Policies are pervasive in web applications. They play crucial roles in enhancing security, privacy and usability of distributed services, and indeed may determine the success (or failure) of a web service. However, users will not be able to benefit from these protection mechanisms unless they understand and are able to personalize policies applied in such contexts. For web services this includes policies for access control, privacy and business rules, among others. There has been extensive research in the area, including the Semantic Web community, but several aspects still exist that prevent policy frameworks from widespread adoption and real world application like for example:
- Adoption of a broad notion of policy, encompassing not only access control policies, but also privacy policies, business rules, quality of service, and others.
- Strong and lightweight evidence: Policies make decisions based on properties of the peers interacting with the system. These properties may be strongly certified by cryptographic techniques, or may be reliable to some intermediate degree with lightweight evidence gathering and validation.
- Policy-driven negotiations may be one of the main ingredients that can be used to make heterogeneous peers effectively interoperate.
- Lightweight knowledge representation and reasoning should also reduce the effort to specialize general frameworks to specific application domains
- Solutions like controlled natural language syntax for policy rules, to be translated by a parser into the internal logical format, will definitively ease the adoption of any policy language.
- Cooperative policy enforcement: A secure cooperative system should (almost) never say no. Whenever prerequisites for accessing a service are not met, web applications should explain what is missing and help the user in obtaining the required permissions.
- Advanced explanation mechanisms are necessary to help users in understanding policy decisions and obtaining the permission to access a desired service.
This workshop will bring together researchers interested in the field in order to discuss and analyze important requirements and open research issues in this context, focusing on policies in general and their integration into trust management frameworks, as well as on approaches to increase system cooperation, usability and user-awareness of policy issues.
Workshop topics include, but are not limited to, the following:
Rule-based Policy Specifications
- Natural-language and visual interfaces for policy languages
- Policy specifications and business rules
- Broad notion of policy
- Trust & Reputation Management
- Policy-Driven negotiations
- Ontologies for policies
- Policies & Semantic Grid
- Agents and policies
- Strong and lightweight evidence
- Conflict detection
- Validation & Verification
- Policy enforcement
- Digital Rights Management
Call for papers and paper submission
As well as full research papers describing completed research, we welcome position papers describing proposed research, as long as they are well-argued, fully-justified and contain some preliminary results. We also seek demonstration papers outlining practical work in this field.
Paper submissions must be formatted in the style of the Springer Publications format for Lecture Notes in Computer Science (LNCS). For complete details, see Springer's Author Instructions. Submissions must not exceed 15 pages for full (research) papers and 8 pages for demo, short or position papers, including all text, references, appendices, and figures. Submissions must be in Portable Document Format (PDF).
Papers should be submitted electronically via the SWPW EasyChair page. Questions can be sent to swpw@L3S.de.
- Submission deadline: August 14, 2006 (midnight GMT + 1)
- Notification for acceptance: September 10, 2006
- Camera ready due: September 20, 2006
A text version for e-mail distribution is available here: cfpSWPW06.txt
- Anne Anderson, Sun Microsystems
- Anupam Joshi, University of Maryland, Baltimore County
- Chris Bizer, FU Berlin
- Piero Bonatti, University of Naples
- Jeffrey M. Bradshaw, Florida IHMC
- Li Ding, Knowledge Systems Lab, Stanford University
- Naranker Dulay, Imperial College
- Tim Finin, University of Maryland, Baltimore County
- Lalana Kagal, MIT
- Jiangtao Li, Purdue University
- Brian LaMacchia, Microsoft
- Fabio Martinelli, National Research Council - C.N.R.
- Rebecca Montanari, University of Bologna
- Wolfgang Nejdl, L3S and University of Hannover
- Daniel Olmedilla, L3S and University of Hannover
- Norman Sadeh, Carnegie Mellon University
- Pierangela Samarati, University of Milano
- Kent Seamons, Brigham Young University
- William Winsborough, University of Texas at San Antonio