Security for DAML Web Services: Annotation and Matchmaking

  • Grit Denker
  • Lalana Kagal
  • Tim Finin
  • Massimo Paolucci
  • Katia Sycara
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2870)


In the next generation of the Internet semantic annotations will enable software agents to extract and interpret web content more quickly than it is possible with current techniques. The focus of this paper is to develop security annotations for web services that are represented in DAML-S and used by agents. We propose several security-related ontologies that are designed to represent well-known security concepts. These ontologies are used to describe the security requirements and capabilities of web services providers and requesting agents. A reasoning engine decides whether agents and web service have comparable security characteristics. Our prototypical implementation uses the Java Theorem Prover from Stanford for deciding the degree to which the requirements and capabilities match based on our matching algorithm. The security reasoner is integrated with the Semantic Matchmaker from CMU giving it the ability to provide security brokering between agents and services.


MultiAgent System Security Requirement Security Protocol Trust Management Security Mechanism 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    DAML+OIL Committee: DAML+OIL (2001),, See for committee members
  2. 2.
  3. 3.
    Fikes, R., Jenkins, J., Frank, G.: JTP: A System Architecture and Component Library for Hybrid Reasoning (2003),
  4. 4.
    Paolucci, M., Kawamura, T., Payne, T.R., Sycara, K.: Semantic Matching of Web Services Capabilities. In: Horrocks, I., Hendler, J. (eds.) ISWC 2002. LNCS, vol. 2342, p. 333. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Paolucci, M., Kawamura, T., Payne, T.R., Sycara, K.: Importing the Semantic Web in UDDI. In: Proceedings of E-Services and the Semantic Web Workshop (2002)Google Scholar
  6. 6.
    IETF W3C XMLSignature Working Group: XML Signature,
  7. 7.
    Bartel, M., Boyer, J., Fox, B., LaMacchia, B., Simon, E.: XML-Signature Syntax and Processing Rules (2001),
  8. 8.
    OASIS Security Service Technical Committee: Security Assertion Markup Language (SAML),
  9. 9.
    Atkinson, B., Della-Libera, G., Hada, S., Hondo, M., Hallam-Baker, P., Klein, J., LaMacchia, B., Leach, P., Manferdelli, J., Maruyama, H., Nadalin, A., Nagaratnam, N., Prfullchandra, H., Shewchuk, J., Simon, D.: WS-Security (2002),
  10. 10.
    Klyne, G.: Framework for Security and Trust Standards,
  11. 11.
    Zimmermann, P.: The Official PGP User’s Guide. MIT Press, Cambridge (1995)Google Scholar
  12. 12.
    SPKI: Simple Public Key Infrastructure,
  13. 13.
  14. 14.
    Abadi, M., Burrows, M., Lampson, B., Plotkin, G.: A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems 15, 706–734 (1993)CrossRefGoogle Scholar
  15. 15.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proc. 1996 IEEE Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society, Los Alamitos (1996)CrossRefGoogle Scholar
  16. 16.
    Li, N., Grosof, B., Feigenbaum, J.: A Practically Implementable and Tractable Delegation Logic. In: Proc. 2000 IEEE Symposium on Security and Privacy (S&P 2000), pp. 27–42. IEEE Computer Society, Los Alamitos (2000)Google Scholar
  17. 17.
    Kagal, L., Finin, T., Joshi, A.: Developing Secure Agent Systems Using Delegation Based Trust Management. In: Security of Mobile MultiAgent Systems (SEMAS 2002) held at Autonomous Agents and MultiAgent Systems (AAMAS 2002) (2002)Google Scholar
  18. 18.
    Bradshaw, J., Uszok, A., Jeffers, R., Suri, N., Hayes, P., Burstein, M., Acquisiti, A., Benyo, B., Breedy, M., Carvalho, M., Diller, D., Johnson, M., Kulkarni, S., Lott, J., Sierhuis, M., Hoof, R.V.: Representation and Reasoning for DAML-Based Policy and Domain Services in KAoS and Nomads. In: Submitted to AAMAS 2003, Melbourne, Australia, July 14–18 (2003)Google Scholar
  19. 19.
    Kagal, L., Finin, T., Joshi, A.: A Policy Language for A Pervasive Computing Environment. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Grit Denker
    • 1
  • Lalana Kagal
    • 2
  • Tim Finin
    • 2
  • Massimo Paolucci
    • 3
  • Katia Sycara
    • 3
  1. 1.SRI InternationalMenlo ParkUSA
  2. 2.University of Maryland Baltimore CountyBaltimoreUSA
  3. 3.Carnegie Mellon UniversityPittsburghUSA

Personalised recommendations