Lalana Kagal, Tim Berners-Lee, Dan Connolly, Daniel Weitzner
With policy management becoming popular as a means of providing flexible Web security, the number of policy languages being proposed for the Web is constantly increasing. We recognize the importance of policies for securing the Web and believe that the future will only bring more policy languages. We do not, however, believe that users should be forced to conform the description of their policy relationships to a single standard policy language. Instead there should be a way of encompassing different policy languages and supporting heterogeneous policy systems. As a step in this direction, we propose Rein, a policy framework grounded in Semantic Web technologies, which leverages the distributed nature and linkability of the Web to provide Web-based policy management. Rein provides ontologies for describing policy domains in a decentralized manner and provides an engine for reasoning over these descriptions, both of which can be used to develop domain and policy language specific security systems. We describe the Rein policy framework and discuss how a Rein policy management systems can be developed for access control in an online photo sharing application.
Subjects: 11.2 Ontologies; 1. Applications