- Tim Finin is the Willard and Lillian Hackerman Chair in Engineering and a Professor of Computer Science and Electrica... moreTim Finin is the Willard and Lillian Hackerman Chair in Engineering and a Professor of Computer Science and Electrical Engineering at the University of Maryland, Baltimore County (UMBC). He has over 40 years of experience in applications of artificial intelligence to problems in information systems and language understanding. His current research is focused on the Semantic Web, mobile computing, analyzing and extracting information from text, and enhancing security and privacy in information systems. He is a fellow of the Association for the Advancement of Artificial Intelligence (AAAI), an IEEE technical achievement award recipient, and was selected as the UMBC Presidential Research Professor in 2012.edit
Website privacy policies are often lengthy and intricate. Privacy assistants assist in simplifying policies and making them more accessible and user-friendly. The emergence of generative AI (genAI) offers new opportunities to build... more
Website privacy policies are often lengthy and intricate. Privacy assistants assist in simplifying policies and making them more accessible and user-friendly. The emergence of generative AI (genAI) offers new opportunities to build privacy assistants that can answer users' questions about privacy policies. However, genAI's reliability is a concern due to its potential for producing inaccurate information. This study introduces GenAIPABench, a benchmark for evaluating Generative AI-based Privacy Assistants (GenAIPAs). GenAIPABench includes: 1) A set of curated questions about privacy policies along with annotated answers for various organizations and regulations; 2) Metrics to assess the accuracy, relevance, and consistency of responses; and 3) A tool for generating prompts to introduce privacy policies and paraphrased variants of the curated questions. We evaluated 3 leading genAI systems-ChatGPT-4, Bard, and Bing AI-using GenAIPABench to gauge their effectiveness as GenAIPAs. Our results demonstrate significant promise in genAI capabilities in the privacy domain while also highlighting challenges in managing complex queries, ensuring consistency, and verifying source accuracy.
Research Interests:
Today, businesses rely on numerous information systems to achieve their production goals and improve their global competitiveness. Semantically integrating those systems is essential for businesses to achieve both. To do so, businesses... more
Today, businesses rely on numerous information systems to achieve their production goals and improve their global competitiveness. Semantically integrating those systems is essential for businesses to achieve both. To do so, businesses must rely on standards, the most important of which are data exchange standards (DES). DES focus on technical and business semantics that are needed to deliver quality and timely products and services. Consequently, the ability for businesses to quickly use and adapt DES to their innovations and processes is crucial. Traditionally, information standards are managed and used 1) in a platform-specific form and 2) usually with standalone and file-based applications. These traditional approaches no longer meet today's business and information agility needs. For example, businesses now must deal with companies and suppliers that use heterogeneous syntaxes for their information. Syntaxes that are optimized for individual but have different objectives. Moreover, file-based standards and the usage specifications derived from the standards cause inconsistencies since there is neither a single standard format for each usage specification nor a single source of truth for all of them. As the number and types of information systems grow, developing, maintaining, reviewing, and approving standards and their derived usage specifications are becoming more difficult and time consuming. Each file-based usage specification is typically based on a different syntax than the standard syntax. As a result, each usage specification must be manually updated as the standard evolves; this can cause significant delays and costs in adopting the new and better standard versions. National Institute of Standards and Technology (NIST) in collaboration with the Open Application Groups Inc. (OAGi) has developed a web-based standard lifecycle management tool called SCORE to address these problems. The objective of this paper is to introduce the SCORE tool and discuss its particular functionality where a word-embedding technique has been employed along with other schema-matching approaches. Together they can assist standard users in updating the usage specification due to the release of new version of a standard leading to faster adaptations of DES to new processes.
Research Interests:
AI models for cybersecurity have to detect and defend against constantly evolving cyber threats. Much effort is spent building defenses for zero days and unseen variants of known cyber-attacks. Current AI models for cybersecurity struggle... more
AI models for cybersecurity have to detect and defend against constantly evolving cyber threats. Much effort is spent building defenses for zero days and unseen variants of known cyber-attacks. Current AI models for cybersecurity struggle with these yet unseen threats due to the constantly evolving nature of threat vectors, vulnerabilities, and exploits. This paper shows that cybersecurity AI models will be improved and more general if we include semi-structured representations of background knowledge. This could include information about the software and systems, as well as information obtained from observing the behavior of malware samples captured and detonated in honeypots. We describe how we can transfer this knowledge into forms that the RL models can directly use for decision-making purposes.
Research Interests:
Entity linking is an important step towards constructing knowledge graphs that facilitate advanced question answering over scientific documents-including the retrieval of relevant information present in tables within these documents. This... more
Entity linking is an important step towards constructing knowledge graphs that facilitate advanced question answering over scientific documents-including the retrieval of relevant information present in tables within these documents. This paper introduces a general-purpose system for linking entities to items in the Wikidata knowledge base. It describes how we adapt this system for linking domain-specific entities-especially for those entities embedded within tables drawn from COVID-19-related scientific literature. We describe the setup of an efficient offline instance of the system that enables our entity-linking approach to be more feasible in practice. As part of a broader approach to infer the semantic meaning of scientific tables, we leverage the structural and semantic characteristics of the tables to improve overall entity linking performance.
Research Interests:
Structured data artifacts such as tables are widely used in scientific literature to organize and concisely communicate important statistical information. Discovering relevant information in these tables remains a significant challenge... more
Structured data artifacts such as tables are widely used in scientific literature to organize and concisely communicate important statistical information. Discovering relevant information in these tables remains a significant challenge owing to their structural heterogeneity, dense and often implicit semantics, and diffuse context. This paper describes how we leverage semantic technologies to enable technical experts to search and explore tabular data embedded within scientific documents. We present a system for the on-demand construction of knowledge graphs representing scientific tables (drawn from online scholarly articles hosted by PubMed Central), and for synthesizing tabular responses to semantic search requests against such graphs. We discuss key differentiators in our overall approach, including a two-stage semantic table interpretation that relies on an extensive structural and syntactic characterization of scientific tables, and a prototype knowledge discovery engine that uses automatically-inferred semantics of scientific tables to serve search requests by potentially fusing information from multiple tables on the fly. We evaluate our system on a real-world dataset of approximately 120,000 tables extracted from over 62,000 COVID-19-related scientific articles.
Research Interests:
Synthesizing information from collections of tables embedded within scientific and technical documents is increasingly critical to emerging knowledge-driven applications. Given their structural heterogeneity, highly domain-specific... more
Synthesizing information from collections of tables embedded within scientific and technical documents is increasingly critical to emerging knowledge-driven applications. Given their structural heterogeneity, highly domain-specific content, and diffuse context, inferring a precise semantic understanding of such tables is traditionally better accomplished through linking tabular content to concepts and entities in reference knowledge graphs. However, existing tabular data discovery systems are not designed to adequately exploit these explicit, human-interpretable semantic linkages. Moreover, given the prevalence of misinformation, the level of confidence in the reliability of tabular information has become an important, often overlooked, factor in discovery over open datasets. We describe a preliminary implementation of a discovery engine that enables table-based semantic search and retrieval of tabular information from a linked knowledge graph of scientific tables. We discuss the viability of semantics-guided tabular data analysis operations, including on-the-fly table generation under reliability constraints, within discovery scenarios motivated by intelligence production from documents.
Research Interests:
High-quality knowledge graphs (KGs) play a crucial role in many applications. However, KGs created by automated information extraction systems can suffer from erroneous extractions or be inconsistent with provenance/source text. It is... more
High-quality knowledge graphs (KGs) play a crucial role in many applications. However, KGs created by automated information extraction systems can suffer from erroneous extractions or be inconsistent with provenance/source text. It is important to identify and correct such problems. In this paper, we study leveraging the emergent reasoning capabilities of large language models (LLMs) to detect inconsistencies between extracted facts and their provenance. With a focus on "open" LLMs that can be run and trained locally, we find that few-shot approaches can yield an absolute performance gain of 2.5-3.4% over the state-of-the-art method with only 9% of training data. We examine the LLM architectures' effect and show that Decoder-Only models underperform Encoder-Decoder approaches. We also explore how model size impacts performance and counterintuitively find that larger models do not result in consistent performance gains. Our detailed analyses suggest that while LLMs can improve KG consistency, the different LLM models learn different aspects of KG consistency and are sensitive to the number of entities involved.
Research Interests:
Research Interests:
While efforts are underway to represent existing ecological databases semantically, so that they may be intelligently queried and integrated by agents, less attention has been paid to 1) rapidly changing datastreams, and 2) unstructured... more
While efforts are underway to represent existing ecological databases semantically, so that they may be intelligently queried and integrated by agents, less attention has been paid to 1) rapidly changing datastreams, and 2) unstructured data from amateur observers. We describe the development of two tools that interact with popular social websites as a means to generate and take advantage of semantic web content for citizen science. Splickr, a website, interacts with the Flickr and Yahoo maps APIs to provide a convenient way of browsing and querying Flickr's geotagged photos. SPOTter, a Firefox plug-in, is an aid to semantic ecoblogging. Both tools generate RDF based on rich OWL ontologies. This approach has wide applicability both in and outside science.
Research Interests:
With the advent of pervasive computing, we encounter many scenarios where data is constantly flowing between sensors and applications. The volume of data produced is large, so is the rate of the dataflow. In such scenarios, knowledge... more
With the advent of pervasive computing, we encounter many scenarios where data is constantly flowing between sensors and applications. The volume of data produced is large, so is the rate of the dataflow. In such scenarios, knowledge extraction boils down to finding useful information i.e. detecting events of interest. Typical use cases where event detection is of paramount importance are surveillance, tracking, telecommunications data management, disease outburst detection and environmental monitoring. There are many streaming database applications built to deal with these dynamic environments. However, they can only deal with raw data – not with streaming facts. We argue that much like a new database approach had to be developed to deal with streaming data, a new approach will be required to deal with streaming facts expressed in the languages of the Semantic Web. Existing reasoners use techniques that load the whole RDF graph in main memory and carry out queries on it. This appro...
Research Interests:
Current access control research follows two parallel themes: many efforts focus on developing novel access control models meeting the policy needs of real world application domains while others are exploring new policy languages. This... more
Current access control research follows two parallel themes: many efforts focus on developing novel access control models meeting the policy needs of real world application domains while others are exploring new policy languages. This paper is motivated by the desire to develop a synergy between these themes facilitated by OWL. Our vision for the future is a world where advanced access control concepts are embodied in models that are supported by policy languages in a natural intuitive manner, while allowing for details beyond the models to be further specified in the policy language. In this paper we specifically study the relationship between the Web Ontology Language (OWL) and the Role Based Access Control (RBAC) model. Although OWL is a web ontology language and not specifically designed for expressing authorization policies, it has been used successfully for this purpose in previous work. We show two different ways to support the NIST Standard RBAC model in OWL and then discuss...
Research Interests:
Recent years have seen a confluence of two major trends - the increase of mobile devices such as smart phones as the primary access point to networked information and the rise of social media platforms that connect people. Their... more
Recent years have seen a confluence of two major trends - the increase of mobile devices such as smart phones as the primary access point to networked information and the rise of social media platforms that connect people. Their convergence supports the emergence of a new class of context-aware geo-social networking applications. While existing systems focus mostly on location, our work centers on models for representing and reasoning about a more inclusive and higher-level notion of context, including the user's location and surroundings, the presence of other people and devices, feeds from social networking systems they use, and the inferred activities in which they are engaged. A key element of our work is the use of collaborative information sharing where devices share and integrate knowledge about their context. This introduces the need for privacy and security mechanisms. We present a framework to provide users with appropriate levels of privacy to protect the personal inf...
Research Interests:
created a set of architectural and protocol abstractions as a foundation for Semantic Web service technologies.This article summarizes the committee’s findings, emphasizing its review of requirements gathered from several different... more
created a set of architectural and protocol abstractions as a foundation for Semantic Web service technologies.This article summarizes the committee’s findings, emphasizing its review of requirements gathered from several different environments.The authors also identify the scope and potential requirements for a Semantic Web services architecture. Formed in February 2003, the Seman-tic Web Services Initiative Architec-ture (SWSA) committee’s mission is to develop the necessary abstractions for an architecture that supports Semantic Web services. The resultant framework builds on the W3C Web Services Archi-tecture working group report (and is motivated in part by Tim Berners-Lee’s vision for the Semantic Web1). Other groups developing Semantic Web services frameworks contributed to our discus-sions, including the OWL-S //au: please spell out/ / consortium, the WSMO //au: please spell out/ / group at the Digital Enterprise Research Institute (DERI), and the METEOR-S //au: please spell...
In proceedings of The Third International Conference on the Virtual Computing Initiative (ICVCI 2009)
Research Interests:
Current access control research follows two parallel themes: many efforts focus on developing novel access control models meeting the policy needs of real world application domains while others are exploring new policy languages. This... more
Current access control research follows two parallel themes: many efforts focus on developing novel access control models meeting the policy needs of real world application domains while others are exploring new policy languages. This paper is motivated by the desire to develop a synergy between these themes facilitated by OWL. Our vision for the future is a world where advanced access control concepts are embodied in models that are supported by policy languages in a natural intuitive manner, while allowing for details beyond the models to be further specified in the policy language. In this paper we specifically study the relationship between the Web Ontology Language (OWL) and the Role Based Access Control (RBAC) model. Although OWL is a web ontology language and not specifically designed for expressing authorization policies, it has been used successfully for this purpose in previous work such as KAoS and Rei. We show two different ways to support the NIST Standard RBAC model in OW...
Research Interests:
We describe our on-going work in using the semantic web in support of ecological informatics, and demonstrate a distributed platform for constructing end-to-end use cases. Specifically, we describe ELVIS (the Ecosystem Location... more
We describe our on-going work in using the semantic web in support of ecological informatics, and demonstrate a distributed platform for constructing end-to-end use cases. Specifically, we describe ELVIS (the Ecosystem Location Visualization and Information System), a suite of tools for constructing food webs for a given location, and Triple Shop, a SPARQL query interface which allows scientists to semi-automatically construct distributed datasets relevant to the queries they want to ask. ELVIS functionality is exposed as a collection of web services, and all input and output data is expressed in OWL, thereby enabling its integration with Triple Shop and other semantic web resources.
Research Interests:
In this paper we describe the Unified Cybersecurity Ontology (UCO) that is intended to support information integration and cyber situational awareness in cybersecurity systems. The ontology incorporates and integrates heterogeneous data... more
In this paper we describe the Unified Cybersecurity Ontology (UCO) that is intended to support information integration and cyber situational awareness in cybersecurity systems. The ontology incorporates and integrates heterogeneous data and knowledge schemas from different cybersecurity systems and most commonly used cybersecurity standards for information sharing and exchange. The UCO ontology has also been mapped to a number of existing cybersecurity ontologies as well as concepts in the Linked Open Data cloud. Similar to DBpedia which serves as the core for general knowledge in Linked Open Data cloud, we envision UCO to serve as the core for cybersecurity domain, which would evolve and grow with the passage of time with additional cybersecurity data sets as they become available. We also present a prototype system and concrete use cases supported by the UCO ontology. To the best of our knowledge, this is the first cybersecurity ontology that has been mapped to general world ontol...
Research Interests:
This paper discusses our infrastructure for handling distributed security and trust. It outlines a method for access control across domains that handles complex inter domain trust relationships. We have developed a flexible representation... more
This paper discusses our infrastructure for handling distributed security and trust. It outlines a method for access control across domains that handles complex inter domain trust relationships. We have developed a flexible representation of trust information in Prolog, that can model permissions and delegations. We are currently working on modeling obligations, entitlements, and prohibitions as well. This paper describes a scheme for restricting re-delegation without using a specific delegation depth. Using examples, this paper explains the internal working of our system and the trust information that flows within it.
Research Interests:
The Semantic Web facilitates integrating partial knowledge and finding evidence for hypothesis from web knowledge sources. However, the appropriate level of granularity for tracking provenance of RDF graph remains in debate. RDF document... more
The Semantic Web facilitates integrating partial knowledge and finding evidence for hypothesis from web knowledge sources. However, the appropriate level of granularity for tracking provenance of RDF graph remains in debate. RDF document is too coarse since it could contain irrelevant information. RDF triple will fail when two triples share the same blank node. Therefore, this paper investigates lossless decomposition of RDF graph and tracking the provenance of RDF graph using RDF molecule, which is the finest and lossless component of an RDF graph. A sub-graph is {\em lossless} if it can be used to restore the original graph without introducing new triples. A sub-graph is {\em finest} if it cannot be further decomposed into lossless sub-graphs. The lossless decomposition algorithms and RDF molecule have been formalized and implemented by a prototype RDF graph provenance service in Swoogle project.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
It is now more than ten years since researchers in the US Knowledge Sharing Effort envisaged a future where complex systems could be built by combining knowledge and services from multiple knowledge bases and the first agent communication... more
It is now more than ten years since researchers in the US Knowledge Sharing Effort envisaged a future where complex systems could be built by combining knowledge and services from multiple knowledge bases and the first agent communication language, KQML, was proposed (Neches et al., 1991). This model of communication, based on speech acts, a declarative message content representation language and the use of explicit ontologies defining the domains of discourse (Genesereth & Ketchpel, 1994), has become widely recognised as having great benefits for the integration of disparate and distributed information sources to form an open, extensible and loosely coupled system. In particular, this idea has become a key tenet in the multi-agent systems research community.
Research Interests:
Research Interests:
SemNews is a semantic news service that monitors different RSS news feeds and provides structured representations of the meaning of news. As new content appears, SemNews extracts the summary from the RSS description and processes it using... more
SemNews is a semantic news service that monitors different RSS news feeds and provides structured representations of the meaning of news. As new content appears, SemNews extracts the summary from the RSS description and processes it using OntoSem, which is a sophisticated text understanding system.
Research Interests:
Traditionally, security for stand-alone computers and small networks was handled by physical security and by logging into computers and domains. With open networks like the Internet and pervasive environments, issues concerning security... more
Traditionally, security for stand-alone computers and small networks was handled by physical security and by logging into computers and domains. With open networks like the Internet and pervasive environments, issues concerning security and trust become crucial. There is no longer the physical aspect of security due to the distributed nature of the networks and the concept of user authentication to a domain is not possible. Imagine a scenario where a user, with a portable device, walking through a building, switches on the ...
Research Interests:
Research Interests:
Information extraction systems analyze text to produce entities and beliefs, but their output often has errors. In this paper we analyze the reading consistency of the extracted facts with respect to the text from which they were derived... more
Information extraction systems analyze text to produce entities and beliefs, but their output often has errors. In this paper we analyze the reading consistency of the extracted facts with respect to the text from which they were derived and show how to detect and correct errors. We consider both the scenario when the provenance text is automatically found by an IE system and when it is curated by humans. We contrast consistency with credibility; define and explore consistency and repair tasks; and demonstrate a simple, yet effective and generalizable, model. We analyze these tasks and evaluate this approach on three datasets. Against a strong baseline model, we consistently improve both consistency and repair across three datasets using a simple MLP model with attention and lexical features.
Research Interests:
Cyber-defense systems are being developed to automatically ingest Cyber Threat Intelligence (CTI) that contains semi-structured data and/or text to populate knowledge graphs. A potential risk is that fake CTI can be generated and spread... more
Cyber-defense systems are being developed to automatically ingest Cyber Threat Intelligence (CTI) that contains semi-structured data and/or text to populate knowledge graphs. A potential risk is that fake CTI can be generated and spread through Open-Source Intelligence (OSINT) communities or on the Web to effect a data poisoning attack on these systems. Adversaries can use fake CTI examples as training input to subvert cyber defense systems, forcing the model to learn incorrect inputs to serve their malicious needs. In this paper, we automatically generate fake CTI text descriptions using transformers. We show that given an initial prompt sentence, a public language model like GPT-2 with fine-tuning, can generate plausible CTI text with the ability of corrupting cyber-defense systems. We utilize the generated fake CTI text to perform a data poisoning attack on a Cybersecurity Knowledge Graph (CKG) and a cybersecurity corpus. The poisoning attack introduced adverse impacts such as returning incorrect reasoning outputs, representation poisoning, and corruption of other dependent AI-based cyber defense systems. We evaluate with traditional approaches and conduct a human evaluation study with cybersecurity professionals and threat hunters. Based on the study, professional threat hunters were equally likely to consider our fake generated CTI as true.
Research Interests:
Data confidentiality is an issue of increasing importance. Several authorities and regulatory bodies are creating new laws that control how web services data is handled and shared. With the rapid increase of such regulations, web service... more
Data confidentiality is an issue of increasing importance. Several authorities and regulatory bodies are creating new laws that control how web services data is handled and shared. With the rapid increase of such regulations, web service providers face challenges in complying with these evolving regulations across jurisdictions. Providers must update their service policies regularly to address the new regulations. The challenge is that regulatory documents are large text documents and require substantial human effort to comprehend and enforce. On the other hand, web service provider privacy policies are relatively short compared to the regulatory texts, so it is hard to determine if an organization's policy document addresses the regulation's essential elements. We have developed a framework to automatically compare web service policies with regulatory policies to measure how closely the web service provider complies with a regulation. In this paper, we present our framework's details along with the results of analyzing a corpus of 3,000 privacy policies against GDPR. Our framework uses BiLSTM multi-class classification and a BERT extractive summarizer. We evaluate the framework's efficacy by checking the context similarity score between summarized GDPR and web service provider privacy policies.
We present CyBERT, a domain-specific Bidirectional Encoder Representations from Transformers (BERT) model, fine-tuned with a large corpus of textual cybersecurity data. State-of-the-art natural language models that can process dense,... more
We present CyBERT, a domain-specific Bidirectional Encoder Representations from Transformers (BERT) model, fine-tuned with a large corpus of textual cybersecurity data. State-of-the-art natural language models that can process dense, fine-grained textual threat, attack, and vulnerability information can provide numerous benefits to the cybersecurity community. The primary contribution of this paper is providing the security community with an initial fine-tuned BERT model that can perform a variety of cybersecurity-specific downstream tasks with high accuracy and efficient use of resources. We create a cybersecurity corpus from open-source unstructured and semi-unstructured Cyber Threat Intelligence (CTI) data and use it to fine-tune a base BERT model with Masked Language Modeling (MLM) to recognize specialized cybersecurity entities. We evaluate the model using various downstream tasks that can benefit modern Security Operations Centers (SOCs). The finetuned CyBERT model outperforms the base BERT model in the domain-specific MLM evaluation. We also provide use-cases of CyBERT application in cybersecurity based downstream tasks.
The Internet of Battlefield Things (IoBT) will advance the operational effectiveness of infantry units. However, this requires autonomous assets such as sensors, drones, combat equipment, and uncrewed vehicles to collaborate, securely... more
The Internet of Battlefield Things (IoBT) will advance the operational effectiveness of infantry units. However, this requires autonomous assets such as sensors, drones, combat equipment, and uncrewed vehicles to collaborate, securely share information, and be resilient to adversary attacks in contested multi-domain operations. CAPD addresses this problem by providing a context-aware, policy-driven framework supporting data and knowledge exchange among autonomous entities in a battlespace. We propose an IoBT ontology that facilitates controlled information sharing to enable semantic interoperability between systems. Its key contributions include providing a knowledge graph with a shared semantic schema, integration with background knowledge, efficient mechanisms for enforcing data consistency and drawing inferences, and supporting attribute-based access control. The sensors in the IoBT provide data that create populated knowledge graphs based on the ontology. This paper describes using CAPD to detect and mitigate adversary actions. CAPD enables situational awareness using reasoning over the sensed data and SPARQL queries. For example, adversaries can cause sensor failure or hijacking and disrupt the tactical networks to degrade video surveillance. In such instances, CAPD uses an ontology-based reasoner to see how alternative approaches can still support the mission. Depending on bandwidth availability, the reasoner initiates the creation of a reduced frame rate grayscale video by active transcoding or transmits only still images. This ability to reason over the mission sensed environment, and attack context permits the autonomous IoBT system to exhibit resilience in contested conditions.
We report on a recent study of the way FOAF and other semantic web ontologies are being used to describe people and their social relations.
Research Interests:
In this paper, we describe a policy-based access control implementation for Task Computing using the Rei policy engine. Task Computing lets ordinary end-users accomplish complex tasks on the fly from an open, dynamic, and distributed... more
In this paper, we describe a policy-based access control implementation for Task Computing using the Rei policy engine. Task Computing lets ordinary end-users accomplish complex tasks on the fly from an open, dynamic, and distributed "universe of network-accessible resources" in ubiquitous computing environments as well as those on the Internet. The Rei policy specification language is an expressive and extensible language based on Semantic Web technologies. The Rei policy engine reasons over Rei policies in OWL and domain knowledge to answer queries about the current permissions and obligations of an entity. To provide unobtrusive and flexible access control for Task Computing, a framework was created in which several Rei policy engines were endowed with Web Services APIs to dynamically process facts from clients, the private policies of service providers, shared policies, and common shared ontologies. The framework is implemented and deployed for Fujitsu Laboratories of ...
Research Interests:
The Semantic Web is a vision to simplify and improve knowledge reuse on the Web. It is all set to alter the way humans benefit from the web from active interaction to somewhat passive utilization through the proliferation of software... more
The Semantic Web is a vision to simplify and improve knowledge reuse on the Web. It is all set to alter the way humans benefit from the web from active interaction to somewhat passive utilization through the proliferation of software agents and in particular personal assistants that can better function and thrive on the Semantic Web than the conventional web. Agents can parse, understand and reason about information available on Semantic Web pages in an attempt to use it to meet users' needs. Such personal assistants will be driven by rules , axioms and the internal model or profile that the agents have inside them for the user. An intrinsic and important pre-requisite for a personal assistant or rather any agent is to manipulate information available on the Semantic Web in the form of ontologies, axioms, and rules written in various semantic markup languages. In this paper, a model architecture for such a personal assistant dealing with real-world semantic markup is described. ...
Research Interests:
Privacy protection is a key requirement for the future pervasive computing systems. This paper describes the design and implementation of a privacy protection framework that exploits the SOUPA policy ontology and its associated policy... more
Privacy protection is a key requirement for the future pervasive computing systems. This paper describes the design and implementation of a privacy protection framework that exploits the SOUPA policy ontology and its associated policy reasoning algorithm. The SOUPA policy ontology expressed in the Web Ontology Language OWL allows users to define policy rules to permit or forbid actions that attempt to access the users' private information. Central to the policy reasoning algorithm is the use of a Description Logic inference engine that reasons over the OWL-DL constructs of the policy ontology. We also show the feasibility of this framework through a prototype of the Context Broker Architecture (CoBrA).
Research Interests:
The Platform for Privacy Preferences (P3P) is a W3C standard that websites can use to describe their privacy practices. The presence of P3P policies enable users to configure web browsers to constrain what they can and cannot do when... more
The Platform for Privacy Preferences (P3P) is a W3C standard that websites can use to describe their privacy practices. The presence of P3P policies enable users to configure web browsers to constrain what they can and cannot do when visiting websites. It's a good idea that unfortunately is rarely used. We identify two reasons: (i) the languages available to define a user's privacy preferences are not very expressive and (ii) most websites do not have published P3P policies. We present enhancements to P3P framework that uses trust and the Semantic Web concepts to solve these problems. We use the RDF-based Rei policy language to enable users to describe their privacy-related constraints and preferences. Further, our approach is effective even in the absence of published P3P policies through the incorporation of our trust model. We present use cases to demonstrate the relevance of our work to the current web privacy landscape and offer it as a powerful enhancement that can pro...