Transcript Document
Policy-Guided Interactions in
Ubiquitous Computing
Systems
A Dissertation Prospectus
V. Ramakrishna
Advisor: Dr. Peter Reiher
Laboratory for Advanced Systems Research
Department of Computer Science, UCLA
Proposal
Problem
Safe spontaneous
interoperation in
ubiquitous computing
without pre-established
trust relationships or
rigid protocols
Solution
A generic and flexible
negotiation protocol
guided by local policy
2
Outline
Problem Introduction
Proposed Solution
System Research Issues
Design Approach
Research Plan
Related and Complementary Research
3
Problem Introduction
4
Scenario – Web Service
I have
TIMEgive
to
Why
dotoINO
need
Come
think to
of it, I
readup
this
list
of
policies,
all this
info?
don’t really
need
all this
and I don’t know what
stuff he is promising!
they mean!
Web Client
News Service
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
5
Scenario – Conference Room
Allow display access to display only to attendees.
Allow access to printer only to journal subscribers.
No sound during presentations!
Advertise journal!
Internet
COMMITTEE MEMBER
PRIVILEGED ACCESS
Require: Web access,
PDA – CELL PHONE
Projector display, Printer.
Ring during emergency!
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
6
Scenario – Car on Freeway
Internet
Provide Internet
Connection service.
GPS
High bandwidth connection for streaming video
Monitor traffic for
the city.
Identity info, credit card
WiMAX BASE STATION
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
7
Motivations
Scenarios support limited ways of interaction
Ubicomp scenarios will have more variations
Rigid policies not desirable
Cannot guarantee pre-established security
relationships
Cannot enforce uniform interaction protocols
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
8
The Ubiquitous Computing
Vision
Computing services everywhere and
at any time
– Mark Weiser, 1991
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
9
Ubicomp Goals and Characteristics
PHYSICAL INTEGRATION
Coffee Shop
Personal Network
Grocery Time !
Characteristics
Decentralized control
Heterogeneity
Ad hoc interactions
SPONTANEOUS INTEROPERATION
Home Network
No Milk !
Internet
Video
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
10
Ubicomp Research
Mature research areas
• Seamless mobile networking
• Open systems and interfaces
• Smart space projects; e.g. Intelligent Room,
GAIA
Not enough consideration given to
• Bottom-up growth of infrastructure
• Security and privacy issues
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
11
Ubicomp Interoperation
Coffee Shop
Personal Network
Where
Connectivity?
Location?
is Bob?
ALICE
BOB
Grocery Time !
GPS
Nature and Purpose
Internet
Discovery of external services
Resource usage and access
Intertwined processes of
discovery and access control
No Milk !
Tell Alice.
Display Device?
Device Network
Device Device
Home Network
Video
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
12
Barriers to Interoperation
Concerns
Roadblocks
• Security and privacy
• Dynamism and context changes
• Middleware and security frameworks do not scale
• Cannot force particular architectures or security
•
preferences as standards
Cannot guarantee pre-established security
relationships
13
Problems and Challenges
Hard problems
•
•
Match service demands to local resources within
policy constraints and context
Reach flexible agreements in an automated fashion
Challenges in a ubicomp environment
•
•
•
•
Heterogeneous devices and communication features
Diversity in resources possessed and exported
Diversity in capabilities, desires and security policies
Huge number of contexts and context-sensitive
constraints that cannot be anticipated in advance
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
14
In Ubicomp Environments …..
Every device and every domain will
not support every service or protocol
All pairs of computing entities will not
be compatible
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
15
Drawbacks in Existing
Approaches
Based on rigid and static policies
Inadequate security and access control
models
• Cannot resolve all conflicts
• Falls short of autonomic computing
• Scalability and flexibility issues
• Lack of support for non-identity based trust
relationships
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
16
Proposed Solution
17
Service or application layer agreements
Based on policy
Through a process of negotiation
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
18
Platform and Assumptions
APPLICATIONS
Semantic Web
NEGOTIATION
SEMANTIC WEB
(RDF/XML)
TCP/IP
MAC
PHYSICAL
TCP/IP
MAC
PHYSICAL
Internet /
World Wide Web
TCP/IP
MAC
PHYSICAL
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
19
Policy-Based Management
Policy describes state and desired behavior
Governs all actions within bounded domains
Wide expressive power
Guides following system aspects
•
•
•
Resource management
Security and access control
Context awareness
Interactions between domains
•
•
Discovery and access are the constants
Policy is the only domain dependent variable
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
20
Thesis Summary
Enable negotiation-driven interaction
without:
• Pre-established trust relationships
• Common set of service access protocols
The negotiation protocol:
• Guided by local policy that constrains use
and export of services
• Relies on common resource semantics
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
21
Why Policy?
Minimum necessary for interaction and
agreement
Why not specialized applications?
• Difficult to make changes and to control
• Cannot anticipate all requirements and
•
contexts
Inter-modular dependencies difficult to handle
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
22
Interaction through Negotiation
Bidirectional stateful protocol
Strategic messaging
Constant re-evaluation of goals
Meta-policies and heuristics designed to
reach an agreement or compromise
A decentralized process of policy
resolution and conflict management
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
23
Negotiation model
D1
D2
R1
R2
P1
P2
S1
S2
Q1
Resources
R2
Q2
Applications
R1
Policies
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
24
Scenario – Conference Room
Allow display access to display only to attendees.
Allow access to printer only to journal subscribers.
No sound during presentations!
Advertise journal!
Internet
I have
REQUEST:
Sorry!
ACMI am
membership,
Display;
just OK
aWeb
Student
as
Access;
a Attendee
UCLA
Printer
student
COMMITTEE MEMBER
PRIVILEGED ACCESS
PERMISSION: Projector
display,
web
access
POLICY:
PROOF:
OFFER:
No
Committee
Privileged
sounds
permitted!
Member
access
OFFER: Journal membership for privileged access
Require: Web access,
PDA – CELL PHONE
Projector display, Printer.
Ring during emergency!
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
25
Research Contributions
Interoperation approached top-down
General purpose negotiation framework
Context-sensitive access control
Verification of security properties
Non-intrusive and autonomic
Enhances Panoply ubicomp middleware
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
26
System Research Issues
27
Protocol Structure
Flexibility
• Independent of application and domain
•
•
characteristics
Identify a tight set of common objects and
operations
Only task for users – write high level policies
Extensibility
Strike a useful balance by experimenting
with characteristic applications
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
28
Policy Language and Reasoning
Engine
An expressive policy language
Must be based on logic
• Support declarative cross-domain semantics
• Supports formal reasoning
Must manage conflicts and maintain
consistency
Support efficient indexing and retrieval
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
29
Candidate Logical Framework
First order logic
• Ontology includes objects and relationships
• Augment with deontic concepts
• Can be augmented (or restricted) to deal with
•
contextual and trust parameters
Reasoning framework and querying algorithms
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
30
Security Aspects
Key research aspects
•
•
Security benefits to ubicomp
Secure negotiation protocol from compromise
Security benefits
•
•
•
Concerns proper use of security mechanisms rather than
propose new ones
Promotes a paradigm that ensures safety is taken into
consideration before interaction
Allows static and dynamic detection of security conflicts
Protocol security
•
•
Cryptographic mechanisms, SSL, TLS
Can the nature of the protocol itself be used to compromise
security?
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
31
Trust and Access Control
Access control framework targets
•
•
Scalability and flexibility
Based on a general notion of trust
Trust model
•
•
•
Based on identity, provable relationships, properties and
actions
Domain and application independent
Provides heuristics to compare among choices and make
negotiation decisions
Negotiation is a way of doing fine-grained,
dynamic and context-sensitive access control
Can be used to build webs of trust
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
32
Negotiation Strategies and
Heuristics
Negotiation protocol
•
•
•
Series of messaging rounds
Directed towards a perceived goal
Strategies to choose among various options
• Eager and lazy: two extreme ends
Heuristics as decision-making aid
•
•
•
Compute and re-evaluate goals
Must work within policy constraints extrapolated to the
current context
Use trust and utility functions
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
33
Theoretical Aspects
Correctness
Completeness
Optimality
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
34
System Design Issues
Resource management, interfaces and
access mechanisms
Context Awareness
Performance
Fault tolerance and reliability
Working with low capability devices and
networks
Negotiation with legacy devices and software
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
35
Design, Implementation
and Evaluation
36
Panoply Ubicomp Infrastructure
Middleware for ubiquitous computing
Building and management of device
communities (spheres of influence)
Spheres of influence
•
•
•
•
Boundaries around sets of devices and resources
Criteria could be geography (physical location,
common LAN), tasks, social group
Scopes policy, which guides interactions
Communication based on an event model
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
37
Panoply Architecture
APPLICATIONS
PANOPLY
MIDDLEWARE
SPHERE MANAGER
POLICY MANAGER
OPERATING SYSTEM
NETWORK
My
Research
Associated
Research
External
Components
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
38
Policy Manager - Functional
View
Messaging Interface (To other system
components, remote computers)
FRONT END
Protocol State
Machine
Message
Multiplexer/De-multiplexer
Event Listener
CONTROLLER
Heuristics/Metrics
Security/Trust Model
Semantic Interpretation
of Messages
POLICY ENGINE
Knowledge engineering Mechanisms
(Forward Chaining, Backward Chaining,
Conflict Resolution, etc.)
Policy Database
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
39
Negotiation Protocol
Minimal number of message types
Protocol state machine
• Requests
• Offers
• Policies
• Based on message types
• Independent of message content
• Content interpreted by lower layers
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
40
Policy Model
Prolog used for writing policies
•
•
•
State information and rules written as
predicates
•
•
Subset of first order logic
Declarative syntax
Fast algorithms for logical reasoning
Designated predicates for high-level understanding
External functions (Java) for non-logical tasks
Develop richer ontology
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
41
Current Negotiation Model
Security model
• Permit actions or accesses in a conservative
manner
Negotiation goals and strategies
• Fixed goals and alternatives
• Fixed strategy, based on satisfaction of
relevant policies
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
42
Future Models
Trust model
Negotiation strategy
• Use advanced RBAC mechanisms
• Trust levels for comparison of alternatives
• Heuristics that allow risk-benefit analysis
• Use game-theoretic notions
• Utility model than can infer and compare
utilities of objects and actions
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
43
Implementation
Policy Manager
Description of entities, resources and
properties
• Implemented in Java
• Policy Engine based on SWI-Prolog
• XML and RDF
Security mechanisms
• X.509 certificates
• Panoply vouchers
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
44
Current Status
Basic policy manager implemented
•
•
•
Front end
•
•
Implements protocol state machine
Supports multiple threads
Policy engine
•
•
Query the policy database
Add, remove and replace statements
Controller
•
•
Adopts simple, cautious negotiation strategy
Requests, offers and checks for alternatives
Integrated within a Panoply sphere
•
Uses events for negotiation and to obtain and update state information
Principal task performed: Negotiate for membership within a
sphere
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
45
Research Plan
46
Basic Policy Manager and
Evaluation
Experiment with policy manager within
the Panoply context
• Performance evaluations
• Overhead measurements
• Scalability
• Explore benefits through applications
• Location sensitive interactive fiction
• LACMA gallery experience
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
47
Modeling Issues
Policy Language and Reasoning Engine
Trust Model
Resource Utility Model
Negotiation Strategy and Heuristics
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
48
Complete Policy Manager
Incorporate models into negotiation
heuristics
• Enhance controller with strategic decision
making capability
Augment spheres by adding
• Resources and services
• Context sensors
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
49
Analysis and evaluation
Generate real ubicomp scenarios
Theoretical Analysis
•
•
Correctness and completeness
Efficacy of strategies
Performance Evaluations
•
•
Overhead measurements
Scalability with respect to
• Policy database size
• Multi-session load
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
50
Evaluation of Success
Success of strategies and heuristics
• Compare initial set of requirements or desires
•
with the final result
Compare final result with optimal result
Security benefits
• Amount of risk taken, or compromises made
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
51
Dissertation Timeline
Milestone
Completion Date
Basic Policy Manager
July 2005
Evaluation of Basic Policy Manager
November 2005
Policy Language Enhancements
December 2005
Security, Trust and Utility Models
March 2006
Generalized Policy Manager
May 2006
Evaluation of Generalized Policy Manager
August 2006
Optimizations
October 2006
Writing Dissertation
March 2007
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
52
Related and Complementary
Research
53
Research Areas
Negotiation Protocols
Policy Languages
Ubiquitous Interoperation Middleware
Access Control and Trust
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
54
Protocols and Languages
Negotiation protocols
•
•
•
•
•
Goal: client-server transactions on the web
Conflicts result in failure
TrustBuilder [BYU,UIUC], PeerTrust
Service level negotiations in grid computing
•
SNAP [ISI]
Policy languages
•
•
•
Automated trust negotiation
Rei pervasive computing language
•
•
Cross-application semantics
Deontic concepts
Trust negotiation languages – PSPL, Keynote
XML-based web access control – XACML, TPL [IBM]
Semantic web ontology – DAML+OIL, OWL, SOUPA
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
55
Service Discovery and Access
Control Frameworks
Middleware for open systems
•
•
•
Ubicomp active space middleware – Hyperglue [MIT],
Cerberus [UIUC]
Service discovery – JINI, UPnP
Limited security features
Access Control
•
Advanced Role-Based Access Control Models
•
•
Generalized RBAC
Dynamic RBAC
Trust frameworks
•
•
SECURE project
•
•
Dynamic notion of trust
Trust evolution based on interaction history
Reputation frameworks
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
56
Conclusion
Existing means of interoperation are too rigid
and unsuitable for ubicomp
Identify flexible policy as the minimum
requirement
Negotiation can be automated using logicbased policy, trust and utility models
Applications can rely on the underlying system
to discover and access external resources with
minimal risk and adjusting with context
Promote a security-oriented approach towards
the design of intelligent spaces
57
Thank You
Relevant publications:
Kevin Eustice, Leonard Kleinrock, Shane Markstrum, Gerald Popek, V.
Ramakrishna and Peter Reiher, “Enabling Secure Ubiquitous Interactions,”
In the proceedings of the 1st International Workshop on Middleware for
Pervasive and Ad-Hoc Computing (in conjunction with Middleware 2003),
17th June 2003 in Rio de Janeiro, Brazil.
K. Eustice, L. Kleinrock, S. Markstrum, G. Popek, V. Ramakrishna and P.
Reiher, "Securing WiFi Nomads: The Case for Quarantine, Examination,
and Decontamination," Proceedings of the New Security Paradigms
Workshop (NSPW), 2003.
58
Conclusion
Existing means of interoperation are too rigid
and unsuitable for ubicomp
Identify flexible policy as the minimum
requirement
Negotiation can be automated using logicbased policy, trust and utility models
Applications can rely on the underlying system
to discover and access external resources with
minimal risk and adjusting with context
Promote a security-oriented approach towards
the design of intelligent spaces
59
Security Aspects
Key research aspects
•
•
What security benefits does a negotiation protocol provide to a
system offering ubiquitous services?
How do we secure the negotiation protocol itself from being
compromised?
Security benefits
•
•
•
Concerns proper use of security mechanisms rather than propose
new ones
Promotes a paradigm that ensures safety is taken into
consideration before interaction
Allows static and dynamic detection of security conflicts
Protocol security
•
•
Cryptographic mechanisms, SSL, TLS
Can the nature of the protocol itself be used to compromise
security?
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
60
Research Issues
Policy Expression and Reasoning
Security and Trust Model
Negotiation Heuristics and Strategies
Theoretical Issues
Systems Issues
• Protocol flexibility and extensibility
• Performance
• Fault tolerance and reliability
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
61
Thesis Proposal
A generic and flexible negotiation protocol
guided by local policy through which
devices and domains in ubicomp can
interoperate spontaneously
62
Outline
First slide – one line summary of the problem I am tackling
Ubicomp vision
•
•
•
What has been done
How it has been done
What is missing, or what needs to be seriously improved; i.e. motivation
My approach at a very high level, with the assumptions I make about the world
Everything about policy
•
•
•
•
How policy is useful in ubicomp situations
Domain-oriented view of world
Different categories of policies
Potential for conflicts with large number of policies, and the need for expressiveness, domain-independence,
well-defined semantics and reasoning mechanisms
Negotiation as a model for interactions
Examples:
•
•
Starbucks: current (simple model); then, with negotiation
Another example: maybe the home video example
List of benefits/research contributions
Research issues
Current design and implementation status
Research plan and timeline
Conclusion
63
Scenario
Bob’s PDA
DHCP Protocol
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
64
Scenario
REQUEST: Join network
REQUEST: High bandwidth connection
REQUEST: Printer access
Bob’s PDA
DEMAND: Email address
DEMAND: Accept pop-ups
(YES):
(NO):
Join
network,
No connectivity
get requested services
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
65
Ubicomp Interoperation
Nature and purpose of interoperation
Typical interactions
• Discovery of external services
• Access and usage of resources and data
• Service discovery and access control intertwined
• Mobile devices and wireless networks
• Direct communication between two devices
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
66
Assumptions
Common networking capability
Common understanding of objects at the
application layer
• Leverage Semantic Web research
• Common syntax, or annotations, using XML
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
67
Negotiation Model
Initial state
•
Each entity has a set of resources, policies and initial
requirements
Communication protocol
•
•
•
•
Exchange of messages that results in a maximal
satisfaction of requirements as constrained by the
policies
Messages include requests, offers, policy rules
Bi-directional protocol (after initial message)
Stateful protocol
68
Scenario
Join network, need ‘x’ bandwidth
Offer ‘y’ < ‘x’, OR ask for private info (email)
Certificates?, Privacy Policy?
Bob’s PDA
Certificates, Privacy Policy, Preferred Member incentive
Private info
Join permission (network configuration info), proxy info, Preferred Member voucher
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
69
Programming Languages
Operating Systems
My Research
Artificial Intelligence
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
70
More Issues
Systems Issues
• Performance (fast retrieval, fast path)
• Resource description and management
• Fault tolerance and reliability
• Scale to multi-party negotiation
• Context awareness
71
Beyond 2-party Negotiation
Multi-session negotiation
• (1 n) negotiation
• Handle dependencies among multiple
•
sessions
Scalability issues
Multi-party negotiation
• (n n) negotiation
• Similar dependency issues
• Additional distributed systems problems
72
Negotiation Protocol State
Machine
Trigger/Event to
Start Negotiation
STAR
T
Receive REQUEST(S)
INITIATE
Receive REQUEST(S)
Receive
OFFERS(S) / POLICIES
PROCESS
SERVICE
Send
REQUEST(S)
Send REQUEST(S) /
OFFERS(S) / POLICIES
EXPECT
Send REQUEST(S) /
OFFERS(S) / POLICIES
Send
TERMINATE Signal
Send
TERMINATE Signal
Receive
TERMINATE Signal /
TIMEOUT
STOP
Receive
OFFERS(S) / POLICIES
73
Implementation
Policy manager implemented in Java
Prolog used for writing policies
Policy Engine based on SWI-Prolog
• Subset of first order logic
• Declarative syntax
• Fast algorithms for logical reasoning
• Java-Prolog and Prolog-Java APIs
• Open source
• Meta-predicates
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
74
Implementation (continued)
Description of entities, resources, properties
Trust and Access Control Models
Negotiation goals and strategies
• XML and RDF
• Advanced RBAC models
• Fixed goals and alternatives
• Fixed strategy, based on satisfaction of relevant
policies
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
75
Current Status
Minimal policy manager almost done
• Negotiation protocol state machine
• Policy engine mechanisms to run queries and
•
return state and policy info
Controller negotiates by sending requests and
counter requests to till success/no progress is
possible
Next step – testing with Panoply spheres
76
System Optimizations and
Enhancements
Design modifications and enhancements
based on observed performance
• Fast path for quick decision making
• Emphasis on strategy that guarantees results
in real time
Multi-session negotiation
• Investigate inter-thread dependencies
• Investigate scaling properties of currently
used reasoning algorithms
77
Related Work
Automated trust Negotiation
•
•
Sequence of credential exchanges that result in
access granted/rejected for a resource
Meant for web transactions / not for dynamic
environments like ubicomp
Policy Languages
•
•
Mostly application specific
Rei – targeted for pervasive computing
Access Control Models
•
•
Certificates/Delegations
Generalized RBAC
78
Negotiation Protocols
Automated trust negotiation
•
•
•
•
Goal: client-server transactions on the web
Builds up proof of access through progressive
exchange of credentials
Conflicts result in failure
Examples: TrustBuilder [BYU,UIUC], PeerTrust
Service negotiation in grid computing
•
•
•
A decentralized framework for dynamic resource
allocation
Typically neglects security concerns
Example: SNAP [ISI]
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
79
Policy Languages
Rei policy language
•
•
•
Specially targeted towards pervasive computing and the
semantic web
Defined cross-application semantics
Incorporates deontic concepts like obligations and
permissions
Trust negotiation languages
•
•
Portfolio and Service Protection Language (PSPL)
KeyNote
Languages for access control on the web (XML-based)
•
•
Limited in expressiveness and support for negotiation
Examples: XACML, IBM’s TPL
Ontology for the semantic web
•
DAML+OIL, OWL, SOUPA
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
80
Ubiquitous Middleware
Active Space projects
• Examples: Hyperglue, Cerberus, Centaurus 2
• Generally manage resources and are context•
sensitive
Limited security and access control features
Service discovery frameworks
• Examples: Jini, UPnP
• Emphasis on open interfaces and easy
interoperation rather than security
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
81
Access Control and Trust
ACLs and capabilities
•
Not scalable or usable in dynamic conditions
Role-based Access Control
•
•
•
Not very flexible
Generalized RBAC (GRBAC)
Dynamic RBAC (dRBAC)
Trust
•
•
•
•
Fairly well-accepted concept in ubicomp
PolicyMaker
•
Credentials tied to permissions rather than identity
SECURE project
•
•
Dynamic notion of trust
Trust evolution based on interaction history
Reputation frameworks
Introduction – Solution – Research Issues – System Design – Research Plan – Related Work
82
Conclusion
Spontaneous ubiquitous interoperation poses
many challenges
•
Flexible process of reaching agreements
through negotiation
•
•
Mechanisms exist, but no frameworks
Policy management is the core
Trust and utility models
Existing research
•
•
Fails to address problem in its entirety, or
Produces domain-specific solutions
83