Policy-based Access Control for Task Computing Using Rei

In this paper, we describe a policy-based access control implementation for Task Computing using the Rei policy engine. Task Computing lets ordinary end-users accomplish complex tasks on the fly from an open, dynamic, and distributed "universe of network-accessible resources" in ubiquitous computing environments as well as those on the Internet. The Rei policy specification language is an expressive and extensible language based on Semantic Web technologies. The Rei policy engine reasons over Rei policies in OWL and domain knowledge to answer queries about the current permissions and obligations of an entity. To provide unobtrusive and flexible access control for Task Computing, a framework was created in which several Rei policy engines were endowed with Web Services APIs to dynamically process facts from clients, the private policies of service providers, shared policies, and common shared ontologies. The framework is implemented and deployed for Fujitsu Laboratories of America (FLA), College Park office and evaluated. Categories and Subject Descriptors