See also: IRC log
<scribe> scribe: CB
<scribe> scribeNick: caribou
Rigo: there is more and more
interest in policy languages
... relations to eGov, social Networks...
... we have invited people to present
... Co-chairs for the PLING are Renato Iannella (NICTA) and
Marco Cassasa-Mont (HP)
Renato: [starting a round of
introductions]
... [reviewing agenda]
JanC: we want to protect our
privacy in our interactions with others, companies, etc.
... on a computer, traces stay
... it is too difficult to understand the policies when you go
to a website
... you don't want to spend 3hrs to read and understand all the
fine-prints
... we should worry about the data we provide
... and reveal the less
... PrimeLife looks at wikis, social networks,
eCollaborations
... there are technologies to minimize the data you give to
people
... ready to be used but not often used yet
... Now more technically:
... [example with driver renting a car, getting an
insurance]
... in electronic world, digital documents and signatures
... they don't need your birthdate when you rent a car
... we should make some information conditional
... e.g. give them an encrypted version of your data, that
would be decrypted only if needed (e.g. if you crash the
car)
Andreas: in the end , you have to
trust someone
... if it's not the car rental, it's the entity that could
decrypt
JanC: indeed. The first step is
to define who I trust for what
... a set of parties have to agree. you want to distribute the
trust
... if one is corrupted, the other might not :)
... second step is to define the policy that says when the
information can be disclosed
... if you only use digital signature, you can link
information
... so we need anonymous credentials
... ['architecture' description]
... on the service side, we need to change the access control
mechanism
... policies are transfered to the user
... in fact the relevant parts
... the user has personal policies about what he/she wants to
disclose
... partial identities to unlink information
RigoW: enforcement of policies?
JanC: Data handling, e.g. after
the transaction is done
... delete information
... change of business processes, to avoid using keys like
social security number
Lalana: what about the proof that you are X ?
JanC: I'm getting to
credentials
... [example: prove you are over 18]
... without saying who you are
... nor leave traces
... 1st change: identity is kept secret
... several partial public identities
... e.g. one identity with just my birthdate
... if I need more certified information, I create a new
identity
... and for several information, you can mix several
identities
... so that you get a certificate with all certified
statements
... without needing a new certification
Andreas: to avoid the certificates handling at the user's, you can have token services
JanS: single point of trust problem
??? : in semantic web area, you can build network of trust with self-signed certificate
Lucy: trust is not only on the user side
JanC: [wine shop example]
... address is encrypted and only the shipping service can
decrypt
... the user is anonymous for the wine shop
... [associated workflow]
... if the user disagrees with the service assertion request,
she can send a different one to negotiate another one (AC +DHP
+ obligations)
RigoW: how do we make sure that your DHP keeps in sync with the data that travels?
JanC: you have to trust that the data is transferred to services that have the same DHP
JanS: trust is a key of the pb
JanC: in addition to the
requirement, you might need to specify which proof you
need
... e.g. OECD_passport to prove age > 21
... can use an ontology to decide what matches "OECD_Passport"
(e.g. swiss passport, ...)
... Summary: we need DHP, Credential formats
... Privacy prefs/ AC, Obligations, Logging, Matching of
policies
... + lots of ontologies (categories of issuers and
credentials)
... user interfaces (not too complex)
Lalana: do you think a standard policy language would help?
JanC: I think the answer is yes
GregN: do you mean something that interacts with existing ?
Lalana: a Data Handling Policy language
CSMA: a policy exchange language
Andreas: a language that can be
translated in existing languages
... canonical policy
RigoW: canonical is another word
for complexity
... Semantic Web might be used to match policies
CSMA: you need to compare
policies
... the Rules Interchange Format does not compare rules
... just transform, so the other end can apply
... the pb is to be able to say if the server policy matches
the user desired policy
Andreas: not compare them to be identical, but if one is included in the other
CSMA: I don't think it's just a
question of normal form of the interchange format
... in your execution language you might be able to see if
policies match
... I don't think you can do that purely syntactically
RigoW: ontologies?
CSMA: DL
... OWL DL is the only format that's standardized
... not necessarily sufficient
JanC: PrimeLife activities:
... infrastructure, coordination and education
... research
... Privacy-enhancing identity management is feasible, let's do
it
... project website is primelife.eu
[break]
<renato> W3C Rules Interchange Format (RIF) - Christian de Sainte Marie
CSMA: Interchange with
serialization to an XML document
... you have to share a data model of the document, to
serialize and deserialize it
... if you have rules related to the document, you want to
exchange them with a rule model
... RIF itself is not modelling the data
RigoW: how is the RIF document related to the data?
CSMA: this is one issue. I'll
come to it later again
... there is a use case for rules interchange without it being
linked to a document
... you can have a compliance organisation, to check that the
rules can be executed
... [example of use case: buyer and seller policies and
prefs]
JanC: did you use XACML?
... as a mapping to an execution language?
CSMA: this is the rules model, the format of rules and semantics
CSMA: in a business domain, e.g.
mortgage industry, they have their own data model, concepts,
representations
... they may want to write rules about the data
... representing the semantics and structure of data is
different from semantics and representation of rules
RigoW: can RIF be used with OWL?
CSMA: yes
... rules can be expressed in OWL, but not all the rules really
belong to the ontology
... different life cycle, status wrt domain knowledge
... rules are not always conceptual
... example from the PrimeLife document
<rigo> +bergamo
CSMA: [shows a RIF example of access control policy taken from PRIME]
<rigo> +HarryHalpin
CSMA: RIF does not provide a
policy language but it can be used to interchange
policies
... other applications using other languages can reuse the
rules with the same semantics
... people have their own rules format and engine already
... we have 2 backgrounds:
... the SW needs a rule language to add rules on top of
OWL
... rules with formal semantics
... hundreds of rule systems
... including some already in SW
... market with business rules
... the super-set approach (designing a language that you can
translated to any language) is not practical
... we defined a RIF Core as the overlap between existing
models
... and you can extend it to add dialects
... but not knowing which dialects would be needed, it's
impossible to agree on a Core
... we now have 2 families, and trying to define the core from
that
http://www.w3.org/2005/rules/wiki/BLD (Basic Logic Dialect)
http://www.w3.org/2005/rules/wiki/PRD (Production Rule Dialect)
CSMA: Design principles: not
redefining a new rules language
... preserving the semantics when interchanging (from one
dialect to another)
... only normative XML Schema
Lalana: if I translate to BLD and you translate to PRD, will we be able to understand?
CSMA: syntactic
intersection
... e.g. any PRD rule without negation will be
BLD-compatible
... a RIF document will not tell you the dialect it is
using
... either you find a construct that you don't understand, and
then you don't understand the rif document
... or you understand every construct and then you don't care
about the dialect
... RIF is a box where you could put your policies, it does not
define a policy interchange solution
http://www.w3.org/Policy/pling/wiki/UseCases
Renato presents the flickr/virgin mobile real case (http://www.w3.org/Policy/pling/wiki/InterestingCases#Virgin_Mobile_and_Flickr_Photos)
Stefano: not all the countries have the same law
JanS: it is a matter of
awareness
... pb of understanding of the "creative commons" license
Harry: there was a clear choice
but the user does not understand
... if there was some machine-readable semantics, the user
could have access to more information automatically
Renato: the friend of the person chose the license, not the person herself
RigoW: people don't always
realize what's implied
... e.g. in social networks, people don't always know they are
publishing to the world
Carine: we want SN sites designers to be able to offer more flexible choices than just "I publish to the world or I don't"
JanS: The context is
important
... a policy language has to decide what level we want to
reach
Renato: expressing the purpose
Andreas: this UC shows that the
policy that is in place is not suitable
... the user choose for her friends
... if there is someone else on the picture, the person has her
say
JanS: it's not much of a
technical pb here
... more awareness and legal pbs
Greg: from the technical point of view, tagging picture with names is not good for privacy
Harry: the ultimate pb are always
essentially social
... it's diffcult for legal frameworks to follow
... if this groups produces a policy solution, how do we get
users to create systems using it
... browser people don't want to put it in their browsers
... you can imagine how to implement it now
... but the purpose is to push it into the user-browser-server
ecosystem
Lucy: I was in the widgets group,
they were discussing camera access, to tag pictures for
geolocation
... e.g. camera with GPS
RigoW: PLING is collecting use
cases
... if you can write up a short description, it would be
useful
... we will get a converge on what are the most urgent
needs
Renato presents "The Economist" reuse picture form
Renato: they have all questions (place where you want to use it...)
Harry: you can't debug because the information is not accessible from the form page
[break - reconvene on friday]
This is scribe.perl Revision: 1.133 of Date: 2008/01/18 18:48:51 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/look/looks/ Succeeded: s/BLD/BLD-compatible/ Succeeded: s/solutions/systems/ Found Scribe: CB Found ScribeNick: caribou Present: Carine_Bournez Jan_Camenisch Karima_Boudaoud Jan_Schallaboeck Frank_Wagner Laurent_Bussard Ashok_Malhotra Lucy_Lynch Stefano_Crosta Gregory_Neven Christian_de_Sainte_Marie Rigo_Wenning Ulrich_Pinsdorf Aleksandra_Kuczerawy Franz-Stefan_Preiss Andreas_Matheus Renato_Iannella Lalana Kagal Agenda: http://www.w3.org/Policy/pling/wiki/TPAC2008 WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth Got date from IRC log name: 23 Oct 2008 Guessing minutes URL: http://www.w3.org/2008/10/23-pling-minutes.html People with action items:[End of scribe.perl diagnostic output]