Publications sorted by: Event Type Category Year
 
Conferences Journals Books Proceedings Tutorials Workshops Others
 
Conferences

[1] Daniel Olmedilla, Enrique Frías-Martínez, and Rubén Lara. Mobile web profiling: A study of off-portal surfing habits of mobile users. In User Modeling, Adaptation, and Personalization, 18th International Conference (UMAP 2010), volume 6075 of Lecture Notes in Computer Science, pages 339-350, Big Island, HI, USA, June 2010. Springer. [ bib | .pdf ]
The World Wide Web has provided users with the opportunity to access from any computer the largest set of information ever existing. Researchers have analyzed how such users surf the Web, and such analysis has been used to improve existing services (e.g., by means of data mining and personalization techniques) as well as the generation of new ones (e.g., online targeted advertisement). In recent years, a new trend has developed by which users do not need a computer to access the Web. Instead, the low prices of mobile data connections allow them to access it anywhere anytime. Some studies analyze how users access the Web on their handsets, but these studies use only navigation logs from a specific portal. Therefore, very little attention (due to the complexity of obtaining the data) has been given to how users surf the Web (off-portal) from their mobiles and how that information could be used to build user profiles. This paper analyzes full navigation logs of a large set of mobile users in a developed country, providing useful information about the way those users access the Web. Additionally, it explores how navigation logs can be categorized, and thus users interest can be modeled, by using online sources of information such as Web directories and social tagging systems.

[2] Piero A. Bonatti, Philipp Kärger, and Daniel Olmedilla. Reactive policies for the semantic web. In 7th Extended Semantic Web Conference (ESWC), volume 6088 of Lecture Notes in Computer Science, pages 76-90, Heraklion, Crete, Greece, May 2010. Springer. [ bib | .pdf ]
Semantic Web policies are general statements defining the behavior of a system that acts on behalf of real users. These policies have various applications ranging from dynamic agent control to advanced access control policies. Although policies attracted a lot of research efforts in recent years, suitable representation and reasoning facilities allowing for reactive policies are not likewise developed. In this paper, we describe the concept of reactive Semantic Web policies. Reactive policies allow for the definition of events and actions, that is, they allow to define reactive behavior of a system acting on the Semantic Web. A reactive policy makes use of the tremendous amount of knowledge available on the Semantic Web in order to guide system behaviour while at the same time ensuring trusted and policy-compliant communication. We present a formal framework for expressing and enforcing such reactive policies in combination with advanced trust establishing techniques featuring an interplay between reactivity and agent negotiation. Finally, we explain how our approach was applied in a prototype which allows to define and enforce reactive Semantic Web policies on the Social Network and communication tool Skype.

[3] Sergej Zerr, Daniel Olmedilla, Juri Luca De Coi, Wolfgang Nejdl, Piero A. Bonatti, and Luigi Sauro. Policy based protection and personalized generation of web content. In Proceedings of the Latin American Web Conference (LA-WEB), pages 112-119, Merida, Mexico, November 2009. IEEE Computer Society. [ bib | .pdf ]
The World Wide Web offers easy sharing of information, but provides only few options for the protection of sensitive information and other sensitive resources. Traditional protection mechanisms rely on the characterization of requesters by identity, which works well in a closed system with a known set of users. Trust negotiation protocols have emerged as a solution for open environments such as the Web, in which parties may make connections and interact without being previously known to each other. In this paper we present an access control framework for the Web that not only provides advanced protection mechanisms for static resources but also personalized generation of content. Our approach separates security from the application logic, integrates a flexible and expressive policy language, enables (possibly automated) interactions with human and software agents, and boosts user awareness and cooperative enforcement of such policies.

[4] Sergej Zerr, Daniel Olmedilla, Wolfgang Nejdl, and Wolf Siberski. Zerber+r: top-k retrieval from a confidential index. In 12th International Conference on Extending Database Technology (EDBT/ICDT'09), volume 360 of ACM International Conference Proceeding Series, pages 439-449, Saint-Petersburg, Russia, March 2009. ACM. [ bib | .pdf ]
Privacy-preserving document exchange among collaboration groups in an enterprise as well as across enterprises requires techniques for sharing and search of access-controlled information through largely untrusted servers. In these settings search systems need to provide confidentiality guarantees for shared information while offering IR properties comparable to the ordinary search engines. Top-k is a standard IR technique which enables fast query execution on very large indexes and makes systems highly scalable. However, indexing access-controlled information for top-k retrieval is a challenging task due to the sensitivity of the term statistics used for ranking. In this paper we present Zerber+R - a ranking model which allows for privacy-preserving top-k retrieval from an outsourced inverted index. We propose a relevance score transformation function which makes relevance scores of different terms indistinguishable, such that even if stored on an untrusted server they do not reveal information about the indexed data. Experiments on two real-world data sets show that Zerber+R makes economical usage of bandwidth and offers retrieval properties comparable with an ordinary inverted index.

[5] Fabian Abel, Juri Luca De Coi, Nicola Henze, Arne Wolf Koesling, Daniel Krause, and Daniel Olmedilla. A user interface to define and adjust policies for dynamic user models. In Fifth International Conference on Web Information Systems and Technologies (WEBIST), pages 184-191. INSTICC Press, March 2009. [ bib | .pdf ]
A fine grained user-aware access control to user profile data is the key requirement for sharing user profiles among applications, and hence improves the effort of these systems massively. Policy languages like Protune can handle access restrictions very well but are too complicated to be specified by non-experts. In this paper, we identify policy templates and embed them into a user interface that enables users to specify powerful access policies and makes them aware of the current and future consequences of their policies.

[6] Piero A. Bonatti, Juri Luca De Coi, Daniel Olmedilla, and Luigi Sauro. Policy-driven negotiations and explanations: Exploiting logic-programming for trust management, privacy & security. In 24th International Conference on Logic Programming (ICLP 2008), volume 5366 of Lecture Notes in Computer Science, pages 779-784, Udine, Italy, December 2008. Springer. [ bib | .pdf ]
Traditional protection mechanisms rely on the characterization of requesters by identity. This is adequate in a closed system with a known set of users but it is not feasible in open environments such as the Web, where parties may get in touch without being previously known to each other. In such cases policy-driven negotiation protocols have emerged as a possible solution to enforce security on future web applications. Along with this setting, we illustrate Protune a system for specifying and cooperatively enforcing security and privacy policies (as well as other kinds of policies). Protune relies on logic programming for representing policies and for reasoning with and about them.

[7] Juri L. De Coi and Daniel Olmedilla. A review of trust management, security and privacy policy languages. In International Conference on Security and Cryptography (SECRYPT 2008). INSTICC Press, July 2008. [ bib | .pdf ]
Policies are a well-known approach to protecting security and privacy of users as well as for flexible trust management in distributed environments. In the last years a number of policy languages were proposed to address different application scenarios. In order to help both developers and users in choosing the language best suiting her needs, policy language comparisons were proposed in the literature. Nevertheless available comparisons address only a small number of languages, are either out-of-date or too narrow in order to provide a broader picture of the research field. In this paper we consider twelve relevant policy languages and compare them on the strength of ten criteria which should be taken into account in designing every policy language. Some criteria are already known in the literature, others are introduced in our work for the first time. By comparing the choices designers made in addressing such criteria, useful conclusions can be drawn about strong points and weaknesses of each policy language.

[8] Juri Luca De Coi, Daniel Olmedilla, Sergej Zerr, Piero A. Bonatti, and Luigi Sauro. A trust management package for policy-driven protection & personalization of web content. In IEEE International Policies for Distributed Systems and Networks (POLICY 2008), pages 228-230, Palisades, NY, USA, June 2008. IEEE Computer Society. [ bib | .pdf ]
This paper/demo presents an advanced approach to access control on the Web. It presents an easy deployable package that exploits emerging trust negotiation approaches by integrating them in a Web scenario. In such a scenario advance decisions can be made based on expressive conditions, including credentials exchanged among entities in order to establish enough trust to be granted access to a resource, while preserving the privacy of information released. In addition, policies can be used in scripting languages such as JSP in order to personalize dynamically generated content, based on locally stored information or requester information obtained through negotiations. Furthermore, using policies allows us to make use of many of the results in the area, including policy verification techniques and the use of our automatically generated natural language explanations describing i.e. the requirements to be satisfied before access to a resource is granted or why a previous attempt has been denied.

[9] Sergej Zerr, Elena Demidova, Daniel Olmedilla, Wolfgang Nejdl, Marianne Winslett, and Soumyadeb Mitra. Zerber: r-confidential indexing for distributed documents. In 11th International Conference on Extending Database Technology (EDBT 2008), volume 261 of ACM International Conference Proceeding Series, pages 287-298, Nantes,France, March 2008. ACM. [ bib | .pdf ]
To carry out work assignments, small groups distributed within a larger enterprise often need to share documents among themselves while shielding those documents from others' eyes. In this situation, users need an indexing facility that can quickly locate relevant documents that they are allowed to access, without (1) leaking information about the remaining documents, (2) imposing a large management burden as users, groups, and documents evolve, or (3) requiring users to agree on a central completely trusted authority. To address this problem, we propose the concept of r-confidentiality, which captures the degree of information leakage from an index about the terms contained in inaccessible documents. Then we propose the r-confidential Zerber indexing facility for sensitive documents, which uses secret splitting and term merging to provide tunable limits on information leakage, even under statistical attacks; requires only limited trust in a central indexing authority; and is extremely easy to use and administer. Experiments with real-world data show that Zerber offers excellent performance for index insertions and lookups while requiring only a modest amount of storage space and network bandwidth.

[10] Fabian Abel, Juri Luca De Coi, Nicola Henze, Arne Wolf Koesling, Daniel Krause, and Daniel Olmedilla. Enabling advanced and context-dependent access control in rdf stores. In 6th International Semantic Web Conference, 2nd Asian Semantic Web Conference, ISWC 2007 + ASWC 2007, volume 4825 of Lecture Notes in Computer Science, pages 1-14, Busan, Korea, November 2007. Springer. [ bib | .pdf ]
Semantic Web databases allow efficient storage and access to RDF statements. Applications are able to use expressive query languages in order to retrieve relevant metadata to perform different tasks. However, access to metadata may not be public to just any application or service. Instead, powerful and flexible mechanisms for protecting sets of RDF statements are required for many Semantic Web applications. Unfortunately, current RDF stores do not provide fine-grained protection. This paper fills this gap and presents a mechanism by which complex and expressive policies can be specified in order to protect access to metadata in multi-service environments.

[11] Juri L. De Coi and Daniel Olmedilla. A flexible policy-driven trust negotiation model. In 2007 IEEE/WIC/ACM International Conference on Intelligent Agent Technology, pages 450-453, Silicon Valley, CA, USA, November 2007. IEEE Computer Society. [ bib | .pdf ]
Policy-driven negotiations are gaining interest among the research community. A large number of policy languages with different expressiveness have been developed in order to suit different scenarios. This paper summarizes the general requirements a negotiation framework must cover and presents a flexible negotiation model that addresses all these requirements and subsumes existing models to date. An instantiation of this model and an architecture with reusable components that integrates two existing trust negotiation languages (PeerTrust and Protune) are provided.

[12] Juri L. De Coi, Philipp Kärger, Arne W. Koesling, and Daniel Olmedilla. Exploiting policies in an open infrastructure for lifelong learning. In 2nd European Conference on Technology Enhanced Learning (EC-TEL), volume 4753 of Lecture Notes in Computer Science, pages 26-40, Crete, Greece, Sep 2007. Springer. [ bib | .pdf ]
Nowadays, people are in need for continuous learning in order to keep up to date or be upgraded in their job. An infrastructure for lifelong learning requires continuous adaptation to learners needs and must also provide flexible ways for students to use and personalize them. Controlling who can access a document, specifying when a student may be contacted for interactive instant messaging or periodical reminders in order to increase motivation for collaboration are just some examples of typical statements that may be specified by e.g., learners and learning management system administrators. This paper shows how policies can represent a way of expressing these statements and describes the extra benefits of its adoption like flexibility, dynamicity and interoperability.

[13] Fabian Abel, Eelco Herder, Philipp Kärger, Daniel Olmedilla, and Wolf Siberski. Exploiting preference queries for searching learning resources. In 2nd European Conference on Technology Enhanced Learning (EC-TEL), volume 4753 of Lecture Notes in Computer Science, pages 143-157, Crete, Greece, Sep 2007. Springer. [ bib | .pdf ]
While the growing number of learning resources increases the choice for learners, it also makes it more and more difficult to find suitable courses. Thus, improved search capabilities on learning resource repositories are required. We propose an approach for learning resource search based on preference queries. A preference query does not only allow for hard constraints (like ’return lectures about Mathematics’) but also for soft constraints (such as ’I prefer a course on Monday, but Tuesday is also fine’). Such queries always return the set of optimal items with respect to the given preferences. We show how to exploit this technique for the learning domain, and present the Personal Preference Search Service (PPSS) which offers significantly enhanced search capabilities compared to usual search facilities for learning resources.

[14] Elena Demidova, Philipp Kärger, Daniel Olmedilla, Stefaan Ternier, Erik Duval, Michele Dicerto, Carlos Mendez, and Krassen Stefanov. Services for knowledge resource sharing & management in an open source infrastructure for lifelong competence development. In 7th IEEE International Conference on Advanced Learning Technologies (ICALT 2007), pages 691-693, Niigata, Japan, July 2007. IEEE Computer Society. [ bib | .pdf ]
Access to learning information is still restricted due to the lack of technical and semantic interoperability, locking knowledge resources in disconnected islands. This situation does not provide learners with a motivating environment in which to access and share learning information. In order to target emerging needs for lifelong competence development, a flexible and open source environment for management and sharing of knowledge resources must be built on top of an infrastructure that maximizes the amount of information available, therefore integrating centralised repositories and user desktop resources as well as emergent Web 2.0 applications. This paper describes the challenges and requirements that need to be addressed and presents a set of interfaces and our current implementation of the Knowledge Resource Sharing and Management service oriented architecture.

[15] Ionut Constandache, Daniel Olmedilla, and Frank Siebenlist. Policy-driven negotiation for authorization in the grid. In IEEE International Policies for Distributed Systems and Networks (POLICY 2007), pages 211-220, Bologna, Italy, June 2007. IEEE Computer Society. [ bib | .pdf ]
In many Grid services deployments, the clients and servers reside in different administrative domains. Hence, there is a requirement both to discover each other’s authorization policy, in order to be able to present the right assertions that allow access, and to reveal as little as possible of the access policy details to unauthorized parties. This paper describes a mechanism where the client and servers are semantically annotated with policies that protect their resources. These annotations specify both constraints and capabilities that are used during a negotiation to reason about and communicate the need to see certain credentials from the other party and to determine whether requested credentials can be obtained and revealed. The result of the negotiation is a state where both parties have satisfied their policy constraints for a subsequent interaction or where such interaction is disallowed by either or both. Furthermore, we present an implementation of a prototype, based on the PeerTrust policy language, and a reasoning engine that is integrated in the Web services runtime component of the Globus Toolkit. The negotiation process is facilitated through the implementation of WSRF-compliant service interfaces for protocol message exchanges.

[16] Juri L. De Coi, Eelco Herder, Arne Koesling, Christoph Lofi, Daniel Olmedilla, Odysseas Papapetrou, and Wolf Siberski. A model for competence gap analysis. In WEBIST 2007, Proceedings of the Third International Conference on Web Information Systems and Technologies: Internet Technology / Web Interface and Applications, Barcelona, Spain, Mar 2007. INSTICC Press. [ bib | .pdf ]
Modeling competences is an integral part of many Human Resource (HR) and e-Learning related activities. HR departments use competence descriptions to define requirements needed for performing specific tasks or jobs. The same competences are acquired by employees and applicants by e.g. experience or certifications. Typically, HR departments need to match such required and acquired competences in order to find suitable candidates. In e-Learning a similar situation arises. Curricula or training programmes need to describe prerequisites that must be fulfilled before joining and the competences that will be acquired after successful completion. This paper analyses the limitations and extends existing approaches for modeling competences in order to allow (semi-)automatic competence matching.

[17] Ingo Brunkhorst and Daniel Olmedilla. Interoperability for peer-to-peer networks: Opening p2p to the rest of the world. In Innovative Approaches for Learning and Knowledge Sharing, First European Conference on Technology Enhanced Learning (EC-TEL), volume 4227 of Lecture Notes in Computer Science, pages 45-60, Heraklion, Greece, Oct 2006. Springer. [ bib | .pdf ]
Due to the information growth, distributed environments are offered as a feasible and scalable solution. Peer-to-Peer (P2P) networks have become one of the most important and used distributed environments inside (and outside) the e-learning community. They bring many advantages such as high flexibility for peers to dynamically join or leave the network, scalability, autonomy and high resilience against peer failures. However, every single one of them typically uses an interface specifically developed for that network, and it requires every peer to implement it in order to join. This is leading to increased development costs for potentially new participants of the network, and usually makes different P2P networks unable to interact with other systems and environments, isolating the network as a whole. In this paper, we report on a solution based on a proxy-based architecture and semantic mappings in order to allow the sharing of content between the set of peers inside a P2P network and other systems outside the network. Furthermore, we present an open-source implementation of the modules described in the paper.

[18] Piero A. Bonatti, Daniel Olmedilla, and Joachim Peer. Advanced policy explanations on the web. In 17th European Conference on Artificial Intelligence (ECAI 2006), pages 200-204, Riva del Garda, Italy, Aug-Sep 2006. IOS Press. [ bib | .pdf ]
The frameworks for protecting security and privacy can be effective only if common users-with no training in computer science or logic-increase their awareness and control over the policy applied by the systems they interact with. Towards this end, we introduce a mechanism for answering why, why-not, how-to, and what-if queries on rule-based policies for trust negotiation. Our framework is lightweight and scalable but it fulfills the main goals of modern explanation facilities. We adopt a novel tabled explanation structure, that simultaneously shows local and global (intra-proof and inter-proof) information, thereby facilitating navigation. To focus answers in the trust negotiation domain, we introduce suitable heuristics for removing the irrelevant parts of the derivations.

[19] Bernd Simon, Stefan Sobernig, Fridolin Wild, Sandra Aguirre, Stefan Brantner, Peter Dolog, Gustaf Neumann, Gernot Huber, Tomaz Klobucar, Sascha Markus, Zoltán Miklós, Wolfgang Nejdl, Daniel Olmedilla, Joaquín Salvachúa, Michael Sintek, and Thomas Zillinger. Building blocks for a smart space for learningtm. In 6th IEEE International Conference on Advanced Learning Technologies (ICALT 2006), pages 309-313, Kerkrade, The Netherlands, July 2006. IEEE Computer Society. [ bib | .pdf ]
This case study summarizes the demonstration of a semantic network of interoperable educational systems referred to as Smart Space for Learning. We started connecting several educational nodes in projects such as Elena, Prolearn, and Icamp. Integration was achieved by using the interaction standard SQI, common schemas for querying and results presentation, and query exchange language, e.g. QEL. The paper particularly focuses on how heterogeneous nodes can be made interoperable by reusing generalizations of mediating components -building blocks for a Smart Space for Learning

[20] Miguel Alves, Carlos Viegas Damásio, Wolfgang Nejdl, and Daniel Olmedilla. A distributed tabling algorithm for rule based policy systems. In 7th IEEE Policies for Distributed Systems and Networks (POLICY 2006), pages 123-132, London, Ontario, Canada, June 2006. IEEE Computer Society. [ bib | .pdf ]
Distributed Peer-to-Peer and Grid infrastructure require distributed access control mechanisms. These mechanisms can be implemented in distributed trust management infrastructures and usually require reasoning on more than one peer, as soon as authority is delegated or requests involve several authorities. Building on previous work of the authors which formalized such a distributed trust management infrastructure based on distributed logic programs, we describe in this paper how reasoning can be implemented as distributed logic evaluation and how loops during this evaluation can be handled with. Our solution is based on a loop tolerant distributed tabling algorithm which includes in the process protection of sensitive policies and generation of proofs without increasing the complexity of the system.

[21] Piero A. Bonatti, Claudiu Duma, Norbert Fuchs, Wolfgang Nejdl, Daniel Olmedilla, Joachim Peer, and Nahid Shahmehri. Semantic web policies - a discussion of requirements and research issues. In 3rd European Semantic Web Conference (ESWC), volume 4011 of Lecture Notes in Computer Science, Budva, Montenegro, June 2006. Springer. [ bib | .pdf ]
Policies are pervasive in web applications. They play crucial roles in enhancing security, privacy and usability of distributed services. There has been extensive research in the area, including the Semantic Web community, but several aspects still exist that prevent policy frameworks from widespread adoption and real world application. This paper discusses important requirements and open research issues in this context, focusing on policies in general and their integration into trust management frameworks, as well as on approaches to increase system cooperation, usability and user-awareness of policy issues.

[22] Daniel Olmedilla, Omer F. Rana, Brian Matthews, and Wolfgang Nejdl. Security and trust issues in semantic grids. In Semantic Grid: The Convergence of Technologies, volume 05271 of Dagstuhl Seminar Proceedings. Internationales Begegnungs- und Forschungszentrum (IBFI), Schloss Dagstuhl, Germany, July 2005. [ bib | .pdf ]
Grid computing allows sharing of services and resources accross institutions. However, current Grid security mechanisms for authentication and authorization are too rigid and they lack the ability to determine how “trustworthy” the result obtained from a specific provider is likely to be. This paper describes the different facets associated to Trust and identifies the need for Trust Management approaches in the context of Virtual Organizations lifecycle and resource access control in the Grid.

[23] Stefaan Ternier, Daniel Olmedilla, and Erik Duval. Peer-to-peer versus federated search: towards more interoperable learning object repositories. In 2005 World Conference on Education, Multimedia, Hypermedia & Telecommunications (ED-MEDIA), Montreal, Canada, July 2005. Association for the Advancement of Computing in Education (AACE). [ bib | .pdf ]
This paper reports on our experiences in bridging the world of learning object repositories and peer-to-peer learning networks. More specifically, we have been developing interoperability 'bridges' between the ARIADNE Knowledge Pool System, a distributed client-server based learning object repository, and the Edutella peer-to-peer learning network. In our developments, we rely heavily on the rapidly maturing Simple Query Interface (SQI) standard. Our work not only demonstrates that it is possible to interconnect more centralized repositories and more distributed peer-to-peer approaches. We also clarify how these two approaches are complementary. Unifying the two paradigms for learning object management and access will help to accelerate the evolution towards a critical mass of easily available, relevant learning objects of high quality.

[24] Piero A. Bonatti and Daniel Olmedilla. Driving and monitoring provisional trust negotiation with metapolicies. In 6th IEEE Policies for Distributed Systems and Networks (POLICY 2005), pages 14-23, Stockholm, Sweden, June 2005. IEEE Computer Society. [ bib | .pdf ]
We introduce the provisional trust negotiation framework Protune, for combining distributed trust management policies with provisional-style business rules and access-control related actions. The framework features a powerful declarative metalanguage for driving some critical negotiation decisions, and integrity constraints for monitoring negotiations and credential disclosure.

[25] Wolfgang Nejdl, Daniel Olmedilla, Marianne Winslett, and Charles C. Zhang. Ontology-based policy specification and management. In 2nd European Semantic Web Conference (ESWC), volume 3532 of Lecture Notes in Computer Science, pages 290-302, Heraklion, Crete, Greece, May 2005. Springer. [ bib | .pdf ]
The World Wide Web makes it easy to share information and resources, but offers few ways to limit the manner in which these resources are shared. The specification and automated enforcement of security-related policies offer promise as a way of providing controlled sharing, but few tools are available to assist in policy specification and management, especially in an open system such as the Web, where resource providers and users are often strangers to one another and exact and correct specification of policies will be crucial. In this paper, we propose the use of ontologies to simplify the tasks of policy specification and administration, discuss how to represent policy inheritance and composition based on credential ontologies, formalize these representations and the according constraints in Frame-Logic, and present PolicyTab, a prototype implementation of our proposed scheme as a Protégé plug-in to support policy specification.

[26] Paul-Alexandru Chirita, Daniel Olmedilla, and Wolfgang Nejdl. Finding related pages using the link structure of the WWW. In 2004 IEEE/WIC/ACM International Conference on Web Intelligence (WI 2004), pages 632-635, Beijing, China, September 2004. IEEE Computer Society. [ bib | .pdf ]
Most of the current algorithms for finding related pages are exclusively based on text corpora of the WWW or incorporate only authority or hub values of pages. In this paper, we present HubFinder, a new fast algorithm for finding related pages exploring the link structure of the Web graph. Its criterion for filtering output pages is “pluggable”, depending on the user's interests, and may vary from global page ranks to text content, etc. We also introduce HubRank, a new ranking algorithm which gives a more complete view of page “importance” by biasing the authority measure of PageRank towards hub values of pages. Finally, we present an evaluation of these algorithms in order to prove their qualities experimentally.

[27] Paul-Alexandru Chirita, Daniel Olmedilla, and Wolfgang Nejdl. Pros: A personalized ranking platform for web search. In 3rd International Conference Adaptive Hypermedia and Adaptive Web-Based Systems (AH 2004), volume 3137 of Lecture Notes in Computer Science, pages 34-43, Eindhoven, The Netherlands, August 2004. Springer. [ bib | .pdf ]
Current search engines rely on centralized page ranking algorithms which compute page rank values as single (global) values for each Web page. Recent work on topic-sensitive PageRank and personalized PageRank has explored how to extend PageRank values with personalization aspects. To achieve personalization, these algorithms need specific input: for example a set of personalized hub pages with high PageRank to drive the computation. In this paper we show how to automate this hub selection process and build upon the latter algorithm to implement a platform for personalized ranking.We start from the set of bookmarks collected by a user and extend it to contain a set of hubs with high PageRank related to them. To get additional input about the user, we implemented a proxy server which tracks and analyzes user’s surfing behavior and outputs a set of pages preferred by the user. This set is then enrichened using our HubFinder algorithm, which finds related pages, and used as extended input for the Pagerank algorithm. All algorithms are integrated into a prototype of a personalized Web search system, for which we present a first evaluation.

[28] Rita Gavriloaie, Wolfgang Nejdl, Daniel Olmedilla, Kent E. Seamons, and Marianne Winslett. No registration needed: How to use declarative policies and negotiation to access sensitive resources on the semantic web. In 1st European Semantic Web Symposium (ESWS 2004), volume 3053 of Lecture Notes in Computer Science, pages 342-356, Heraklion, Crete, Greece, May 2004. Springer. [ bib | .pdf ]
Gaining access to sensitive resources on the Web usually involves an explicit registration step, where the client has to provide a predetermined set of information to the server. The registration process yields a login/password combination, a cookie, or something similar that can be used to access the sensitive resources. In this paper we show how an explicit registration step can be avoided on the Semantic Web by using appropriate semantic annotations, rule-oriented access control policies, and automated trust negotiation. After presenting the PeerTrust language for policies and trust negotiation, we describe our implementation of implicit registration and authentication that runs under the Java-based MINERVA Prolog engine. The implementation includes a PeerTrust policy applet and evaluator, facilities to import local metadata, policies and credentials, and secure communication channels between all parties.

[29] Paul-Alexandru Chirita, Daniel Olmedilla, and Wolfgang Nejdl. Finding related hubs and authorities. In 1st Latin American Web Congress (LA-WEB 2003), Empowering Our Web, pages 214-215, Santiago, Chile, November 2003. IEEE Computer Society. [ bib | .pdf ]

Journals

[1] Piero A. Bonatti, Juri Luca De Coi, Daniel Olmedilla, and Luigi Sauro. A rule-based trust negotiation system. IEEE Transactions on Knowledge and Data Engineering (TKDE), 22(11):1507-1520, 2010. [ bib | .pdf ]
Abstract—Open distributed environments such as the World Wide Web facilitate information sharing but provide limited support to the protection of sensitive information and resources. Trust negotiation (TN) frameworks have been proposed as a better solution for open environments such as the Web, in which parties may get in touch and interact without being previously known to each other. In this paper we illustrate PROTUNE, a rule-based TN framework For the first time, we give an overall picture of the framework, describe its implementation, provide an evaluation along several dimensions, and extensively compare it with competing frameworks. Moreover, we point out which features of declarative rule-based systems play a crucial role in tackling the many issues raised by TN scenarios.

[2] Philipp Kärger, Daniel Olmedilla, Fabian Abel, Eelco Herder, and Wolf Siberski. What do you prefer? using preferences to enhance learning technology. IEEE Transactions on Learning Technologies, 1(1):20-33, 2008. [ bib | .pdf ]
While the growing number of learning resources increases the choice for learners on how, what and when to learn, it also makes it more and more difficult to find the learning resources that best match the learners' preferences and needs. The same applies to learning systems that aim to adapt or recommend suitable courses and learning resources according to a learner's wishes and requirements. Improved representations for a learner's preferences as well as improved search capabilities that take these preferences into account leverage these issues. In this paper, we propose an approach for selecting optimal learning resources based on preference-enabled queries. A preference-enabled query does not only allow for hard constraints (like 'return lectures about Mathematics') but also for soft constraints (such as 'I prefer a course on Monday, but Tuesday is also fine') and therefore allow for a more fine-grained representation of a learner's requirements, interests and wishes. We show how to exploit the representation of learner's wishes and interests with preferences and how to use preferences in order to find optimal learning resources. We present the Personal Preference Search Service (PPSS), which offers significantly enhanced search capabilities for learning resources by taking the learner's detailed preferences into account.

[3] Juri L. De Coi, Philipp Kärger, Arne W. Koesling, and Daniel Olmedilla. Control your elearning environment: Exploiting policies in an open infrastructure for lifelong learning. IEEE Transactions on Learning Technologies, 1(1):88-102, 2008. [ bib | .pdf ]
Nowadays, people are in need for continuous learning in order to keep up to date or to be upgraded in their job. An infrastructure for life-long learning requires continuous adaptation to learners' needs and must also provide flexible ways for students to use and personalize them. Controlling who can access a document, specifying when a student may be contacted for interactive instant messaging or periodical reminders in order to increase motivation for collaboration are just some examples of typical statements that may be specified by e.g., learners and learning management system administrators. This paper investigates how existing work in the area of policy representation and reasoning can be used in order to express these statements while at the same time obtaining the extra benefits policies provide (e.g., flexibility, dynamicity and interoperability). The paper analyzes existing policy languages and integrates one of them as part of a demonstration of its feasibility in providing more advanced and flexible eLearning environments.

[4] Ivana Marenzi, Elena Demidova, Wolfgang Nejdl, Daniel Olmedilla, and Sergej Zerr. Social software for lifelong competence development: Challenges and infrastructure. International Journal of Emerging Technologies in Learning (iJET), 3:18-23, 2008. [ bib | .pdf ]
Within the TENCompetence project we aim to develop and integrate models and tools into an open source infrastructure for the creation, storage and exchange of learning objects, suitable knowledge resources as well as learning experiences. This contribution analyzes the potential of social software tools for providing part of the required functionality, as well as some challenges involved.

[5] Daniel Burgos, Eelco Herder, and Daniel Olmedilla. Tencompetence: Construyendo la red europea para el desarrollo continuo de competencias. Revista Iberoamericana de Inteligencia Artificial (IberoAmerican Journal of Artificial Intelligence), 11(33):79-84, 2007. [ bib | .pdf ]
El proyecto TENCompetence (The European Network for Lifelong Competence Development) apoya a personas e instituciones europeas en el desarrollo de competencias profesionales más allá de la formación reglada oficial. El desarrollo de habilidades específicas y competencias laborales que enriquecen un curriculum y mejoran la valoración del individuo y sus capacidades profesionales centran el núcleo del proyecto. Como tal, existen dos áreas de trabajo principales: por un lado la implementación e integración de una estructura de servicios; por otro, la investigación de nuevas soluciones y técnicas a los problemas habituales en la materia. Específicamente, en referencia a la investigación, existen cuatro áreas complementarias de actuación, con diferente grado de granularidad: 1) Compartición y Administración de Recursos de Conocimiento, 2) Actividades y Unidades de Aprendizaje, 3) Programas de Desarrollo de Competencias, y 4) Redes para el Desarrollo de Competencias. Este artículo presenta los principales problemas encontrados en cada una de estas áreas y las técnicas de inteligencia artifical propuestas o en uso para resolverlos e impulsar el desarrollo contínuo de competencias dentro del proyecto TENCompetence.

[6] Tim Finin, Lalana Kagal, and Daniel Olmedilla. Report on the models of trust for the web workshop (MTW'06). ACM SIGMOD Record, 35(4):54-56, 2006. [ bib | .pdf ]
[7] Frans Van Assche, Erik Duval, David Massart, Daniel Olmedilla, Bernd Simon, Stefan Sobernig, Stefaan Ternier, and Fridolin Wild. Spinning interoperable applications for teaching & learning using the simple query interface. Educational Technology & Society. Special Issue (April 2006) on Interoperability of Educational Systems, 9(2):51-67, 2006. [ bib | .pdf ]
The Web puts a huge number of learning resources within reach of anyone with Internet access. However, many valuable resources are difficult to find due to the lack of interoperability among learning repositories. In order to achieve interoperability, implementers require a common query framework. This paper discusses a set of methods referred to as Simple Query Interface (SQI) as a universal interoperability layer for educational networks. The methods proposed can be used by a source for configuring and submitting queries to a target system and retrieving results from it. The SQI interface can be implemented in a synchronous or an asynchronous manner and is independent of query languages and metadata schemas. In this paper SQI’s universal applicability has been evaluated by more than a dozen implementations demonstrated in three different case studies. SQI has been finalized as a standard in the CEN/ISSS Learning Technologies Workshop. Latest developments of SQI can be followed at http://www.prolearn-project.org/lori/.

[8] Steffen Staab, Bharat K. Bhargava, Leszek Lilien, Arnon Rosenthal, Marianne Winslett, Morris Sloman, Tharam S. Dillon, Elizabeth Chang, Farookh Khadeer Hussain, Wolfgang Nejdl, Daniel Olmedilla, and Vipul Kashyap. The pudding of trust. IEEE Intelligent Systems, 19(5):74-88, 2004. [ bib | .pdf ]
[9] Bernd Simon, Peter Dolog, Zoltán Miklós, Daniel Olmedilla, and Michael Sintek. Conceptualising smart spaces for learning. Journal of Interactive Media in Education. Special Issue on the Educational Semantic Web, 1, 2004. [ bib | .pdf ]
Selecting appropriate learning services for a learner from the large number of heterogeneous knowledge sources is a complex and challenging task. This paper presents the idea of Smart Spaces for Learning. A Smart Space for Learning is defined as a distributed system (i.e. “space”) that provides management support for the “smart” retrieval and consumption of heterogeneous learning services via Personal Learning Assistants. Personalisation and system interoperability play an important role for the realisation of a Smart Space for Learning. In this paper we illustrate and discuss how Semantic Web technologies such as RDF, TRIPLE, QEL and ontologies can be applied to create a Smart Space for Learning.

[10] Peter Dolog, Barbara Kieslinger, Zoltán Miklós, Daniel Olmedilla, and Bernd Simon. Creating smart spaces for learning. Journal of Technology Challenges for Digital Culture, 7, April 2004. [ bib | .pdf ]

Books

[1] Piero A. Bonatti, Juri Luca De Coi, Daniel Olmedilla, and Luigi Sauro. Rule-based policy representations and reasoning. In Semantic Techniques for the Web, The REWERSE Perspective, volume 5500 of Lecture Notes in Computer Science, pages 201-232. Springer, 2009. [ bib | .pdf ]
Trust and policies are going to play a crucial role in enabling the potential of many web applications. Policies are a well-known approach to protecting security and privacy of users in the context of the Semantic Web: in the last years a number of policy languages were proposed to address different application scenarios. The first part of this chapter provides a broad overview of the research field by accounting for twelve relevant policy languages and comparing them on the strength of ten criteria which should be taken into account in designing every policy language. By comparing the choices designers made in addressing such criteria, useful conclusions can be drawn about strong points and weaknesses of each policy language. The second part of this chapter is devoted to the description of the Protune framework, a system for specifying and cooperatively enforcing security and privacy policies on the Semantic Web developed within the network of excellence REWERSE. We describe the framework�s functionalities, provide details about their implementation, and report the results of performance evaluation experiments.

[2] Piero A. Bonatti and Daniel Olmedilla. Rule-based policy representation and reasoning for the semantic web. In Reasoning Web, Third International Summer School 2007, volume 4636 of Lecture Notes in Computer Science, pages 240-268, Dresden, Germany, September 2007. Springer. [ bib | .pdf ]
The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines the identity of the requester in order to either grant or deny access, depending on its associated information (e.g., by looking up its set of permissions). In the Semantic Web, any two strangers can interact with each other automatically and therefore this assumption does not hold. Hence, a semantically enriched process is required in order to regulate an automatic access to sensitive information. Policy-based access control provides sophisticated means in order to support protecting sensitive resources and information disclosure.

However, the term policy is often overloaded. A general definition might be “a statement that defines the behaviour of a system”. However, such a general definition encompasses different notions, including security policies, trust management policies, business rules and quality of service specifications, just to name a few. Researchers have mainly focussed on one or more of such notions separately but not on a comprehensive view. Policies are pervasive in web applications and play crucial roles in enhancing security, privacy, and service usability as well. Interoperability and self-describing semantics become key requirements and here is where Semantic Web comes into play. There has been extensive research on policies, also in the Semantic Web community, but there still exist some issues that prevent policy frameworks from being widely adopted by users and real world applications.

This document aims at providing an overall view of the state of the art (requirements for a policy framework, some existing policy frameworks/languages, policy negotiation, context awareness, etc.) as well as open research issues in the area (policy understanding in a broad sense, integration of trust management, increase in system cooperation, user awareness, etc.) required to develop a successful Semantic Policy Framework.

[3] Daniel Olmedilla. Security and privacy on the semantic web. In Milan Petkovic and Willem Jonker, editors, Security, Privacy and Trust in Modern Data Management, Data-Centric Systems and Applications. Springer, 2007. [ bib | .pdf ]
The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines the identity of the requester in order to either grant or deny access, depending on its associated information (e.g., by looking up its set of permissions). In the Semantic Web, any two strangers can interact with each other automatically and therefore this assumption does not hold. Hence, a semantically enriched process is required in order to regulate an automatic access to sensitive information. Policy-based access control provide sophisticated means in order to support protecting sensitive resources and information disclosure. This chapter provides an introduction to policy-based security and privacy protection, by analyzing several existing policy languages. Furthermore, it shows how these languages can be used in a number of Semantic Web scenarios.

[4] Grigoris Antoniou, Matteo Baldoni, Piero A. Bonatti, Wolfgang Nejdl, and Daniel Olmedilla. Rule-based policy specification. In Ting Yu and Sushil Jajodia, editors, Secure Data Management in Decentralized Systems, volume 33 of Advances in Information Security. Springer, 2007. [ bib | .pdf ]
Policy-based access control is nowadays a common mechanism to protect data in distributed environments. However, the word policy has been given many different meanings and is used in different contexts. This chapter gives an overview of the existing approaches to logic- and rule-based system behavior specification in the light of the peculiar needs of business and security rules.

Proceedings

[1] Daniel Olmedilla and Alessandra Russo, editors. Proceedings of the 12th IEEE International Policies for Distributed Systems and Networks (POLICY 2011), Pisa, Italy, June 2011. IEEE Computer Society. [ bib | http | http ]
The symposium brings together researchers and practitioners working on policy-based systems across a wide range of application domains including policy-based networking, privacy, trust and security management, autonomic computing, pervasive systems and enterprise systems. POLICY 2011 is the 12th in a series of successful events, which have provided a forum for discussion and collaboration between researchers, developers and users of policy-based systems.

In addition to the areas mentioned above, we specifically encourage this year contributions on policy-based techniques in support of Cloud computing and Enterprise Service Oriented applications as well as the use of reasoning, verification and learning techniques in policy based systems.

[2] Fabian Abel, Eelco Herder, Geert-Jan Houben, Daniel Olmedilla, and Alexandre Passant, editors. Proceedings of the ESWC'11 International Workshop on User Profile Data on the Social Semantic Web (UWEB), Heraklion, Greece, May 2011. [ bib | http | http ]
Social Web sites, such as Facebook, YouTube, Delicious, Flickr and Wikipedia, and numerous other Web applications, such as Google and Amazon, rely on implicitly or explicitly collected data about their users and their activities to provide personalized content and services. As these applications become more and more connected, a major challenge is to allow various applications to exchange, reuse, and integrate user data from different sources. The amount of user data available on the Web is tremendously growing and reasoning on such heterogeneous user data distributed across the Web, i.e. exploiting user data on the Web, is a non-trivial problem that poses several challenges to the Semantic Web community.

While the linking of user data provides advantages for recommendation and personalization, it also raises questions related to provenance, trust and privacy: how does one know that the data gathered from several sources can be trusted, and how can one avoid that sensitive personal data is disclosed to certain services or used to infer and expose sensitive information? Trust and privacy, and associated policies, may therefore impact reasoning on user data.

[3] Philipp Kärger, Daniel Olmedilla, Alexandre Passant, and Axel Polleres, editors. Proceedings of the ESWC'10 2nd International Workshop on Trust and Privacy on the Social and Semantic Web (SPOT2010), Heraklion, Greece, May 2010. CEUR-WS.org. [ bib | http | http ]
More than ever, the Semantic Web is becoming reality as it is an integrated component of the Web we are browsing everyday - be it the Open Linked Data movement that nowadays exposes over 10 billion triples of RDF or the annotated and structured information available on Web pages used by major search engines, such as Yahoo! SearchMonkey and Google. Moreover, social data about people and their interaction is made available in machine-understandable format in projects like FOAF or SIOC. Facing this amount of data, privacy and trust consideration is an important step to take right now.

[4] Michael Hausenblas, Philipp Kärger, Daniel Olmedilla, Alexandre Passant, and Axel Polleres, editors. Proceedings of the ESWC'09 1st International Workshop on Trust and Privacy on the Social and Semantic Web (SPOT2009), Heraklion, Greece, June 2009. CEUR-WS.org. [ bib | http | http ]
In the past years, the Semantic Web has become increasingly social, that is, data does not anymore consist only of business services and products but increasingly includes information about people, their relationships with others, etc. At the same time, Semantic Web technologies have been advanced and currently numerous knowledge repository are exposed to the public, following the Linking Open Data movement.

Naturally, the general goal of combining distributed semantically annotated knowledge raises issues of trust and privacy. However, although trust and privacy play a crucial role most of the deployed systems and research prototypes offer no or not sufficient solutions.

[5] Lalana Kagal, Tim Finin, and Daniel Olmedilla, editors. Proceedings of the ISWC'07 1st International Workshop on Privacy Enforcement and Accountability with Semantics (PEAS), volume 320 of CEUR Workshop Proceedings, Busan, Korea, November 2007. CEUR-WS.org. [ bib | .pdf | http | http ]
The concept of information sharing has dramatically changed with the new digital era. Handheld devices that could provide highly personal information about the owner (e.g., RFID, GPS) are becoming more pervasive. Our use of the Web also leads to the implicit sharing of information with others through our blogs, websites, social networks, Semantic Desktop sharing, clickstream tracking, as well as through the photographs, documents, and bookmarks we post on sites such as Flickr, Zoomr, and Delicious. Disclosing information to third parties may have unexpected consequences since a receiver of such information might easily use, copy, and redistribute it in ways not intended for by the owner. Users must understand the implications of using such devices or applications and providing information to third parties. Even though users may prevent the direct disclosure of sensitive information by an access control mechanism and the information being leaked may not seem private, sensitive information may revealed by inferences drawn from non-sensitive data and metadata. Examples include identifying a user and providing her sensitive information through a simple search engine query log, and retrieving medical data from sets of anonymized records. Thus along with privacy enforcement, accountability is also important because it may not always be possible to prevent third parties from obtaining sensitive information but accountability helps ensure that this information is used according to certain policies defined by the law or by the owner.

The role of Semantic Web research in privacy and accountability is two-fold. On the one hand, Semantic Web techniques may be used in order to provide advanced privacy and accountability mechanisms. Using formal languages with well-defined semantics in order to represent, reason about, and exchange such information helps to make it non-ambiguously understood by others. Privacy ontologies, sticky policies attached to data, accountability logics, and efforts such as the Creative Commons are some examples. Semantic Web languages can also be used to specify and track provenance of information, which is useful for accountability. Representing information in Semantic Web languages can also prevent sensitive information from being inferred by providing built in semantic models that can be used to recognize some potential inference channels. Another possible way to protect privacy is to disclose an appropriately generalized (or vague) answer to a query. For example, the query “where is John now” might be answered with “in room ITE 329 on the UMBC Campus” or “on the UMBC campus” or “somewhere in Maryland” depending on John's privacy preferences and the identify of the requester. Semantic Web languages provide a natural mechanism for generalization through their subclass structuring. The second role of Semantic Web research in this area is that privacy enforcement and accountability also apply to many emergent Semantic Web research topics. As an example, semantic desktop sharing poses questions about what to share, under which conditions, and how to control the usage of such information in a way that the privacy of the user is not violated. Understanding the new requirements that these scenarios pose is crucial for the short-term research in the area.

This workshop brings together researchers interested in the field in order to discuss and analyze important requirements and open research issues in this context, taking into account both perspectives: how can Semantic Web techniques help and which requirements arise from current Semantic Web research lines.

[6] Piero A. Bonatti, Li Ding, Tim Finin, and Daniel Olmedilla, editors. Proceedings of the ISWC'06 2nd International Semantic Web Policy Workshop (SWPW), Athens, Georgia, USA, November 2006. [ bib | http | http ]
Policies are pervasive in web applications. They play crucial roles in enhancing security, privacy and usability of distributed services, and indeed may determine the success (or failure) of a web service. However, users will not be able to benefit from these protection mechanisms unless they understand and are able to personalize policies applied in such contexts. For web services this includes policies for access control, privacy and business rules, among others. There has been extensive research in the area, including the Semantic Web community, but several aspects still exist that prevent policy frameworks from widespread adoption and real world application like for example: Adoption of a broad notion of policy, encompassing not only access control policies, but also privacy policies, business rules, quality of service, and others. Strong and lightweight evidence: Policies make decisions based on properties of the peers interacting with the system. These properties may be strongly certified by cryptographic techniques, or may be reliable to some intermediate degree with lightweight evidence gathering and validation. Policy-driven negotiations may be one of the main ingredients that can be used to make heterogeneous peers effectively interoperate. Lightweight knowledge representation and reasoning should also reduce the effort to specialize general frameworks to specific application domains Solutions like controlled natural language syntax for policy rules, to be translated by a parser into the internal logical format, will definitively ease the adoption of any policy language. Cooperative policy enforcement: A secure cooperative system should (almost) never say no. Whenever prerequisites for accessing a service are not met, web applications should explain what is missing and help the user in obtaining the required permissions. Advanced explanation mechanisms are necessary to help users in understanding policy decisions and obtaining the permission to access a desired service.

This workshop will bring together researchers interested in the field in order to discuss and analyze important requirements and open research issues in this context, focusing on policies in general and their integration into trust management frameworks, as well as on approaches to increase system cooperation, usability and user-awareness of policy issues.

[7] Daniel Burgos, Martin Memmel, Daniel Olmedilla, Eric Ras, Stephan Weibelzahl, and Martin Wolpers, editors. Proceedings of the EC-TEL'06 Joint International Workshop on Professional Learning, Competence Development and Knowledge Management, Heraklion, Greece, October 2006. [ bib | http | .pdf ]
In many organizations most working processes are very knowledge intensive and involve many people working at different locations and on different tasks. The context in which people are working is changing constantly through changing work processes, different tasks or problems to be solved, and evolving technologies which are used at work. These facts require life-long competence development. Competency development takes mostly place during informal learning at the workplace. The learning process is characterized by self-organized activities such as selecting the environment for learning (e.g., Internet), defining learning goals (e.g., related to a work problem), finding and selecting content for learning (e.g., websites or colleagues), and following a preferred learning path. Beside a continuous formal competence development, sharing knowledge among members of the organizations and making ones knowledge explicit for others is crucial. Working and learning takes place in a network of people, tools, environments, and knowledge. These networks facilitate interaction and communication The use of available e-Learning and Knowledge Management applications in a network setting can help to address the challenge of continuous competence development.

However, questions arise how these methodologies and technologies of the different domains fit together in order to ensure that the learned can be transferred to the workplace and to improve the performance of each individual? How can we foster interaction and provide a personalized learning experience according to the current situation and context (e.g., flexible guidance for self-directed learning, adaptive content selection and structuring)? How can we better use existing networks for competence development and how can we ensure that learning goals are based on real-world needs? How can we engage learners and actively involve them in the learning process through interaction?

This workshop is made out of two different calls for papers: LOKMOL (Learner-Oriented Knowledge Management & KM-Oriented E-Learning) and L3NCD (Life Long Learning Networks for Competence Development), based on the experience of the European projects TENCompentence (www.tencompetence.org) and ProLearn (www.prolearn-project.org). As a result of these two calls for papers, LOKMOL and L3NCD bring together a common workshop providing a pool of interesting and highly related topics: Professional Learning, Competence Development and Knowledge Management.

[8] Tim Finin, Lalana Kagal, and Daniel Olmedilla, editors. Proceedings of the WWW'06 Workshop on Models of Trust for the Web, volume 190 of CEUR Workshop Proceedings, Edinburgh, Scotland, UK, May 2006. CEUR-WS.org. [ bib | .html | http | .pdf ]
“There are three types of lies - lies, damn lies, and facts found on the Web.”
Dr. Tim Finin, paraphrasing the well known quotation by Benjamin Disraeli on Statistics

As it gets easier to add information to the web via html pages, wikis, blogs, and other documents, it gets tougher to distinguish accurate information from inaccurate or untrustworthy information. A search engine query usually results in several hits that are outdated and/or from unreliable sources and the user is forced to go through the results and pick what she/he considers the most reliable information based on her/his trust requirements. With the introduction of web services, the problem is further exacerbated as users have to come up with a new set of requirements for trusting web services and web services themselves require a more automated way of trusting each other. Apart from inaccurate or outdated information, we also need to anticipate Semantic Web Spam (SWAM) - where spammers publish false facts and scams to deliberately mislead users. This workshop is interested in all aspects of enabling trust on the web.

This workshop will bring together researchers and experts from different communities (e.g., Information Systems, Database, Semantic Web, Web Services) interested in topics like trust, provenance, privacy, security, reputation and spam, in order to address current challenges of their application to distributed environments like the Web. The workshop will deliver a state-of-the-art overview, successful research advances in the area as well as guidelines for future research.

[9] Daniel Olmedilla, Nobuo Saito, and Bernd Simon, editors. Educational Technology & Society. Special Issue (April 2006) on Interoperability of Educational Systems, volume 9, 2006. [ bib | http ]
[10] Daniel Olmedilla, Nobuo Saito, and Bernd Simon, editors. Proceedings of the WWW'05 Workshop on Interoperability of Web-Based Educational Systems, volume 143 of CEUR Workshop Proceedings, Chiba, Japan, May 2005. CEUR-WS.org. [ bib | .html | http | .pdf ]
[11] Jennifer Golbeck, Piero A. Bonatti, Wolfgang Nejdl, Daniel Olmedilla, and Marianne Winslett, editors. Proceedings of the ISWC'04 Workshop on Trust, Security, and Reputation on the Semantic Web, volume 127 of CEUR Workshop Proceedings, Hiroshima, Japan, November 2004. CEUR-WS.org. [ bib | http | .pdf ]

Tutorials/Lectures/Invited Talks

[1] Daniel Olmedilla. Protune: Natural language for the specification of rule based policies on the semantic web. Invited Talk at the Business Rules, Extraction, Modelling and Integration Session in the 23rd European Conference on Operational Research (EURO), July 2009. [ bib | .pdf ]
This talk will present part of the work performed within the EU REWERSE Network of Excellence (Reasoning on the Web with Rules and Semantics) and in particular the Protune policy framework (www.l3s.de/web/protune). The work performed in the Protune framework offers a high flexibility for specifying any kind of policy, offers mechanisms to write policies in a controlled natural language, and integrates external systems such as relational databases at the policy level. It also provides facilities for increasing user awareness such as explanations of the policies in natural language.

[2] Daniel Olmedilla. Semantic web policies for security, trust management and privacy in social networks. Invited Talk at the Workshop on Privacy and Protection in Web-based Social Networks in conjunction with the 12th International Conference on Artificial Intelligence & Law (ICAIL), June 2009. [ bib | .pdf ]
The ability of defining privacy preferences in the current social platforms is very restricted. Typically, the user is provided with only some predefined options to select from. Semantic Web policies can be exploited in order to allow users to control privacy in social web applications. Such policies are generally considered statements that define the behavior of a system.

However, although Semantic Web policies gained a lot of interest in recent years and policy languages became more and more complex, suitable and easy-to-use solutions for highly dynamic social platforms are still needed. This paper presents a Semantic Web policy framework that not only allows for a fine-grained policy language and access and privacy control, but which also addresses its easy specification by non-computer experts and which explains both the policies and the decisions made when reasoning over them.

[3] Daniel Olmedilla. Protune: Policy representation and reasoning on the semantic web. Invited talk at the Asian Semantic Web School, December 2008. [ bib ]
Trust is the top layer of the famous semantic web picture. It plays a crucial role in enabling the potential of the web. While security and privacy do not cover all the facets of trust, still they play a central role in raising the level of trust in web resources. Moreover, users have shown that they are not willing to accept every possible use (or abuse) of their data. Therefore, the application of suitable policies for protecting services and sensitive data may determine success or failure of a new service. Policies can be regarded as semantic markup (pieces of machine understandable knowledge) and this way :

    it is possible to assist some of the operations related to access control and information release, thereby improving a user's navigation experience; it is easier to support attribute-based access control, that increases the level of privacy in online transactions; it is possible to create policy documentation automatically; in this way alignment is guaranteed between the policy enforced by the system and the policy documented in natural language for end users; moreover it is possible to specialize explanations to specific contexts (such as a particular transaction); this may help users to understand why a transaction fails (policy violation or technical problems?), how to get the permissions for obtaining a service, and so on; it is possible to create tools for verifying policies and more generally supporting policy authoring; other tools may help users to compare privacy policies and make (semi) automated policy-aware service selections.

Protune is a policy framework designed and implemented to incarnate the above ideas. Protune is meant to support the creation of policies and advanced policy enforcement points, supporting not only traditional access control but also trust negotiation (to automate security checks and privacy-aware information release) and second generation explanation facilities (to improve user awareness about - and control on - policies).

[4] Piero A. Bonatti and Daniel Olmedilla. Rule-based policy representation and reasoning for the semantic web. Lecture at the Reasoning Web Summer School, September 2007. [ bib | www: ]
The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines the identity of the requester in order to either grant or deny access, depending on its associated information (e.g., by looking up its set of permissions). In the Semantic Web, any two strangers can interact with each other automatically and therefore this assumption does not hold. Hence, a semantically enriched process is required in order to regulate an automatic access to sensitive information. Policy-based access control provides sophisticated means in order to support protecting sensitive resources and information disclosure.

However, the term policy is often overloaded. A general definition might be “a statement that defines the behaviour of a system”. However, such a general definition encompasses different notions, including security policies, trust management policies, business rules and quality of service specifications, just to name a few. Researchers have mainly focussed on one or more of such notions separately but not on a comprehensive view. Policies are pervasive in web applications and play crucial roles in enhancing security, privacy, and service usability as well. Interoperability and self-describing semantics become key requirements and here is where Semantic Web comes into play. There has been extensive research on policies, also in the Semantic Web community, but there still exist some issues that prevent policy frameworks from being widely adopted by users and real world applications.

This lecture aims at providing an overall view of the state of the art (requirements for a policy framework, some existing policy frameworks/languages, policy negotiation, context awareness, etc.) as well as open research issues in the area (policy understanding in a broad sense, integration of trust management, increase in system cooperation, user awareness, etc.) required to develop a successful Semantic Policy Framework.

[5] Daniel Olmedilla and Wolf Siberski. Introduction to the semantic web. Lecture at the TENCompetence Winter School, January 2007. [ bib | .html ]
The Semantic Web envisions a new generation Web where data is self describable, where implicit knowledge may be inferred and where agents may autonomously work on our behalf. This session intends to provide a gentle introduction to the Semantic Web from both theoretical and practical perspective. We will introduce the limitations of the current Web and describe some of the basic concepts and languages of the Semantic Web including RDF/S models and SPARQL query language. After these, a more advanced look into the Semantic Web potential will be given by exploring SPARQL queries with preferences as well as some basic reasoning techniques (e.g., based on Description Logics) and the languages associated (e.g., OWL).

[6] Piero A. Bonatti and Daniel Olmedilla. Semantic web policies: Where are we and what is still missing? Tutorial at the 2nd RuleML International Conference, November 2006. [ bib | .pdf ]
The term policy is often overloaded. A general definition might be “a statement that defines the behaviour of a system”. However, such a general definition encompasses different notions, including security policies, trust management policies, business rules and quality of service specifications, just to name a few. Researchers have mainly focussed on one or more of such notions separately but not on a comprehensive view. Policies are pervasive in web applications and play crucial roles in enhancing security, privacy, and service usability as well. Interoperability and self-describing semantics become key requirements and here is where Semantic Web comes into play. There has been extensive research on policies, also in the Semantic Web community, but there still exist some issues that prevent policy frameworks from being widely adopted by users and real world applications.

This tutorial aims at providing an overall view of the state of the art (requirements for a policy framework, existing policy frameworks/languages, policy negotiation, context awareness, etc.) as well as open research issues in the area (policy understanding in a broad sense, integration of trust management, increase in system cooperation, userawareness, etc.) required to develop a successful Semantic Policy Framework.

[7] Piero A. Bonatti and Daniel Olmedilla. Semantic web policies: Where are we and what is still missing? Tutorial at the European Semantic Web Conference (ESWC), June 2006. [ bib | .html ]
The term policy is often overloaded. A general definition might be “a statement that defines the behaviour of a system”. However, such a general definition encompasses different notions, including security policies, trust management policies, business rules and quality of service specifications, just to name a few. Researchers have mainly focussed on one or more of such notions separately but not on a comprehensive view. Policies are pervasive in web applications and play crucial roles in enhancing security, privacy, and service usability as well. Interoperability and self-describing semantics become key requirements and here is where Semantic Web comes into play. There has been extensive research on policies, also in the Semantic Web community, but there still exist some issues that prevent policy frameworks from being widely adopted by users and real world applications.

This tutorial aims at providing an overall view of the state of the art (requirements for a policy framework, existing policy frameworks/languages, policy negotiation, context awareness, etc.) as well as open research issues in the area (policy understanding in a broad sense, integration of trust management, increase in system cooperation, userawareness, etc.) required to develop a successful Semantic Policy Framework.

Workshops

[1] Philipp Kärger, Emily Kigel, and Daniel Olmedilla. Reactivity and social data: Keys to drive decisions in social network applications. In 2nd International Workshop on Social Data on the Web in conjunction with the 8th International Semantic Web Conference (ISWC), Washington DC, USA, October 2009. [ bib | .pdf ]
Social Network applications are gaining momentum. However, equally important, privacy is being shown a crucial requirement. Nowadays, privacy preferences on Social Network applications consist only on allowing or restricting access to information based on attributes of users who are part in the very same network. This paper tries to enhance privacy and provide automatic reactions to events via a very flexible specification of privacy policies and the reasoning associated to them. In our approach it is possible to include Social Semantic data exposed on the Web into the policy definition and reasoning process. We introduce the notion of reactive Semantic Web policies offering higher control of the communications and interactions among Social Network applications and/or its users. We also present SPOX (Skype Policy Extension), which is an implementation that allows policy-driven behaviour control based on the Social Network and communication software Skype, including the capacity of automatically react in certain situations based on user-defined reactive policies such as, for instance, to automatically deny or let through Skype calls and messages based on existing online Social Web data.

[2] Juri L. De Coi, Philipp Kärger, Daniel Olmedilla, and Sergej Zerr. Semantic web policies for security, trust management and privacy in social networks. In Workshop on Privacy and Protection in Web-based Social Networks in conjunction with the 12th International Conference on Artificial Intelligence & Law (ICAIL), Barcelona,Spain, June 2009. [ bib | .pdf ]
The ability of defining privacy preferences in the current social platforms is very restricted. Typically, the user is provided with only some predefined options to select from. Semantic Web policies can be exploited in order to allow users to control privacy in social web applications. Such policies are generally considered statements that define the behavior of a system.

However, although Semantic Web policies gained a lot of interest in recent years and policy languages became more and more complex, suitable and easy-to-use solutions for highly dynamic social platforms are still needed. This paper presents a Semantic Web policy framework that not only allows for a fine-grained policy language and access and privacy control, but which also addresses its easy specification by non-computer experts and which explains both the policies and the decisions made when reasoning over them.

[3] Juri L. De Coi, Philipp Kärger, Daniel Olmedilla, and Sergej Zerr. Using natural language policies for privacy control in social platforms. In ESWC'09 1st International Workshop on Trust and Privacy on the Social and Semantic Web (SPOT2009), Heraklion, Greece, June 2009. CEUR-WS.org. [ bib | .pdf ]
The ability of defining privacy preferences in the current social platforms are very restricted. Typically, the user is provided with only some predefined options to select from. In this paper, we present an approach that exploits Semantic Web policies allowing users to control privacy in social web applications. Such policies are general statements that define the behavior of a system. Although Semantic Web policies gained a lot of interest in recent years and policy languages became more and more complex, suitable and easy-to-use solutions for highly dynamic social platforms are still needed. In order to allow common users to define policies about the data to be shared, we introduce natural language policies. We further present an implementation based on the policy framework Protune that allows users of a collaborative learning platform to restrict access to their learning material to collaborators by means of controlled natural language policies.

[4] Alexandre Passant, Philipp Kärger, Michael Hausenblas, Daniel Olmedilla, Axel Polleres, and Stefan Decker. Enabling trust and privacy on the social web. In W3C Workshop on the Future of Social Networking, Barcelona, Spain, January 2009. [ bib | .html | .pdf ]
Based on our recent observations at the 7th International Semantic Web Conference and some related workshops as the "Social Data on The Web" one, as well as other frequent discussion threads on the Web, trust and privacy on the Social Web remains a hot, yet unresolved topic. Indeed, while Web 2.0 helped people to easily produce data, it lead to various issues regarding how to protect and trust this data, especially when it comes to personal data. On the one hand, we are wondering how to protect our private information online, above all when this information is re-used at our disadvantage. On the other hand, information should not only be protected when being published by its owners, but tools should also help users to assess trustworthiness of third-party information online. According to our recent research works, both from a theoretical and practical point of view, we think that Semantic Web technologies can provide at least partial solutions to enable a 'trust and privacy layer' on top of the Social Web. Hence, this position paper will present our work on the topic, that is in our opinion, also particularly relevant to the mobile Web community, according to the advances of ubiquitous Social Networking with, e.g., microblogging from mobile devices.

[5] Philipp Kärger, Nuno Lopes, Daniel Olmedilla, and Axel Polleres. Towards logic programs with ordered and unordered disjunction. In Workshop on Answer Set Programming and Other Computing Paradigms (ASPOCP) 2008 in conjunction with 24th International Conference on Logic Programming (ICLP 2008), Udine, Italy, December 2008. [ bib | .pdf ]
Logic Programming paradigms that allow for expressing preferences have drawn a lot of research interest over the last years. Among them, the principle of ordered disjunction was developed to express totally ordered preferences for alternatives in rule heads. In this paper we introduce an extension of this approach called Disjunctive Logic Programs with Ordered Disjunction (DLPOD) that combines ordered disjunction with common disjunction in rule heads. By this extension, we enhance the preference notions expressible with totally ordered disjunctions to par- tially ordered preferences. Furthermore, we show that computing optimal stable models for DLPODs still stays in Σ^p_2 for head-cycle free programs and establish Σ^p_3 upper bounds for the general case.

[6] Philipp Kärger, Daniel Olmedilla, and Wolf-Tilo Balke. Exploiting preferences for minimal credential disclosure in policy-driven trust negotiations. In VLDB Workshop on Secure Data Management (SDM), volume 5159 of Lecture Notes in Computer Science, pages 99-118, Auckland, New Zealand, August 2008. Springer. [ bib | .pdf ]
Business processes in open distributed environments such as the Web force users to interact with other parties be it users or companies even if they have never had any common transaction in the past. Policy-driven trust negotiations emerged in order to address these situations. But although many policy languages and protocols have been defined, the problem of deciding which credential disclosure set to choose from those that possibly make a negotiation succeed is still subject of research. This paper explores the use of qualitative preferences in order to solve the problem and exploits the recently introduced notions of amalgamated and incremented preferences in order to allow for automated decisions which negotiations are preferred by the user. Our solution eases the task for the user of selection among all possible negotiations by removing irrelevant alternatives and it may even automatize negotiations that otherwise would require manual intervention.

[7] Ivana Marenzi, Elena Demidova, Wolfgang Nejdl, and Daniel Olmedilla. Social software for lifelong competence development: Scenario and challenges. In TENCompetence Open Workshop 2008, Madrid, Spain, April 2008. [ bib | .pdf ]
Within the TENCompetence project we aim to develop and integrate models and tools into an open source infrastructure for the creation, storage and exchange of learning objects, suitable knowledge resources as well as learning experiences. This contribution analyzes the potential of social software tools for providing part of the required functionality, as well as some challenges involved.

[8] Ekaterini Ioannou, Juri Luca De Coi, Arne Wolf Koesling, Daniel Olmedilla, and Wolfgang Nejdl. Access control for sharing semantic data across desktops. In 1st International Workshop on Privacy Enforcement and Accountability with Semantics (PEAS), volume 320 of CEUR Workshop Proceedings, Busan, Korea, November 2007. CEUR-WS.org. [ bib | .pdf ]
Personal Information Management (PIM) systems aim to provide convenient access to all data and metadata on a desktop to the user itself as well as the co-workers. Obviously, sharing desktop data with co-workers raises privacy and access control issues which have to be addressed. In this paper we discuss these issues, and present appropriate solutions. In line with the architecture of current PIM systems, our solutions cover all semantic data shared in such a context, i.e. all desktop resources as well as other data structures created by the system, such as metadata in an RDF store and inverted index entries created for efficient textual search. We discuss different kinds of policies to specify protection for desktop data and metadata, and describe our access control system to express and execute these policies efficiently. Additionally, we describe the extension of an existing PIM system, Beagle++, with our approach, as well as our experiments, with convincing results on performance and scalability.

[9] Elena Demidova, Stefaan Ternier, Daniel Olmedilla, Erik Duval, Michele Dicerto, Krassen Stefanov, and Naiara Sacristán. Integration of heterogeneous information sources into a knowledge resource management system for lifelong learning. In The 2nd TenCompetence Workshop: Service Oriented Approaches and Lifelong Competence Development Infrastructures, Manchester, United Kingdom, January 2007. [ bib | .pdf ]
Accessibility of learning information is still restricted due to the lack of technical and semantic interoperability, locking in learning resources in disconnected islands. A successful environment for competence development and lifelong learning must be built on top of an infrastructure that maximizes the amount of information available, integrating centralized repositories and user desktop resources as well as emergent new applications. This paper describes the vision and current efforts of the TENCompetence project towards this goal as well as current collaboration with other initiatives like those being performed by ARIADNE, describing the requirements and challenges towards developing such an integrative knowledge resource management system on the repository layer as well as on the service layer.

[10] Eelco Herder, Arne Koesling, Daniel Olmedilla, Hans Hummel, Judith Schoonenboom, Ayman Moghnieh, and Luk Vervenne. European lifelong competence development: Requirements and technologies for its realisation. In Workshop on Learning Networks for Lifelong Competence Development, Sofia, Bulgaria, March 2006. [ bib | .pdf ]
In the TenCompetence project, we aim to address the growing need for lifelong development with an open source framework for competence development programmes. We envisage that the framework will be used for formal, non-formal and informal learning activities; learning units will be created and shared in a distributed manner in learning networks, and peer-to-peer learning activities will be highly important. In this paper, we give an overview of the requirements and techniques needed to achieve this goal. Methods for learner assessment are needed for individualizing learning programmes. The system should provide functionality to position the learner in and around learning programmes, and to generate personalized navigation paths that match the learner goal; in addition, learners should be able to organize their learning process and to communicate. We discuss several existing tools and standards that may be used as a basis for the framework.

[11] Piero A. Bonatti, Grigoris Antoniou, Matteo Baldoni, Cristina Baroglio, Claudiu Duma, Norbert E. Fuchs, Alberto Martelli, Wolfgang Nejdl, Daniel Olmedilla, Viviana Patti, Joachim Peer, and Nahid Shahmehri. The rewerse view on policies. In Semantic Web Policy Workshop in conjunction with 4th International Semantic Web Conference, Galway, Ireland, November 2005. [ bib | .pdf ]
In this position paper we outline the vision adopted by the working group on policies of the EU FP6 Network of Excellence REWERSE, IST-2004-506779.

[12] Ionut Constandache, Daniel Olmedilla, and Wolfgang Nejdl. Policy based dynamic negotiation for grid services authorization. In Semantic Web Policy Workshop in conjunction with 4th International Semantic Web Conference, Galway, Ireland, November 2005. [ bib | .pdf ]
Policy-based dynamic negotiations allow more flexible authorization in complex Grid environments, and relieve both users and administrators from up front negotiations and registrations. This paper describes how such negotiations overcome current Grid authorization limitations, and how policy-based negotiation mechanisms can be easily integrated into a Grid infrastructure. Such an extension provides advanced access control and automatic credential fetching, and can be integrated and implemented in the new version 4.0 of the Globus Toolkit.

[13] Piero A. Bonatti, Claudiu Duma, Daniel Olmedilla, and Nahid Shahmehri. An integration of reputation-based and policy-based trust management. In Semantic Web Policy Workshop in conjunction with 4th International Semantic Web Conference, Galway, Ireland, November 2005. [ bib | .pdf ]
Trust management is currently being tackled from two different perspectives: a “strong and crisp” approach, where decisions are founded on logical rules and verifiable properties encoded in digital credentials, and a “soft and social” approach, based on reputation measures gathered and shared by a distributed community. We analyze the differences between the two models of trust and argue that an integrated approach would improve significantly trust management systems. We support our claim with real world scenarios and illustrate how the two models are integrated in Protune, the core policy specification language of the network of excellence REWERSE.

[14] Rubén Lara and Daniel Olmedilla. Discovery and contracting of semantic web services. In W3C Workshop on Frameworks for Semantic in Web Services, Innsbruck, Austria, June 2005. [ bib | http | .pdf ]
The automatic location of services that fulfill a given need is recognized as a key step towards dynamic and scalable integration. In order to achieve such automation, a model that considers the dynamic aspects of service provision and how they affect service descriptions, and that enables an efficient and accurate discovery and contracting of relevant services, is required. In this paper we propose such a model, paying special attention to the distinction between services and Web services and how these two concepts relate to each other. The border between Web service discovery and service contracting is discussed, and what kind of descriptions can be expected at each step is analyzed. We outline requirements on frameworks for semantic description of Web Services in the light of our model, and propose techniques for realizing the dicovery and contracting steps.

[15] B. Simon, D. Massart, F. van Assche, S. Ternier, E. Duval, S. Brantner, D. Olmedilla, and Z. Miklós. A simple query interface for interoperable learning repositories. In WWW Workshop on Interoperability of Web-Based Educational Systems, volume 143 of CEUR Workshop Proceedings, Chiba, Japan, May 2005. Technical University of Aachen (RWTH). [ bib | .pdf ]
In order to achieve interoperability among learning repositories, implementers require a common communication framework for querying. This paper proposes a set of methods referred to as Simple Query Interface (SQI) as a universal interoperability layer for educational networks. The methods proposed can be used by a source for configuring and submitting queries to a target system and retrieving results from it. The SQI interface can be implemented in a synchronous or an asynchronous manner. SQI abstracts from query languages and metadata schemas. SQI has been evaluated by several prototype implementations demonstrating its universal applicability, and is on the way to being standardized in the CEN/ISSS Learning Technologies Workshop. The latest developments of SQI can be followed at http://www.prolearn-project.org/lori/.

[16] Daniel Olmedilla and Matthias Palmér. Interoperability for peer-to-peer networks: Opening p2p to the rest of the world. In WWW Workshop on Interoperability of Web-Based Educational Systems, volume 143 of CEUR Workshop Proceedings, Chiba, Japan, May 2005. Technical University of Aachen (RWTH). [ bib | .pdf ]
Due to the information growth, distributed environments are offered as a feasible and scalable solution where Peer-to-Peer networks have become more relevant. They bring many advantages as high flexibility for peers to join or leave the network dynamically, scalability, autonomy and high resilience against peer failures. However, the use of proprietary interfaces within the network and the requirement that peers must implement them to join makes P2P networks unable to interact with other systems and environments, isolating the network as a whole. In this paper, we report on a solution based on a proxy-based architecture and semantic mappings in order to allow the sharing of content between peers within a P2P network with content from other systems outside the network.

[17] Travis Leithead, Wolfgang Nejdl, Daniel Olmedilla, Kent E. Seamons, Marianne Winslett, Ting Yu, and Charles C. Zhang. How to exploit ontologies for trust negotiation. In ISWC Workshop on Trust, Security, and Reputation on the Semantic Web, volume 127 of CEUR Workshop Proceedings, Hiroshima, Japan, November 2004. Technical University of Aachen (RWTH). [ bib | .pdf ]
The World Wide Web makes it easy to share information and resources, but offers few ways to limit the manner in which these resources are shared. The specification and automated enforcement of security-related policies offer promise as a way of providing controlled sharing, but few tools are available to assist in policy specification and management, especially in an open system such as the Web, where resource providers and users are often strangers to one another and exact and correct specification of policies will be crucial. In this paper, we propose the use of ontologies to simplify the tasks of policy specification and administration, and to avoid several information leakage problems in run-time trust management in open systems.

[18] Wolfgang Nejdl, Daniel Olmedilla, and Marianne Winslett. Peertrust: Automated trust negotiation for peers on the semantic web. In VLDB Workshop on Secure Data Management (SDM), volume 3178 of Lecture Notes in Computer Science, pages 118-132, Toronto, Canada, August 2004. Springer. [ bib | .pdf ]
Researchers have recently begun to develop and investigate policy languages to describe trust and security requirements on the Semantic Web. Such policies will be one component of a run-time system that can negotiate to establish trust on the Semantic Web. In this paper, we show how to express different kinds of access control policies and control their use at run time using PeerTrust, a new approach to trust establishment. We show how to use distributed logic programs as the basis for PeerTrust's simple yet expressive policy and trust negotiation language, built upon the rule layer of the Semantic Web layer cake. We describe the PeerTrust language based upon distributed logic programs, and compare it to other approaches to implementing policies and trust negotiation. Through examples, we show how PeerTrust can be used to support delegation, policy protection and negotiation strategies in the ELENA distributed eLearning environment. Finally, we discuss related work and identify areas for further research.

[19] Daniel Olmedilla, Rubén Lara, Axel Polleres, and Holger Lausen. Trust negotiation for semantic web services. In 1st International Workshop on Semantic Web Services and Web Process Composition (SWSWPC), volume 3387 of Lecture Notes in Computer Science, pages 81-95, San Diego, CA, USA, July 2004. Springer. [ bib | .pdf ]
Semantic Web Services enable the dynamic discovery of services based on a formal, explicit specification of the requester needs. The actual Web Services that will be used to satisfy the requester's goal are selected at run-time and, therefore, they are not known beforehand. As a consequence, determining whether the selected services can be trusted becomes an essential issue. In this paper, we propose the use of the Peertrust language to decide if trust can be established between the requester and the service provider. We add modelling elements to the Web Service Modeling Ontology (WSMO) in order to include trust information in the description of Semantic Web Services. In this scenario, we discuss different registry architectures and their implications for the matchmaking process. In addition, we present a matching algorithm for the trust policies introduced.

[20] Jim Basney, Wolfgang Nejdl, Daniel Olmedilla, Von Welch, and Marianne Winslett. Negotiating trust on the grid. In 2nd WWW Workshop on Semantics in P2P and Grid Computing, New York, USA, May 2004. [ bib | .pdf ]
Grids support dynamically evolving collections of resources and users, usually spanning multiple administrative domains. The dynamic and cross-organizational aspects of Grids introduce challenging management and policy issues for controlling access to Grid resources. In this paper we show how to extend the Grid Security Infrastructure to provide better support for the dynamic and cross-organizational aspects of Grid activities, by adding facilities for dynamic establishment of trust between parties. We present the PeerTrust language for access control policies, which is based on guarded distributed logic programs, and show how to use PeerTrust to model common Grid trust needs.

Others

[1] Juri Luca De Coi, Daniel Olmedilla, Piero A. Bonatti, and Luigi Sauro. Protune: A framework for semantic web policies. In 7th International Semantic Web Conference (Posters & Demos), volume 401 of CEUR Workshop Proceedings, Karlsruhe, Germany, October 2008. CEUR-WS.org. [ bib ]
[2] José Júlio Alferes, Ricardo Amador, Philipp Kärger, and Daniel Olmedilla. Towards reactive semantic web policies: Advanced agent control for the semantic web. In 7th International Semantic Web Conference (Posters & Demos), volume 401 of CEUR Workshop Proceedings, Karlsruhe, Germany, October 2008. CEUR-WS.org. [ bib ]
[3] Juri L. De Coi and Daniel Olmedilla. A review of trust management, security and privacy policy languages. Technical report, L3S Research Center, October 2007. [ bib | .pdf ]
Policies are a well-known approach to protecting security and privacy of users as well as for flexible trust management in distributed environments. In the last years a number of policy languages were proposed to address different application scenarios. In order to help both developers and users in choosing the language best suiting her needs, policy language comparisons were proposed in the literature. Nevertheless available comparisons address only a small number of languages, are either out-of-date or too narrow in order to provide a broader picture of the research field. In this paper we consider twelve relevant policy languages and compare them on the strength of ten criteria which should be taken into account in designing every policy language. Some criteria are already known in the literature, others are introduced in our work for the first time. By comparing the choices designers made in addressing such criteria, useful conclusions can be drawn about strong points and weaknesses of each policy language.

[4] Daniel Olmedilla. Realizing Interoperability of E-Learning Repositories. PhD thesis, Universidad Autónoma de Madrid, Madrid, Spain, May 2007. Grade “Summa Cum Laude”. [ bib ]
After the boom of Internet a huge amount of information is available on the Web. Does that mean that users can easily and effectively find the specific information they seek? The answer is no. For example, searchers successfully find what they seek only 50% of the time or less (and they spend 15% to 35% of their time searching for information). This is due to the lack of interoperability and information overload. On the one hand, a big portion of the available information is not easily accessible for consumption but closed under each information source where it is stored. Users may need to access each information source individually in order to collect relevant information. On the other hand, keyword based queries may return an difficult to manage number of relevant results therefore showing the need for more accurate query languages and sorting mechanisms.

This document contributes to enhance the overall interoperability perspective in current e-learning management systems and on-line learning object repositories as well as each of the steps which need to be followed towards achieving such a goal, namely common query language, common schema, semantic integration and ranking. This work improves or overcomes the main challenges for interoperability in order to enhance existing approaches and increase their efficiency and effectiveness from both the provider's and consumer's perspective.

[5] Arne Wolf Koesling and Daniel Olmedilla. Adopting trust negotiations: To negotiate or not to negotiate? Technical report, L3S Research Center, November 2006. [ bib | .pdf ]
Open distributed environments require that agents who are not known to each other must be able to interact. A new authorization scheme called trust negotiation has emerged allowing two strangers to iteratively and bilaterally establish trust. This scheme has been applied to different environments such as theWeb, P2P networks or Grid environments. However, it is not yet clear what impact, implies its integration into running systems what leads to a lack of adoption. This papers investigates the overload produced by the integration of trust negotiation techniques and shows how negotiations might, under some assumptions, imply only a small increase on the network use in comparison with the benefits it provides.

[6] Juri L. De Coi and Daniel Olmedilla. A flexible policy-driven trust negotiation model. Technical report, L3S Research Center, November 2006. [ bib | .pdf ]
Policy-driven negotiations are gaining interest among the research community. A large number of policy languages with different expressiveness have been developed in order to suit different scenarios. This paper summarizes the general requirements a negotiation framework must cover and presents a flexible negotiation model that addresses all these requirements and subsumes existing models to date. An instantiation of this model and an architecture with reusable components that integrates two existing trust negotiation languages (PeerTrust and Protune) are provided.

[7] Ionut Constandache, Daniel Olmedilla, Frank Siebenlist, and Wolfgang Nejdl. Policy-driven negotiation for authorization in the semantic grid. Technical report, L3S Research Center, October 2005. [ bib | .pdf ]
As in many Grid Services deployments the clients and servers reside in different administrative domains, there is both a requirement to discover each other’s authorization policy in order to be able to present the right assertions that allow access, as well as to reveal as little as possible of the access policy details to unauthorized parties. This paper describes a mechanism where the client and servers are semantically annotated with policies that protect their resources. These annotations specify both constraints and capabilities, which are used during a negotiation to reason about and to communicate the need to see certain credentials from the other party, and to determine whether requested credentials can be obtained and revealed. The end result of the negotiation is a state where either both parties have satisfied their policy constraints for a subsequent interaction, or where such interaction is disallowed by either or both. Furthermore, the implementation of a prototype is discussed that is based on the PEERTRUST policy language and a reasoning engine, which are integrated in the webservices runtime of the Globus Toolkit. The negotiation process is facilitated through the implementation of WSRF-compliant service interfaces for the protocol message exchanges.

[8] Piero Bonatti, Daniel Olmedilla, and Joachim Peer. Advanced policy explanations. Technical report, Working Group I2, EU NoE REWERSE, August 2005. http://rewerse.net/deliverables/m18/i2-d4.pdf. [ bib | .pdf ]
We argue that policy-aware systems can be effective only if: (i) common users-with no training in computer science or logic-become aware of the policy applied by their system; (ii) common users can personalize those policies; (iii) secure systems guide the user in getting the required permissions (cooperative enforcement). Towards this end, we introduce a mechanism for answering why, why-not, how-to, and what-if queries. Our framework is lightweight and scalable because it does not require any major effort when the general framework is instantiated in a specific application domain, and most of the computational effort can be delegated to the clients. Some novel aspects in our approach: First, we adopt a tabled explanation structure, that simultaneously shows local and global (intra-proof and inter-proof) information, thereby facilitating navigation. Second, we introduce generic heuristics for removing irrelevant parts of the derivations. Third, our heuristics do not require the complex machinery needed by second-generation explanation systems, but have a comparable quality.

[9] Peter Dolog, Wolfgang Nejdl, and Daniel Olmedilla, editors. Schema Distribution and Evaluation Report (D2.7). EU Elena Project, May 2005. http://www.elena-project.org/images/other/D2_7.PDF. [ bib | .pdf ]
In this report, we deal with the schema definitions for learning resources, learning activities and learner profiles and their evaluation. The main motivation to define such schemas is to provide basic means for communication between several service and resource providers.

[10] Piero A. Bonatti and Daniel Olmedilla. Policy language specification. Technical report, Working Group I2, EU NoE REWERSE, February 2005. http://rewerse.net/deliverables/m12/i2-d2.pdf. [ bib | .pdf ]
This report's main goal is specifying syntax and semantics of the core of Protune, the policy language and metalanguage of REWERSE. The language can specify access control policies, privacy policies, reputation-based policies, provisional policies, and a class of business rules. The document also specifies the architecture of a distributed policy-based system, together with a suite of policy-related services. It introduces some policy filtering methodologies needed for negotiation semantics and query processing, and proves their properties in terms of information preservation or loss. We illustrate the language by means of numerous examples and outline a refined use case list for verbalization (i.e., formulation in controlled natural language) in the form of a representative list of sample policies.

[11] P. A. Bonatti, N. Shahmehri, C. Duma, D. Olmedilla, W. Nejdl, M. Baldoni, C. Baroglio, A. Martelli, V. Patti, P. Coraggio, G. Antoniou, J. Peer, and N. E. Fuchs. Rule-based policy specification: State of the art and future work. Technical report, Working Group I2, EU NoE REWERSE, August 2004. http://rewerse.net/deliverables/i2-d1.pdf. [ bib | .pdf ]
This report provides an overview of the existing approaches to logic and rule-based system behavior specification in the light of the peculiar needs of business and security rules. It identifies usage scenarios for rule based policies in a semantic web context and it outlines the possible directions of future research.

[12] Peter Dolog, Wolfgang Nejdl, and Daniel Olmedilla, editors. Artefacts and Service Network v3 (D2.3). EU Elena Project, June 2004. http://www.elena-project.org/images/other/D2_3_final.PDF. [ bib | .pdf ]
Smart Spaces for Learning are the next step towards the semantic web. In the ELENA project we try to design and develop such smart learning spaces based on a peer-topeer approach. According to this approach, the smart learning space can be seen as an open network of peers which collaborate on finding appropriate learning services or resources for specific persons.

In this document we address architecture descriptions of the service network and several points of view for artefacts in that network. We address software components, metadata and resource points of view to artefacts. The service network architecture is based on Edutella framework. The advanced P2P exchange based on introducing Super Peers is discussed. The network is discussed from the personalisation services point of view as well. We give several possibilities (scenarios) for integration. Interfaces as the main means for integration are discussed. For each considered educational node the metadata artefacts and resource artefacts are described. We describe the integration scenario implemented for each educational node.

[13] Wolfgang Nejdl, Daniel Olmedilla, and Marianne Winslett. Peertrust: Automated trust negotiation for peers on the semantic web. Technical report, L3S Research Center, November 2003. [ bib | .pdf ]
Researchers have recently begun to develop and investigate policy languages to describe trust and security requirements on the Semantic Web. Such policies will be one component of a run-time system that can negotiate to establish trust on the Semantic Web. In this paper, we show how to express different kinds of access control policies and control their use at run time using PeerTrust, a new approach to trust establishment. We show how to use guarded distributed logic programs as the basis for PeerTrust's simple yet expressive policy and trust negotiation language, built upon the rule layer of the Semantic Web layer cake. We describe the syntax and semantics of GDLPs, and compare PeerTrust's language to other approaches to implementing policies and trust negotiation. Through examples, we show how PeerTrust can be used to support delegation, policy protection and negotiation strategies. Finally, we discuss the PeerTrust automated trust negotiation engine prototype implemented in Prolog, and identify areas for further research.

[14] Daniel Olmedilla. Finding hubs for personalized web search. different ranks to different users. Tribunal de Estudios Avanzados (TEA). Universidad Autónoma de Madrid, September 2003. [ bib | .pdf ]

This file has been partially generated by bibtex2html

 

Last update on 14-Jun-2009 8:44 PM Home