue (April 2006)
on Interoperability of Educational Systems},
year = 2006,
volume = {9},
kind = {proceeding},
category = {eLearning},
url = {http://www.ifets.info/index.php?http://www.ifets.info/issues.php?id=31}
}
@PROCEEDINGS{wsInterop05,
editor = {Daniel Olmedilla and
Nobuo Saito and
Bernd Simon},
title = {Proceedings of the WWW'05 Workshop on Interoperability of
Web-Based Educational Systems},
address = {Chiba, Japan},
month = MAY,
year = 2005,
publisher = {CEUR-WS.org},
series = {CEUR Workshop Proceedings},
volume = {143},
kind = {proceeding},
category = {eLearning},
http = {http://www.l3s.de/~olmedilla/events/interoperability.html},
url = {http://CEUR-WS.org/Vol-143/},
pdf = {2005/2005_IWBES_proceedings.pdf}
}
@PROCEEDINGS{DBLP:conf/semweb/2004trust,
editor = {Jennifer Golbeck and
Piero A. Bonatti and
Wolfgang Nejdl and
Daniel Olmedilla and
Marianne Winslett},
title = {Proceedings of the ISWC'04 Workshop on Trust, Security,
and Reputation on the Semantic Web},
address = {Hiroshima, Japan},
month = NOV,
year = 2004,
publisher = {CEUR-WS.org},
series = {CEUR Workshop Proceedings},
volume = {127},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {proceeding},
category = {semanticWeb,security},
url = {http://CEUR-WS.org/Vol-127/},
pdf = {2004/2004_TSRSW04_proceedings.pdf}
}
Tutorials/Lectures
@MISC{lectureRewerseSS07,
author = {Piero A. Bonatti and
Daniel Olmedilla},
title = {Rule-Based Policy Representation and Reasoning for the Semantic Web},
howpublished = {Lecture at the Reasoning Web Summer School},
month = SEP,
year = {2007},
address = {Dresden, Germany},
kind = {tutorial},
category = {semanticWeb,policies,security},
url = {../presentations/2007/20070905_REWERSE_SS.ppt},
abstract = {The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines the identity of the requester in order to either grant or deny access, depending on its associated information (e.g., by looking up its set of permissions). In the Semantic Web, any two strangers can interact with each other automatically and therefore this assumption does not hold. Hence, a semantically enriched process is required in order to regulate an automatic access to sensitive information. Policy-based access control provides sophisticated means in order to support protecting sensitive resources and information disclosure.
However, the term policy is often overloaded. A general definition might be ``a
statement that defines the behaviour of a system''. However, such a general
definition encompasses different notions, including security policies, trust
management policies, business rules and quality of service specifications,
just to name a few. Researchers have mainly focussed on one or more of such
notions separately but not on a comprehensive view. Policies are pervasive in
web applications and play crucial roles in enhancing security, privacy, and
service usability as well. Interoperability and self-describing semantics
become key requirements and here is where Semantic Web comes into play. There
has been extensive research on policies, also in the Semantic Web community,
but there still exist some issues that prevent policy frameworks from being
widely adopted by users and real world applications.
This lecture aims at providing an overall view of the state of the art
(requirements for a policy framework, some existing policy frameworks/languages,
policy negotiation, context awareness, etc.) as well as open research issues
in the area (policy understanding in a broad sense, integration of trust
management, increase in system cooperation, user awareness, etc.) required to
develop a successful Semantic Policy Framework.}
}
@MISC{lectureTencWS07,
author = {Daniel Olmedilla and
Wolf Siberski},
title = {Introduction to the Semantic Web},
howpublished = {Lecture at the {TENC}ompetence Winter School},
month = JAN,
year = {2007},
address = {Innsbruck, Austria},
kind = {tutorial},
category = {semanticWeb,eLearning},
url = {http://www.l3s.de/~olmedilla/events/2007/TENCWS_Lecture.html},
abstract = {The Semantic Web envisions a new generation Web where data is self describable, where implicit knowledge may be inferred and where agents may autonomously work on our behalf. This session intends to provide a gentle introduction to the Semantic Web from both theoretical and practical perspective. We will introduce the limitations of the current Web and describe some of the basic concepts and languages of the Semantic Web including RDF/S models and SPARQL query language. After these, a more advanced look into the Semantic Web potential will be given by exploring SPARQL queries with preferences as well as some basic reasoning techniques (e.g., based on Description Logics) and the languages associated (e.g., OWL).}
}
@MISC{tutorialRuleml06,
author = {Piero A. Bonatti and
Daniel Olmedilla},
title = {Semantic Web Policies: Where are we and What is still
missing?},
howpublished = {Tutorial at the 2nd {RuleML} International Conference},
month = NOV,
year = {2006},
address = {Athens, Georgia, USA},
kind = {tutorial},
category = {semanticWeb,policies,security},
url = {../presentations/2006/20061110_RULEML_Tutorial_Policies.pdf},
abstract = {The term policy is often overloaded. A general definition
might be ``a statement
that defines the behaviour of a system''. However, such a general definition
encompasses different notions, including security policies, trust management
policies, business rules and quality of service specifications, just to name a
few. Researchers have mainly focussed on one or more of such notions separately
but not on a comprehensive view. Policies are pervasive in web applications and
play crucial roles in enhancing security, privacy, and service usability as
well. Interoperability and self-describing semantics become key requirements and
here is where Semantic Web comes into play. There has been extensive research on
policies, also in the Semantic Web community, but there still exist some issues
that prevent policy frameworks from being widely adopted by users and real world
applications.
This tutorial aims at providing an overall view of the state of the art
(requirements for a policy framework, existing policy frameworks/languages,
policy negotiation, context awareness, etc.) as well as open research issues in
the area (policy understanding in a broad sense, integration of trust
management, increase in system cooperation, userawareness, etc.) required to
develop a successful Semantic Policy Framework.}
}
@MISC{tut-eswc06,
author = {Piero A. Bonatti and
Daniel Olmedilla},
title = {Semantic Web Policies: Where are we and What is still
missing?},
howpublished = {Tutorial at the European Semantic Web Conference (ESWC)},
month = JUN,
year = {2006},
address = {Budva, Montenegro},
kind = {tutorial},
category = {policies,security,semanticWeb},
url = {http://www.l3s.de/~olmedilla/events/2006/ESWC06/ESWC06_Tutorial.html},
abstract = {The term policy is often overloaded. A general definition
might be ``a statement
that defines the behaviour of a system''. However, such a general definition
encompasses different notions, including security policies, trust management
policies, business rules and quality of service specifications, just to name a
few. Researchers have mainly focussed on one or more of such notions separately
but not on a comprehensive view. Policies are pervasive in web applications and
play crucial roles in enhancing security, privacy, and service usability as
well. Interoperability and self-describing semantics become key requirements and
here is where Semantic Web comes into play. There has been extensive research on
policies, also in the Semantic Web community, but there still exist some issues
that prevent policy frameworks from being widely adopted by users and real world
applications.
This tutorial aims at providing an overall view of the state of the art
(requirements for a policy framework, existing policy frameworks/languages,
policy negotiation, context awareness, etc.) as well as open research issues in
the area (policy understanding in a broad sense, integration of trust
management, increase in system cooperation, userawareness, etc.) required to
develop a successful Semantic Policy Framework.}
}
Workshops
@INPROCEEDINGS{08-sdm-preferences,
author = {Philipp K{\"a}rger and
Daniel Olmedilla
and Wolf-Tilo Balke},
title = {Exploiting Preferences for Minimal Credential Disclosure in Policy-Driven Trust Negotiations},
booktitle = {VLDB Workshop on Secure Data Management (SDM)},
month = AUG,
year = 2008,
address = {Auckland, New Zealand},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
kind = {workshop},
category = {policies,security},
url = {2008/2008-SDM-preferences.pdf},
abstract = {Business processes in open distributed environments such as the
Web force users to interact with other parties be it users or companies even if
they have never had any common transaction in the past. Policy-driven trust
negotiations emerged in order to address these situations. But although many
policy languages and protocols have been defined, the problem of deciding which
credential disclosure set to choose from those that possibly make a negotiation
succeed is still subject of research. This paper explores the use of qualitative
preferences in order to solve the problem and exploits the recently introduced
notions of amalgamated and incremented preferences in order to allow for automated
decisions which negotiations are preferred by the user. Our solution eases
the task for the user of selection among all possible negotiations by removing
irrelevant alternatives and it may even automatize negotiations that otherwise
would require manual intervention.}
}
@INPROCEEDINGS{DBLP:conf/semweb/IoannouCKON07,
author = {Ekaterini Ioannou and
Juri Luca De Coi and
Arne Wolf Koesling and
Daniel Olmedilla and
Wolfgang Nejdl},
title = {Access Control for Sharing Semantic Data across Desktops},
booktitle = {1st International Workshop on
Privacy Enforcement and Accountability with Semantics (PEAS)},
month = NOV,
year = {2007},
address = {Busan, Korea},
ee = {http://ceur-ws.org/Vol-320/paper4.pdf},
bibsource = {DBLP, http://dblp.uni-trier.de},
publisher = {CEUR-WS.org},
series = {CEUR Workshop Proceedings},
volume = {320},
kind = {workshop},
category = {policies,security,semanticWeb},
url = {2007/2007_PEAS_desktop_policies.pdf},
abstract = {Personal Information Management (PIM) systems aim to provide
convenient access to all data and metadata on a desktop to the user
itself as well as the co-workers. Obviously, sharing desktop data with
co-workers raises privacy and access control issues which have to be addressed.
In this paper we discuss these issues, and present appropriate
solutions. In line with the architecture of current PIM systems,
our solutions cover all semantic data shared in such a context, i.e. all
desktop resources as well as other data structures created by the system,
such as metadata in an RDF store and inverted index entries created for
efficient textual search. We discuss different kinds of policies to specify
protection for desktop data and metadata, and describe our access control
system to express and execute these policies efficiently. Additionally,
we describe the extension of an existing PIM system, Beagle++, with our
approach, as well as our experiments, with convincing results on performance
and scalability.}
}
@INPROCEEDINGS{manchesterpaper07,
author = {Elena Demidova and
Stefaan Ternier and
Daniel Olmedilla and
Erik Duval and
Michele Dicerto and
Krassen Stefanov and
Naiara Sacrist{\'a}n},
title = {Integration of Heterogeneous Information Sources into a Knowledge
Resource Management System for Lifelong Learning},
booktitle = {The 2nd TenCompetence Workshop: Service Oriented Approaches and Lifelong
Competence Development Infrastructures},
year = {2007},
address = {Manchester, United Kingdom},
month = JAN,
abstract = {Accessibility of learning information is still restricted due to the lack
of technical and semantic interoperability, locking in learning resources in
disconnected islands. A successful environment for competence development
and lifelong learning must be built on top of an infrastructure that maximizes
the amount of information available, integrating centralized repositories and
user desktop resources as well as emergent new applications. This paper
describes the vision and current efforts of the TENCompetence project towards
this goal as well as current collaboration with other initiatives like those being
performed by ARIADNE, describing the requirements and challenges towards
developing such an integrative knowledge resource management system on the
repository layer as well as on the service layer.},
kind = {workshop},
category = {eLearning},
url = {2007/2007_TENC_krms.pdf}
}
@INPROCEEDINGS{lnlcd06,
author = {Eelco Herder and
Arne Koesling and
Daniel Olmedilla and
Hans Hummel and
Judith Schoonenboom and
Ayman Moghnieh and
Luk Vervenne},
title = {European Lifelong Competence Development: Requirements and
Technologies for Its Realisation},
booktitle = {Workshop on Learning Networks for Lifelong Competence
Development},
month = MAR,
year = 2006,
address = {Sofia, Bulgaria},
kind = {workshop},
category = {eLearning},
url = {2006/2006_LNLCD_tencompetence_wp7.pdf},
abstract = {In the TenCompetence project, we aim to
address the growing need for lifelong development with an
open source framework for competence development
programmes. We envisage that the framework will be used
for formal, non-formal and informal learning activities;
learning units will be created and shared in a distributed
manner in learning networks, and peer-to-peer learning
activities will be highly important. In this paper, we give
an overview of the requirements and techniques needed to
achieve this goal. Methods for learner assessment are
needed for individualizing learning programmes. The
system should provide functionality to position the learner
in and around learning programmes, and to generate
personalized navigation paths that match the learner goal;
in addition, learners should be able to organize their
learning process and to communicate. We discuss several
existing tools and standards that may be used as a basis
for the framework.}
}
@INPROCEEDINGS{rewerse05,
author = {Piero A. Bonatti and
Grigoris Antoniou and
Matteo Baldoni and
Cristina Baroglio and
Claudiu Duma and
Norbert E. Fuchs and
Alberto Martelli and
Wolfgang Nejdl and
Daniel Olmedilla and
Viviana Patti and
Joachim Peer and
Nahid Shahmehri},
title = {The REWERSE View on Policies},
booktitle = {Semantic Web Policy Workshop in conjunction with 4th
International Semantic Web Conference},
month = NOV,
year = 2005,
address = {Galway, Ireland},
kind = {workshop},
category = {policies,semanticWeb},
url = {2005/2005_SWPW_REWERSE.pdf},
abstract = {In this position paper we outline the vision adopted by the
working group
on policies of the EU FP6 Network of Excellence REWERSE, IST-2004-506779.}
}
@INPROCEEDINGS{con05,
author = {Ionut Constandache and
Daniel Olmedilla and
Wolfgang Nejdl},
title = {Policy Based Dynamic Negotiation for Grid Services
Authorization},
booktitle = {Semantic Web Policy Workshop in conjunction with 4th
International Semantic Web Conference},
month = NOV,
year = 2005,
address = {Galway, Ireland},
kind = {workshop},
category = {policies,security},
url = {2005/2005_SWPW_Grid.pdf},
abstract = {Policy-based dynamic negotiations allow more flexible
authorization
in complex Grid environments, and relieve both users and
administrators from up front negotiations and registrations. This
paper describes how such negotiations overcome
current Grid authorization limitations, and how
policy-based negotiation mechanisms can be easily integrated into a
Grid infrastructure. Such an extension provides advanced access
control and automatic credential fetching, and can be integrated and
implemented in the new version 4.0 of the Globus Toolkit.}
}
@INPROCEEDINGS{bdos05,
author = {Piero A. Bonatti and
Claudiu Duma and
Daniel Olmedilla and
Nahid Shahmehri},
title = {An Integration of Reputation-based and Policy-based Trust
Management},
booktitle = {Semantic Web Policy Workshop in conjunction with 4th
International Semantic Web Conference},
month = NOV,
year = 2005,
address = {Galway, Ireland},
kind = {workshop},
category = {policies,security},
url = {2005/2005_SWPW_PolRep.pdf},
abstract = {Trust management is currently being tackled from two different
perspectives:
a ``strong and crisp'' approach, where decisions are founded on logical
rules and verifiable properties encoded in digital credentials, and a ``soft
and social'' approach, based on reputation measures gathered and shared by a
distributed community. We analyze the differences between the two models of
trust and argue that an integrated approach would improve significantly
trust management systems. We support our claim with real world
scenarios and illustrate how the two models are integrated in
\textsc{Protune}, the core policy specification language of the network of
excellence REWERSE.}
}
@INPROCEEDINGS{w3c-sws05,
author = {Rub{\'e}n Lara and
Daniel Olmedilla},
title = {Discovery and Contracting of Semantic Web Services},
booktitle = {W3C Workshop on Frameworks for Semantic in Web Services},
month = JUN,
year = 2005,
address = {Innsbruck, Austria},
kind = {workshop},
category = {otherCategory,security},
url = {http://www.w3.org/2005/04/FSWS/Submissions/20/Discovery_and_contracting.htm},
pdf = {2005/2005_W3C_Discovery_and_contracting.pdf},
abstract = { The automatic location of services that fulfill a given need is
recognized as a
key step towards dynamic and scalable integration. In order to achieve such
automation, a model that considers the dynamic aspects of service provision and
how they affect service descriptions, and that enables an efficient and accurate
discovery and contracting of relevant services, is required. In this paper we
propose such a model, paying special attention to the distinction between
services and Web services and how these two concepts relate to each other. The
border between Web service discovery and service contracting is discussed, and
what kind of descriptions can be expected at each step is analyzed. We outline
requirements on frameworks for semantic description of Web Services in the light
of our model, and propose techniques for realizing the dicovery and contracting
steps.}
}
@INPROCEEDINGS{sqi05,
author = {B. Simon and
D. Massart and
F. van Assche and
S. Ternier and
E. Duval and
S. Brantner and
D. Olmedilla and
Z. Mikl{\'o}s},
title = {A Simple Query Interface for Interoperable Learning
Repositories},
booktitle = {WWW Workshop on Interoperability of Web-Based Educational
Systems},
month = MAY,
year = 2005,
address = {Chiba, Japan},
publisher = {Technical University of Aachen (RWTH)},
series = {CEUR Workshop Proceedings},
volume = {143},
ee = {http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-143/},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {workshop},
category = {eLearning},
url = {2005/2005_IWBES_sqi.pdf},
abstract = {In order to achieve interoperability among learning repositories,
implementers require a common communication framework for
querying. This paper proposes a set of methods referred to as
Simple Query Interface (SQI) as a universal interoperability layer
for educational networks. The methods proposed can be used by a
source for configuring and submitting queries to a target system
and retrieving results from it. The SQI interface can be
implemented in a synchronous or an asynchronous manner. SQI
abstracts from query languages and metadata schemas. SQI has
been evaluated by several prototype implementations
demonstrating its universal applicability, and is on the way to
being standardized in the CEN/ISSS Learning Technologies
Workshop. The latest developments of SQI can be followed at
http://www.prolearn-project.org/lori/.}
}
@INPROCEEDINGS{interopP2P05,
author = {Daniel Olmedilla and
Matthias Palm{\'e}r},
title = {Interoperability for Peer-to-Peer Networks: Opening P2P to the
rest of the World},
booktitle = {WWW Workshop on Interoperability of Web-Based Educational
Systems},
month = MAY,
year = 2005,
address = {Chiba, Japan},
publisher = {Technical University of Aachen (RWTH)},
series = {CEUR Workshop Proceedings},
volume = {143},
ee = {http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-143/},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {workshop},
category = {eLearning},
url = {2005/2005_IWBES_proxies.pdf},
abstract = {Due to the information growth, distributed environments are
offered as a
feasible and scalable solution where Peer-to-Peer networks have become more
relevant. They bring many advantages as high flexibility for peers to join or
leave the network dynamically, scalability, autonomy and high resilience against
peer failures. However, the use of proprietary interfaces within the network and
the requirement that peers must implement them to join makes P2P networks unable
to interact with other systems and environments, isolating the network as a
whole. In this paper, we report on a solution based on a proxy-based
architecture and semantic mappings in order to allow the sharing of content
between peers within a P2P network with content from other systems outside the
network.}
}
@INPROCEEDINGS{DBLP:conf/semweb/LeitheadNOSWYZ04,
author = {Travis Leithead and
Wolfgang Nejdl and
Daniel Olmedilla and
Kent E. Seamons and
Marianne Winslett and
Ting Yu and
Charles C. Zhang},
title = {How to Exploit Ontologies for Trust Negotiation},
booktitle = {ISWC Workshop on Trust, Security, and Reputation on the Semantic
Web},
month = NOV,
year = 2004,
address = {Hiroshima, Japan},
publisher = {Technical University of Aachen (RWTH)},
series = {CEUR Workshop Proceedings},
volume = {127},
ee = {http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-127/},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {workshop},
category = {semanticWeb,policies,security},
url = {2004/2004_TSRSW04_onto.pdf},
abstract = {The World Wide Web makes it easy to share information and
resources,
but offers few ways to limit the manner in which these resources are
shared. The specification and automated enforcement of
security-related policies offer promise as a way of providing
controlled sharing, but few tools are available to assist in policy
specification and management, especially in an open system such as
the Web, where resource providers and users are often strangers to
one another and exact and correct specification of policies will be
crucial. In this paper, we propose the use of ontologies to simplify
the tasks of policy specification and administration, and to avoid
several information leakage problems in run-time trust management in
open systems.}
}
@INPROCEEDINGS{DBLP:conf/sdmw/NejdlOW04,
author = {Wolfgang Nejdl and
Daniel Olmedilla and
Marianne Winslett},
title = {PeerTrust: Automated Trust Negotiation for Peers on the Semantic
Web},
booktitle = {VLDB Workshop on Secure Data Management (SDM)},
month = AUG,
year = 2004,
address = {Toronto, Canada},
pages = {118--132},
ee = {http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{
\&}volume=3178{\&}spage=118},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {3178},
isbn = {3-540-22983-3},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {workshop},
category = {policies,security,semanticWeb},
url = {2004/2004_SDM_trust.pdf},
abstract = {Researchers have recently begun to develop and investigate policy
languages to describe trust and security requirements on the Semantic
Web. Such policies will be one component of a run-time system that
can negotiate to establish trust on the Semantic Web. In this paper,
we show how to express different kinds of access control policies and
control their use at run time using PeerTrust, a new approach to trust
establishment. We show how to use distributed logic programs
as the basis for PeerTrust's simple yet expressive policy and trust
negotiation language, built upon the rule layer of the Semantic Web
layer cake. We describe the PeerTrust language based upon distributed
logic programs, and compare it to other approaches to
implementing policies and trust negotiation. Through examples, we show
how PeerTrust can be used to support delegation, policy protection and
negotiation strategies in the ELENA distributed eLearning
environment. Finally, we discuss related work and identify areas for
further research.}
}
@INPROCEEDINGS{DBLP:conf/semweb/OlmedillaLPL04,
author = {Daniel Olmedilla and
Rub{\'e}n Lara and
Axel Polleres and
Holger Lausen},
title = {Trust Negotiation for Semantic Web Services},
booktitle = {1st International Workshop on Semantic Web Services and Web
Process Composition (SWSWPC)},
month = JUL,
year = 2004,
address = {San Diego, CA, USA},
pages = {81--95},
ee = {http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{
\&}volume=3387{\&}spage=81},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {3387},
isbn = {3-540-24328-3},
bibsource = {DBLP, http://dblp.uni-trier.de},
kind = {workshop},
category = {policies,security},
url = {2004/2004_SWSWPC_trustServices.pdf},
abstract = {Semantic Web Services enable the dynamic discovery of services
based on a formal, explicit specification of the requester needs.
The actual Web Services that will be used to satisfy the
requester's goal are selected at run-time and, therefore, they are
not known beforehand. As a consequence, determining whether the
selected services can be trusted becomes an essential issue. In
this paper, we propose the use of the Peertrust language to decide
if trust can be established between the requester and the service
provider. We add modelling elements to the Web Service Modeling
Ontology (WSMO) in order to include trust information in the
description of Semantic Web Services. In this scenario, we discuss
different registry architectures and their implications for the
matchmaking process. In addition, we present a matching algorithm
for the trust policies introduced.}
}
@INPROCEEDINGS{peertrustGrid-04,
author = {Jim Basney and
Wolfgang Nejdl and
Daniel Olmedilla and
Von Welch and
Marianne Winslett},
title = {Negotiating Trust on the Grid},
booktitle = {2nd WWW Workshop on Semantics in P2P and Grid Computing},
month = MAY,
year = 2004,
address = {New York, USA},
kind = {workshop},
category = {policies,security},
url = {2004/2004_SP2PGC_negotiationOnTheGrid.pdf},
abstract = {Grids support dynamically evolving collections of
resources and users, usually spanning multiple administrative
domains. The dynamic and cross-organizational aspects of Grids introduce
challenging management and
policy issues for controlling access to Grid
resources. In this paper we show how to extend the Grid Security
Infrastructure to provide better support for the dynamic and
cross-organizational aspects of
Grid activities, by adding facilities for dynamic establishment
of trust between parties. We present the PeerTrust language for
access control policies, which is based on guarded distributed logic
programs, and show how to use PeerTrust to model common Grid trust
needs.}
}
Others
@TECHREPORT{policyReview07,
author = {Juri L. De Coi and
Daniel Olmedilla},
title = {A review of Trust Management, Security and Privacy Policy Languages},
institution = {L3S Research Center},
month = OCT,
year = 2007,
kind = {otherKind},
category = {policies,security},
url = {2007/2007_L3S_policyReview.pdf},
abstract = {Policies are a well-known approach to protecting security and privacy of users as well as for flexible trust
management in distributed environments. In the last years a number of policy languages were proposed to
address different application scenarios. In order to help both developers and users in choosing the language
best suiting her needs, policy language comparisons were proposed in the literature. Nevertheless available
comparisons address only a small number of languages, are either out-of-date or too narrow in order to provide
a broader picture of the research field. In this paper we consider twelve relevant policy languages and compare
them on the strength of ten criteria which should be taken into account in designing every policy language.
Some criteria are already known in the literature, others are introduced in our work for the first time.
By comparing the choices designers made in addressing such criteria, useful conclusions can be drawn about
strong points and weaknesses of each policy language.}
}
@PHDTHESIS{PhD-UAM-07,
author = {Daniel Olmedilla},
title = {Realizing Interoperability of E-Learning Repositories},
school = {Universidad Aut{\'o}noma de Madrid},
address = {Madrid, Spain},
year = {2007},
month = {May},
note = {Grade ``Summa Cum Laude''},
kind = {otherKind},
category = {eLearning},
abstract = {After the boom of Internet a huge amount of information is available on the Web.
Does that mean that users can easily and effectively find the specific
information they seek? The answer is no. For example, searchers successfully
find what they seek only 50\% of the time or less (and they spend 15\% to 35\%
of their time searching for information). This is due to the lack of
interoperability and information overload. On the one hand, a big portion of the
available information is not easily accessible for consumption but closed under
each information source where it is stored. Users may need to access each
information source individually in order to collect relevant information. On the
other hand, keyword based queries may return an difficult to manage number of
relevant results therefore showing the need for more accurate query languages
and sorting mechanisms.
This document contributes to enhance the overall interoperability perspective in
current e-learning management systems and on-line learning object repositories
as well as each of the steps which need to be followed towards achieving such a
goal, namely common query language, common schema, semantic integration and
ranking. This work improves or overcomes the main challenges for
interoperability in order to enhance existing approaches and increase their
efficiency and effectiveness from both the provider's and consumer's
perspective.}
}
@TECHREPORT{tnsimulations06,
author = {Arne Wolf Koesling and
Daniel Olmedilla},
title = {Adopting Trust Negotiations: To Negotiate or Not To Negotiate?},
institution = {L3S Research Center},
month = NOV,
year = 2006,
kind = {otherKind},
category = {policies,security},
url = {2006/2006_L3S_TN_simulations.pdf},
abstract = {Open distributed environments require that agents who
are not known to each other must be able to interact. A new
authorization scheme called trust negotiation has emerged
allowing two strangers to iteratively and bilaterally establish
trust. This scheme has been applied to different environments
such as theWeb, P2P networks or Grid environments.
However, it is not yet clear what impact, implies its integration
into running systems what leads to a lack of adoption.
This papers investigates the overload produced by the integration
of trust negotiation techniques and shows how negotiations
might, under some assumptions, imply only a small
increase on the network use in comparison with the benefits
it provides.}
}
@TECHREPORT{tnmodel06,
author = {Juri L. De Coi and
Daniel Olmedilla},
title = {A Flexible Policy-Driven Trust Negotiation Model},
institution = {L3S Research Center},
month = NOV,
year = 2006,
kind = {otherKind},
url = {2006/2006_L3S_TNModel.pdf},
abstract = {Policy-driven negotiations are gaining interest among the research community. A
large number of policy languages with different expressiveness have been
developed in order to suit different scenarios. This paper summarizes the
general requirements a negotiation framework must cover and presents a flexible
negotiation model that addresses all these requirements and subsumes existing
models to date. An instantiation of this model and an architecture with reusable
components that integrates two existing trust negotiation languages (PeerTrust
and Protune) are provided.}
}
@TECHREPORT{neg_grid05,
author = {Ionut Constandache and
Daniel Olmedilla and
Frank Siebenlist and
Wolfgang Nejdl},
title = {Policy-driven Negotiation for Authorization in the Semantic
Grid},
institution = {L3S Research Center},
month = OCT,
year = 2005,
kind = {otherKind},
category = {policies,security},
url = {2005/2005_Tech_Report_grid_negotiation.pdf},
abstract = {As in many Grid Services deployments the clients and servers
reside in different
administrative domains, there is both a requirement to discover each other’s
authorization policy in order to be able to present the right assertions that
allow access, as well as to reveal as little as possible of the access policy
details to unauthorized parties. This paper describes a mechanism where the
client and servers are semantically annotated with policies that protect their
resources. These annotations specify both constraints and capabilities, which
are used during a negotiation to reason about and to communicate the need to see
certain credentials from the other party, and to determine whether requested
credentials can be obtained and revealed. The end result of the negotiation is a
state where either both parties have satisfied their policy constraints for a
subsequent interaction, or where such interaction is disallowed by either or
both. Furthermore, the implementation of a prototype is discussed that is based
on the PEERTRUST policy language and a reasoning engine, which are integrated in
the webservices runtime of the Globus Toolkit. The negotiation process is
facilitated through the implementation of WSRF-compliant service interfaces for
the protocol message exchanges.}
}
@TECHREPORT{rewerse-I2-D4,
author = {Piero Bonatti and
Daniel Olmedilla and
Joachim Peer},
title = {Advanced Policy Explanations},
institution = {Working Group I2, EU NoE REWERSE},
month = AUG,
year = 2005,
note = {\url{http://rewerse.net/deliverables/m18/i2-d4.pdf}},
kind = {otherKind},
category = {policies,semanticWeb},
url = {2005/2005_rewerseI2-D4.pdf},
abstract = {We argue that policy-aware systems can be effective only if:
(i)
common users---with no training in computer science or logic---become aware
of the policy applied by their system; (ii) common users can personalize
those policies; (iii) secure systems guide the user in getting the required
permissions (\emph{cooperative enforcement)}. Towards this end, we
introduce a mechanism for answering \emph{why, why-not, how-to}, and
\emph{what-if} queries. Our framework is \emph{lightweight} and
\emph{scalable} because it does not require any major effort when the
general framework is instantiated in a specific application domain, and most
of the computational effort can be delegated to the clients. Some novel
aspects in our approach: First, we adopt a \emph{tabled explanation
structure}, that simultaneously shows local and global (intra-proof and
inter-proof) information, thereby facilitating navigation. Second, we
introduce generic heuristics for removing irrelevant parts of the
derivations. Third, our heuristics do not require the complex machinery
needed by second-generation explanation systems, but have a comparable
quality.}
}
@BOOK{elena-D27,
editor = {Peter Dolog and
Wolfgang Nejdl and
Daniel Olmedilla},
title = {Schema Distribution and Evaluation Report (D2.7)},
publisher = {EU Elena Project},
month = MAY,
year = 2005,
note = {\url{http://www.elena-project.org/images/other/D2_7.PDF}},
kind = {otherKind},
category = {eLearning},
url = {2005/2005_elena_D2_7.pdf},
abstract = {In this report, we deal with the schema definitions for learning resources, learning
activities and learner profiles and their evaluation. The main motivation to define such
schemas is to provide basic means for communication between several service and
resource providers.}
}
@TECHREPORT{rewerse-I2-D2,
author = {Piero A. Bonatti and
Daniel Olmedilla},
title = {Policy Language Specification},
institution = {Working Group I2, EU NoE REWERSE},
month = FEB,
year = 2005,
note = {\url{http://rewerse.net/deliverables/m12/i2-d2.pdf}},
kind = {otherKind},
category = {policies,semanticWeb},
url = {2005/2005_rewerseI2-D2.pdf},
abstract = {This report's main goal is specifying syntax and semantics
of the core of \textsc{Protune}, the policy language and metalanguage of
\textsc{REWERSE}. The language can specify access control policies,
privacy policies, reputation-based policies, provisional policies,
and a class of business rules.
The document also specifies the architecture of a distributed policy-based
system, together with a suite of policy-related services.
It introduces some policy filtering methodologies needed for
negotiation semantics and query processing, and proves their properties in
terms of information preservation or loss.
We illustrate the language by means of numerous examples and outline a
refined use case list for verbalization (i.e., formulation in
controlled natural language) in the form of a representative list of
sample policies.}
}
@TECHREPORT{rewerse-I2-D1,
author = {P. A. Bonatti and
N. Shahmehri and
C. Duma and
D. Olmedilla and
W. Nejdl and
M. Baldoni and
C. Baroglio and
A. Martelli and
V. Patti and
P. Coraggio and
G. Antoniou and
J. Peer and
N. E. Fuchs},
title = {Rule-based Policy Specification: State of the Art and Future
Work},
institution = {Working Group I2, EU NoE REWERSE},
month = AUG,
year = 2004,
note = {\url{http://rewerse.net/deliverables/i2-d1.pdf}},
kind = {otherKind},
category = {policies,semanticWeb},
url = {2004/2004_rewerseI2-D1.pdf},
abstract = {This report provides an overview of the existing approaches to
logic and
rule-based system behavior specification in the light of the peculiar needs of
business and security rules. It identifies usage scenarios for rule based
policies in a semantic web context and it outlines the possible directions of
future research.}
}
@BOOK{elena-D23,
editor = {Peter Dolog and
Wolfgang Nejdl and
Daniel Olmedilla},
title = {Artefacts and Service Network v3 (D2.3)},
publisher = {EU Elena Project},
month = JUN,
year = 2004,
note = {\url{http://www.elena-project.org/images/other/D2_3_final.PDF}},
kind = {otherKind},
category = {eLearning},
url = {2004/2004_elena_D2_3.pdf},
abstract = {Smart Spaces for Learning are the next step towards the semantic web. In the ELENA
project we try to design and develop such smart learning spaces based on a peer-topeer
approach. According to this approach, the smart learning space can be seen as an
open network of peers which collaborate on finding appropriate learning services or
resources for specific persons.
In this document we address architecture descriptions of the service network and
several points of view for artefacts in that network. We address software components,
metadata and resource points of view to artefacts. The service network architecture is
based on Edutella framework. The advanced P2P exchange based on introducing
Super Peers is discussed. The network is discussed from the personalisation services
point of view as well. We give several possibilities (scenarios) for integration.
Interfaces as the main means for integration are discussed. For each considered
educational node the metadata artefacts and resource artefacts are described. We
describe the integration scenario implemented for each educational node.}
}
@TECHREPORT{peertrust03,
author = {Wolfgang Nejdl and
Daniel Olmedilla and
Marianne Winslett},
title = {PeerTrust: Automated Trust Negotiation for Peers on the Semantic
Web},
institution = {L3S Research Center},
month = NOV,
year = 2003,
kind = {otherKind},
category = {policies,security,semanticWeb},
url = {2003/2003_PeerTrust_ATN.pdf},
abstract = {Researchers have recently begun to develop and investigate policy
languages to describe trust and security requirements on the Semantic
Web. Such policies will be one component of
a run-time system that can negotiate to establish trust on the
Semantic Web. In this paper, we show how to express different kinds
of access control policies and control their use at run time using
PeerTrust, a new approach to trust establishment. We show how to use
guarded distributed logic programs as the basis for PeerTrust's simple
yet expressive policy and trust negotiation language, built upon the
rule layer of the Semantic Web layer cake. We describe the syntax and
semantics of GDLPs, and compare PeerTrust's language to other
approaches to implementing policies and trust negotiation. Through
examples, we show how PeerTrust can be used to support delegation,
policy protection and negotiation strategies. Finally, we discuss the
PeerTrust automated trust negotiation engine prototype implemented in
Prolog, and identify areas for further research.}
}
@MISC{TEA03,
author = {Daniel Olmedilla},
title = {Finding Hubs for Personalized Web Search. Different Ranks to
Different Users},
howpublished = {Tribunal de Estudios Avanzados (TEA). Universidad Aut{\'o}noma
de Madrid},
month = SEP,
year = 2003,
address = {Madrid, Spain},
kind = {otherKind},
category = {dbir},
url = {2003/2003_TEA.pdf}
}
This file has been partially generated by
bibtex2html
| |
|
Last update on
25-Dec-2007 9:50 PM
• Home
|
