Learn More
Gaining access to sensitive resources on the Web usually involves an explicit registration step, where the client has to provide a predetermined set of information to the server. The registration process yields a login/password combination , a cookie, or something similar that can be used to access the sensitive resources. In this paper we show how an(More)
We introduce the provisional trust negotiation framework PROTUNE, for combining distributed trust management policies with provisional-style business rules and access-control related actions. The framework features a powerful declarative metalanguage for driving some critical negotiation decisions, and integrity constraints for monitoring negotiations and(More)
The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in(More)
Grid computing allows sharing of services and resources ac-cross institutions. However, current Grid security mechanisms for au-thentication and authorization are too rigid and they lack the ability to determine how " trustworthy " the result obtained from a specific provider is likely to be. This paper describes the different facets associated to Trust and(More)
Semantic Web Services enable the dynamic discovery of services based on a formal, explicit specification of the requester needs. The actual Web Services that will be used to satisfy the requester's goal are selected at run-time and, therefore, they are not known beforehand. As a consequence, determining whether the selected services can be trusted becomes(More)
Semantic Web databases allow efficient storage and access to RDF statements. Applications are able to use expressive query languages in order to retrieve relevant metadata to perform different tasks. However , access to metadata may not be public to just any application or service. Instead, powerful and flexible mechanisms for protecting sets of RDF(More)
Policy-based access control is nowadays a common mechanism to protect data in distributed environments. However, the word policy has been given many different meanings and is used in different contexts. This chapter gives an overview of the existing approaches to logic-and rule-based system behavior specification in the light of the peculiar needs of(More)
Modeling competences is an integral part of many Human Resource (HR) and e-Learning related activities. HR departments use competence descriptions to define requirements needed for performing specific tasks or jobs. The same competences are acquired by employees and applicants by e.g. experience or certifications. Typically, HR departments need to match(More)
— Distributed Peer-to-Peer and Grid infrastructure require distributed access control mechanisms. These mechanisms can be implemented in distributed trust management infrastruc-tures and usually require reasoning on more than one peer, as soon as authority is delegated or requests involve several authorities. Building on previous work of the authors which(More)