Abstracts - 2006
The Rein Policy Framework for the Semantic Web
Lalana Kagal, Tim Berners-Lee, Dan Connolly & Daniel Weitzner
As the necessity of flexible Web security becomes more apparent and as the notion of using policies for access control gains popularity, the number of policy languages being proposed for controlling access to Web resources increases. Instead of requiring everyone on the Web to conform their description of their policy relationships to a single language, we leverage the power of the Semantic Web to reason across the various languages (such as RDF-S, OWL, and rule languages) that people use to describe policies. We propose Rein - a policy and delegation framework that is grounded in Semantic Web technologies - to help the Web preserve maximum expressiveness for local policy communities by enabling global interoperability of policy reasoning. Rein provides ontologies for describing policies and delegations, and provides mechanisms for reasoning over them, both of which can be used to develop domain and policy language specific access control frameworks for Web resources.
Rein is a framework for policy specification and reasoning, which exploits the inherently decentralized and open nature of the (Semantic) Web [1, 2] and draws on policy concepts defined in the Rei policy language [3, 4]. Rein supports policies and meta-policies (for conflict resolution) that are described in RDF-S  , OWL , and rule languages such as N3  over policy languages defined in RDF-S or OWL. Policies, meta policies, and policy languages can be re-used and extended as required. Inter-related resources, their policies and meta policies, the policy languages used, and their relationships together form Rein policy networks. Rein policy networks are described using Rein ontologies  and these descriptions are used by the Rein engine to provide policy reasoning.
Another important aspect of the Rein framework is that it supports delegation of authorization and trust that allow policies to be less exhaustive and provide decentralized security control. Delegation of authorization is very important to the Web because owners of Web resources may not be able to project who should have access to their resources or pre-establish all desirable requirements for access. This kind of delegation allows permissions on a resource to be propagated by a set of trusted entities without explicitly changing the policy or requirements. In order to support the openness of the Web, the Rein framework also includes delegation of trust such that only trusted information on the Web is accepted and reasoned about. Both kinds of delegation can be used with different policy languages defined in RDF-S and OWL.
Some of the main contributions of Rein include:
This research was supported by the National Science Foundation (Awards 0427275 and 052448).
 Rein. URL : http://dig.csail.mit.edu/2005/09/rein/
 Lalana Kagal, Tim Berners-Lee, Dan Connolly, and Daniel Weitzner. Using Semantic Web Technologies for Open Policy Management on the Web. Under review, February 2006.
 Lalana Kagal. A Policy-Based Approach to Governing Autonomous Behavior in Distributed Environments. PhD Thesis, Baltimore, Maryland, USA, September 2004.
 Lalana Kagal. Rei Policy Specification Language. URL : http://rei.umbc.edu/
 World Wide Web Consortium (W3C). RDF Vocabulary Description Language 1.0: RDF Schema. W3C Recommendation, February 2004. URL : http://www.w3.org/TR/rdf-schema/
 World Wide Web Consortium (W3C). Web Ontology Language (OWL) Reference. W3C Recommendation, February 2004. URL : http://www.w3.org/TR/owl-ref/
 Tim Berners-Lee, Dan Connolly, Eric Prud'homeaux, Yosi Scharf. Experience with N3 rules. In W3C Workshop on Rule Languages for Interoperability, Washington, D.C., USA, April 2005.
 Tom Gruber. What is an Ontology? URL : http://www.ksl.stanford.edu/kst/what-is-an-ontology.html