Ronald Ashri, Terry Payne, Darren Marvin, Mike Surridge, and Steve Taylor
The move towards supporting more autonomous systems where decisions are made without direct user intervention, and more complex operating scenarios, where services from multiple organisations form temporary ties to solve particular problems, creates new security challenges. This paper argues that the answers, such as cryptographic mechanisms, with the ability to reason about security at the semantic level, using appropriate descriptions of security policies and the required tasks. Such reasoning can enable software entities aiming to interact to determine whether their respective security requirements and capabilities will allow them to proceed. Furthermore, it can support the enforcement of security policies based on the context of the interactions. We motivate the need for such reasoning about security through an example and discuss a set of requirements to support the implementation of a specialised security device, termed a Semantic Firewall.