Gathering experience in trust-based interactions

As advances in mobile and embedded technologies coupled with progress in adhoc networking fuel the shift towards ubiquitous computing systems it is becoming increasingly clear that security is a major concern. While this is true of all computing paradigms, the characteristics of ubiquitous systems amplify this concern by promoting spontaneous interaction between diverse heterogeneous entities across administrative boundaries [5]. Entities cannot therefore rely on a specific control authority and will have no global view of the state of the system. To facilitate collaboration with unfamiliar counterparts therefore requires that an entity takes a proactive approach to self-protection. We conjecture that trust management is the best way to provide support for such self-protection measures

Implementing Database Coordination in P2P Networks

We are interested in the interaction of databases in Peer-to-Peer (P2P) networks. In this paper we propose a new solution for P2P databases, that we call database coordination. We see coordination as managing semantic interdependencies among databases at runtime. We propose a data coordination model where the notions of Interest Groups and Acquaintances play the most crucial role. Interest groups support the formation of peers according to data models they have in common; and acquaintances allow for peers inter-operation. Finally, we present an architecture supporting database coordination and show how it is implemented on top of JXTA

An architecture and execution environment for component integration rules

The Integration Rules (IRules) project at Arizona State University (http://www.eas.asu.edu/~irules) is developing a declarative event-based approach to component integration. Integration rules are based on the concept of active database rules, providing an active approach for specifying event- driven activity in a distributed environment. The IRules project consists of a knowledge model that specifies the IRules Definition Language and an execution model that supports integration rule execution. This research focuses on the execution model and the architectural design parts of the IRules project. The main objective of this research is to develop a distributed execution environment for using integration rules in the integration of black-box components. In particular, this research will investigate the design of an architecture that supports the IRules semantic framework, the development of an execution model for rule and transaction processing, and the design of a rule processing algorithm for coordinating the execution of integration rules. This research will combine the distributed computing framework of Jini, the asynchronous event notification mechanism of the Java Message Service (JMS), and the distributed blocking access functionality of JavaSpaces to support active rule processing in a distributed environment. The limitations of the underlying Enterprise JavaBeans (EJB) component model pose transaction processing challenges for the integration process. This research will develop a suitable transaction model and processing logic to overcome the limitations of the underlying EJB component model. Furthermore, the architectural design will allow an easy extension of the system to accommodate other component models. This research is expected to contribute to nested rule and transaction processing for active rules that have not been previously addressed in distributed rule processing environments. The development of the IRules execution environment will also contribute to the use of distributed rule- based techniques for eventdriven component integration

State-of-the-art on evolution and reactivity

This report starts by, in Chapter 1, outlining aspects of querying and updating resources on the Web and on the Semantic Web, including the development of query and update languages to be carried out within the Rewerse project. From this outline, it becomes clear that several existing research areas and topics are of interest for this work in Rewerse. In the remainder of this report we further present state of the art surveys in a selection of such areas and topics. More precisely: in Chapter 2 we give an overview of logics for reasoning about state change and updates; Chapter 3 is devoted to briefly describing existing update languages for the Web, and also for updating logic programs; in Chapter 4 event-condition-action rules, both in the context of active database systems and in the context of semistructured data, are surveyed; in Chapter 5 we give an overview of some relevant rule-based agents frameworks

Continuous Process Auditing (CPA): an Audit Rule Ontology Approach to Compliance and Operational Audits

Continuous Auditing (CA) has been investigated over time and it is, somewhat, in practice within nancial and transactional auditing as a part of continuous assurance and monitoring. Enterprise Information Systems (EIS) that run their activities in the form of processes require continuous auditing of a process that invokes the action(s) speci ed in the policies and rules in a continuous manner and/or sometimes in real-time. This leads to the question: How much could continuous auditing mimic the actual auditing procedures performed by auditing professionals? We investigate some of these questions through Continuous Process Auditing (CPA) relying on heterogeneous activities of processes in the EIS, as well as detecting exceptions and evidence in current and historic databases to provide audit assurance

Towards a lightweight mobile semantic-based approach for enhancing interaction with smart objects

This work describes a semantic extension for a user-smart object interaction model based on the ECA paradigm (Event-Condition-Action). In this approach, smart objects publish their sensing (event) and action capabilities in the cloud and mobile devices are prepared to retrieve them and act as mediators to configure personalized behaviours for the objects. In this paper, the information handled by this interaction system has been shaped according several semantic models that, together with the integration of an embedded ontological and rule-based reasoner, are exploited in order to (i) automatically detect incompatible ECA rules configurations and to (ii) support complex ECA rules definitions and execution. This semantic extension may significantly improve the management of smart spaces populated with numerous smart objects from mobile personal devices, as it facilitates the configuration of coherent ECA rules

Towards alignment of architectural domains in security policy specifications

Large organizations need to align the security architecture across three different domains: access control, network layout and physical infrastructure. Security policy specification formalisms are usually dedicated to only one or two of these domains. Consequently, more than one policy has to be maintained, leading to alignment problems. Approaches from the area of model-driven security enable creating graphical models that span all three domains, but these models do not scale well in real-world scenarios with hundreds of applications and thousands of user roles. In this paper, we demonstrate the feasibility of aligning all three domains in a single enforceable security policy expressed in a Prolog-based formalism by using the Law Governed Interaction (LGI) framework. Our approach alleviates the limitations of policy formalisms that are domain-specific while helping to reach scalability by automatic enforcement provided by LGI