Personalizing Situated Workflows for Pervasive Healthcare Applications

In this paper, we present an approach where a workflow system is combined with a policy-based framework for the specification and enforcement of policies for healthcare applications. In our approach, workflows are used to capture entitiespsila responsibilities and to assist entities in fulfilling them. The policy-based framework allows us to express authorisation policies to define the rights that entities have in the system, and event-condition-action (ECA) policies that are used to adapt the system to the actual situation. Authorisations will often depend on the context in which patientspsila care takes place, and our policies support predicates that reflect the environment. ECA policies capture events that reflect the current state of the environment and can perform actions to accordingly adapt the workflow execution. We show how the approach can be used for the Edema treatment and how fine-grained authorisation and ECA policies are expressed and used

State-of-the-art on evolution and reactivity

This report starts by, in Chapter 1, outlining aspects of querying and updating resources on the Web and on the Semantic Web, including the development of query and update languages to be carried out within the Rewerse project. From this outline, it becomes clear that several existing research areas and topics are of interest for this work in Rewerse. In the remainder of this report we further present state of the art surveys in a selection of such areas and topics. More precisely: in Chapter 2 we give an overview of logics for reasoning about state change and updates; Chapter 3 is devoted to briefly describing existing update languages for the Web, and also for updating logic programs; in Chapter 4 event-condition-action rules, both in the context of active database systems and in the context of semistructured data, are surveyed; in Chapter 5 we give an overview of some relevant rule-based agents frameworks

Dynamic deployment of context-aware access control policies for constrained security devices

Securing the access to a server, guaranteeing a certain level of protection over an encrypted communication channel, executing particular counter measures when attacks are detected are examples of security requirements. Such requirements are identi ed based on organizational purposes and expectations in terms of resource access and availability and also on system vulnerabilities and threats. All these requirements belong to the so-called security policy. Deploying the policy means enforcing, i.e., con guring, those security components and mechanisms so that the system behavior be nally the one speci ed by the policy. The deployment issue becomes more di cult as the growing organizational requirements and expectations generally leave behind the integration of new security functionalities in the information system: the information system will not always embed the necessary security functionalities for the proper deployment of contextual security requirements. To overcome this issue, our solution is based on a central entity approach which takes in charge unmanaged contextual requirements and dynamically redeploys the policy when context changes are detected by this central entity. We also present an improvement over the OrBAC (Organization-Based Access Control) model. Up to now, a controller based on a contextual OrBAC policy is passive, in the sense that it assumes policy evaluation triggered by access requests. Therefore, it does not allow reasoning about policy state evolution when actions occur. The modi cations introduced by our work overcome this limitation and provide a proactive version of the model by integrating concepts from action speci cation languages

Twelve Theses on Reactive Rules for the Web

Reactivity, the ability to detect and react to events, is an essential functionality in many information systems. In particular, Web systems such as online marketplaces, adaptive (e.g., recommender) systems, and Web services, react to events such as Web page updates or data posted to a server. This article investigates issues of relevance in designing high-level programming languages dedicated to reactivity on the Web. It presents twelve theses on features desirable for a language of reactive rules tuned to programming Web and Semantic Web applications

Knowledge Representation Concepts for Automated SLA Management

Outsourcing of complex IT infrastructure to IT service providers has increased substantially during the past years. IT service providers must be able to fulfil their service-quality commitments based upon predefined Service Level Agreements (SLAs) with the service customer. They need to manage, execute and maintain thousands of SLAs for different customers and different types of services, which needs new levels of flexibility and automation not available with the current technology. The complexity of contractual logic in SLAs requires new forms of knowledge representation to automatically draw inferences and execute contractual agreements. A logic-based approach provides several advantages including automated rule chaining allowing for compact knowledge representation as well as flexibility to adapt to rapidly changing business requirements. We suggest adequate logical formalisms for representation and enforcement of SLA rules and describe a proof-of-concept implementation. The article describes selected formalisms of the ContractLog KR and their adequacy for automated SLA management and presents results of experiments to demonstrate flexibility and scalability of the approach.Comment: Paschke, A. and Bichler, M.: Knowledge Representation Concepts for Automated SLA Management, Int. Journal of Decision Support Systems (DSS), submitted 19th March 200

Complex Actions for Event Processing

Automatic reactions triggered by complex events have been deployed with great success in particular domains, among others, in algorithmic trading, the automatic reaction to realtime analysis of marked data. However, to date, reactions in complex event processing systems are often still limited to mere modifications of internal databases or are realized by means similar to remote procedure calls. In this paper, we argue that expressive complex actions with support for composite work ows and integration of so called external actions are desirable for a wide range of real-world applications among other emergency management. This article investigates the particularities of external actions needed in emergency management, which are initiated inside the event processing system but which are actually executed by external actuators, and discuss the implications of these particularities on composite actions. Based on these observations, we propose versatile complex actions with temporal dependencies and a seamless integration of complex events and external actions. This article also investigates how the proposed integrated approach towards complex events and complex actions can be evaluated based on simple reactive rules. Finally, it is shown how complex actions can be deployed for a complex event processing system devoted to emergency management

Event notification services: analysis and transformation of profile definition languages

The integration of event information from diverse event notification sources is, as with meta-searching over heterogeneous search engines, a challenging task. Due to the complexity of profile definition languages, known solutions for heterogeneous searching cannot be applied for event notification. In this technical report, we propose transformation rules for profile rewriting. We transform each profile defined at a meta-service into a profile expressed in the language of each event notification source. Due to unavoidable asymmetry in the semantics of different languages, some superfluous information may be delivered to the meta-service. These notifications are then post-processed to reduce the number of spurious messages. We present a survey and classification of profile definition languages for event notification, which serves as basis for the transformation rules. The proposed rules are implemented in a prototype transformation module for a Meta-Service for event notification