Panos' Blog Page

Very Original, Very Good Technically, Very Well Presented, top marks all around..but

rejected!!!

I received after a long wait the reviews for the abstract I'd submitted for the AHM2008 event. I was buffled to say the least. The organisers of the AHM2008 this year decided to drop the typical format of informally publishing papers on a CD smile and decided to publish selected papers to a journal. I received top marks for my contrubution but that did not seem enough overcome the politics of the event and my paper was rejected. I submitted a very original piece of work that strongly contributes and advances the field of computer science. I selected an event that is characterised by lack of such contributions as most papers dela with the application of comp sci rather than comp sci itself. I know this because i've been a regular goer to the event since 2003 and eScience in general is characterised by lack of publications that advance the field of computer science. Needless to say that I won't be going to the event again...whatever..
panos periorellis on 07.04.08 @ 07:02 PM gmt [Full Entry]

eBook on Security

I saw this on Jason Hogg's blog and I thought to post it here too. Microsoft has released on codeplex this book on security and web services. I read the first couple of chapters and they are a very interesting read. It starts off woth basic information on authorisation, authentication, non repudiateion etc and moves to more complicated use cases and best practices.
Definately worth a look.

panos periorellis on 07.04.08 @ 08:58 AM gmt [Full Entry]

Thursday, July 3rd

Few more days before the Holiday

As the week is coming to an end, I am happy with the way things have progressed so far. I think I have just about managed to satisfy all the demands of the -ever increasing amount of- managers of the project I work for. I am about to take a long break, in order to consider my future and most importantly have a proper holiday after a whole year. So I will be leaving my university work behind for a while in the hope that things won't get too messed up while I am away.

I got in touch with a couple of pals from back home that I hadn't talked to for a while and we arranged to meet in Athens next week. I am also planning a long weekend away with my siblings as a last get together just the 3 of us before my brother moves to his new home. We are planning a road trip to Peloponese. I have been away from home since a very young age and never had a chance to experience Greece. I have only visited a few of places and I decided to engage in some tourism this year.

I will write again before I depart.
panos periorellis on 07.03.08 @ 06:48 PM gmt [Full Entry]

Wednesday, June 18th

Back from Belfast

I couldnt have picked a worst date to travel to and from Belfast on Monday. Bush was there too and as you can imagine most roads were closed, people were demonstrating and generally there was a feeling of chaos. I got on a cab to return to the airport late afternoon and the police all of a sudden stopped the traffic. It all came to a standstill. You couldnt go forth or back until the Bush convoy had gone to the airport and gotten airborne. I spent about 90 minutes waiting for Bush to go. It was frustruting listening on the radio of his whereabouts and the people he was meeting. All I was thinking was 'just go'. I really wonder why they cause so much fuss when they can so easily use military airports instead. Anyway, eventually we moved.

The meeting the SAP was really good. I was left with a very good impression of the projects and the work they are doing. I will explore the Extreme-OS project and some other pointers that colleagues pointed out.

more soon...

panos periorellis on 06.18.08 @ 12:48 PM gmt [Full Entry]

Friday, June 13th

Rerto c64

My colleague George pointed this link out ot me and since I am 'really' into old retro machines lately and I decided to post it. Here is Contiki a lightweight operating system for 8bit machines. Check the pics for c64, it also offers a TCP/IP stack allowing 8bits to get online!

good stuff...

panos periorellis on 06.13.08 @ 11:16 AM gmt [Full Entry]

Thursday, June 12th

SAP Visit

I am visiting SAP next week just for a day and I plan to talk to them about research ideas i have been developing on the sidelines in the areas of Grid operating systems and P2P networks. I am about to finish the work on Maven (at least the compiling part of it) and I plan to concertate on some research work which I have not been doing much since I started working on my current project. I want to develop my ideas on using the processing capabilities of hardware devices ranging PC's to playstations and Xbox consoles in order to carry out Grid Computing. I am sure many people have been thinking along the lines of using P2P networking capabilities in order to deploy services and run processes on dynamically discoverable PS3s smile ... that would raise so many interesting research questions in the areas of networking and security that i have been looking at. The centralised view of my current project does not leave much room for such questions to be raised and tackled. The more I think about it the more certain I am that I need to change labs soon. Anyway I 'll see if SAP find me interesting and get back to you.

more soon.

panos periorellis on 06.12.08 @ 10:54 AM gmt [Full Entry]

Saturday, June 7th

Maven Build

So after a long time putting it off I decided to sit down and learn how to use Maven in order to re-build my Ant compatible projects into it. I have to say i was impressed with it. I managed to build a couple of projects that had various dependencies using our custom repo and Maven's iblbio storage. I was impressed how interdependencies were handled and I was also particularly happy of its exceptions which seemed to be spot on.

i will spend next week finishing off the rest of my work.

panos periorellis on 06.07.08 @ 10:52 AM gmt [Full Entry]

Monday, May 26th

Bank Holiday

I spent the weekend doing nothing but destress from the strain of catching up with all my deadlines and the various obligations -professinal and otherwise- I had to fullfil specially regarding my next career move. I am spending the bank holiday Monday writing my talk for SAP which I am visiting mid June and although it seems like a long time way, I am sure it will fly past. I am preparing a talk that needs to bridge the gap between the work I have been doing for Grid and Grid Operating systems. So there is a lot of reading to do.

I submitted several papers to various conferences this past month, most notably 2 abstracts to AHM2008 which I hope I will be asked to provide full journal papers for those. I decided that since AHM does not really publish proceedings I will withdraw my papers if they are accepted only for presentation. Another paper I co-authored with my Ph.D. student on ESBs has been accepted for publication at the Secureware conference in Paris and I also have high hopes for another paper I wrote addressing the automatic processing of licenses at the Grid2008 conference. It will be a busy summer if everything is accepted.

On other news I was happy to see that the Tyneside Cinema has been re-opened. It had closed down for renocations over a year ago and it reopened last week. It shows mostly indi filmls which I am a big fan off. Talking about indi films I saw the new indiana jones movie. It was really awful. Most critics blame Ford being over 60 but i thought the problem was the script. The story line was just bad and the direction felt like a long chase from beginning to end. Some of the old tricks were still there. Picking up various sacred objects from their holy places would trigger massive buterfly effects. At one point one such move resulted in an earthquake (typical), a whole mountain being destroyed, and an Alien spacecraft being launched into space!!! Whaterver...It was Indi meeting star wars towards the end.

I booked my tickets to go to Bastille next week for a few days and I also booked my tickets to go to Greece for a few weeks in July-August. I will write more soon.

panos periorellis on 05.26.08 @ 11:30 AM gmt [Full Entry]

Monday, May 5th

Ford Puma 2008

So I spent this weekend looking for cars amongst other things and I came across a news article that Ford is preparing to launch a new version of the -discontinued since 2002- Ford Puma . I was still doing my Ph.D. when I had first fallen in love with it. It was advertised quite lot at the time with Steve McQueen behind the wheel and it was also featured on the PS2 game Colin McRae 2002. I had managed to buy it that same year in the melina blue color that the C.McRae2002 game featured. It is great little car loathed by some, loved by many

I look forward to seeing it on sale....maybe....

panos periorellis on 05.05.08 @ 12:35 PM gmt [Full Entry]

Saturday, April 19th

Panos Operating System

So while I was exersicing my part time hobby in retro computing and operating systems I came across the Panos Operating System for the Acorn computer.

check out the manual here

smile

panos periorellis on 04.19.08 @ 07:26 AM gmt [Full Entry]

Wednesday, March 26th

Carmen and Cloud Computing

We are just about to launch the first release of our prototype software (nicknamed CARMEN) and I am about to finish the security services I produced for this system. I have started thinking about cloud computing lately and security approaches to cloud authentication and authorisation. It seems that federation techniques behind the cloud in conjunction with cloud identities for accountability are a good idea. Grid computing is rich with technologies paradigms and patterns we can use ore re-use although I think we need to approach this neiche area more systematically than Grid. We need to establish concrete solutions for areas such as provenance and security without getting bogged down with overlapping and loosely formal specs. I am hoping the work I have been doing during my spare time on SecPAL to be a step towards this direction. Maybe grid serves as a good rehearsal towards what we call cloud computing. I am in the process of elaborating on these ideas more and I aim towards a contribution to the next OGF meeting in Singapore. Similar ideas are being developed by my colleague Pierre who is looking into dynamic service composition. We are hoping to submit a paper to an IEEE conference next month. Next month will see the launch of the Carmen prototype and (assuming I manage to get my contract suspended) the SecPAL API for JAVA. Exciting times ahead. Will write more soon.
panos periorellis on 03.26.08 @ 10:35 AM gmt [Full Entry]

Thursday, February 28th

Discount for space flights

I received an email today from Virgin (the airline i use most frequently) advertising their Virgin Galactic trips that take passengers willing to pay the cost, on a 5 hour journey outside earth's atmosphere at 63 miles high. The cost is a bit steep at 200000dollars but they give you 10% off if you have enough miles. I have the miles more or less, just another 180000dollars to go.

"Dear Panagiotis,

Virgin Galactic is delighted to announce a new destination...space. Climb to 360,000ft. at a cruising speed of almost three times the speed of sound, in unprecedented levels of safety and comfort. See our beautiful planet from 63 miles up and experience the magic of weightlessness.

Redeem 200,000 miles to receive 10% off the cost of a spaceflight, that's an incredible $20,000 saving!* Join our future astronauts and book your place in history. "
panos periorellis on 02.28.08 @ 03:27 PM gmt [Full Entry]

Sunday, February 24th

Stevens University

I am in the states this week for the OGF22 conference. It is bound to be good as there are a number of interesting security related talks. I landed at Boston Logan airport and after a good nights sleep I took the train to NJ HOboken to attend a meeting/workshop and several talks about the new concept of virual workspace. I took the chance to meet some old colleagues and catch on their research. I was also exposed to the work people are doing in the area of online courses. These are courses that target professionals and student alike with the aim of informing people about new technologies and their applications. I think it is a good way to diseminate research and awareness of one's work. Needless to say that I promoted my book. I will try to get involved more with online courses specially in the area of web services and security.

I dont have many news about NY. It has been snowing heavily while i was here. Flatiron reconstruction is complete...CBGBs closed down. smile

I am going to Boston tonight for the OGF. I will keep people posted.
panos periorellis on 02.24.08 @ 05:35 PM gmt [Full Entry]

Friday, February 15th

XACML Implementation

At last!...An alternative implementation to the sunxacml.jar API for XACML 2.0. Τhe alternative spec has been implemented by Google and it supports 2.0 check it out here. If i was google i would get into XACML 3.0 straight away because the semantics introduced in v3.0 radically change XACML policies. Still it is an implementaion I welcome.

Exctract from the announcement: "The 'enterprise-java-xacml' Google Code Project provides a high performance XACML 2.0 implementation that can used in the enterprise environment. A first release has been announced; the software is made available under the Apache License 2.0. Enterprise Java XACML intends to fully implement OASIS XACML 2.0 and will support XACML 3.0 in the future. It is a totally independent implementation. It fully implements XACML 2.0 core standard and has passed all conformance tests. It provides PDP that can accept XACML requests and returns XACML responses."

panos periorellis on 02.15.08 @ 03:43 PM gmt [Full Entry]

Friday, February 8th

LSIDs

They stand for life science resource identifiers, they are an OMG based standard, they offer nothing novel whatsoever while making the developers work a nightmare and apparently they are here to stay. I spent most of the week trying to educate people about the dangers of LSID identifiers. For those readers that do not know what LSIDs are, it suffices to say they are location independent identifiers. URIs they say poses a problem in that they idenfity location dependent resources whereas LSIDs along with the related infrastructure alleviates 'supposedly' this problem. It was really made up by computationally challenged bioinformaticians who spend no time trying to understand W3C specs and by rediscovering the wheel, they came up with the LSID spec. In all their grief they had a point. I remember doing some data mining for a bioinformatics projects and it was unbelievable how many different names a protein in a database would have. LSIDs propose a univeral persistent name for such data. This is not new however nor novel. URI variations such as XRIs and IRIs do the exact same thing and they are alot older specs. But why make our life easier when we can make it harder; hence another spec saying the exact same thing. I started thinking that maybe the W3C standards and more importantly their names may repell scientints and as such they feel the need to come up with their own specs. Who can blame them for trying to support it?

I spent most of the week trying to explain to people that you cannot carry out 'location independent' security, or provenance, or auditing for that matter because each domain has by definition its own gatekeeper. I must have writen about 2000 words in emails for this matter alone. I ended up explaining tokens, time spamps and the like unitl I got bored.

Hoping to a more intellectually stimulating week. Another 12 days to go until the Boston conference trip.

panos periorellis on 02.08.08 @ 07:42 PM gmt [Full Entry]

Wednesday, February 6th

Nostalgia

..and here is another blog which is very very cool.

32bitos

enjoy..

panos periorellis on 02.06.08 @ 12:02 AM gmt [Full Entry]

Behavioral Economics

This is a very interesting blog I was pointed to by a colleague.

Behavioral Economics

panos periorellis on 02.06.08 @ 12:00 AM gmt [Full Entry]

Friday, January 25th

AmigaAnywhere

The first most noticeable thing i discovered this week is that the AMIGA OS5 i.e. the latest Amiga operating system is actually here. It was revealed to the world the 1st week of January at an Consumer Electronics show in Vegas. For the older generation Amiga -the name- encompasses hardware (we all remember the great Amiga 500) and the operating system (workbech 3.0), along with their custom made chips for graphics sounds that made the whole system seem way ahead of its time.

So what is this new AmigaAnywhere?

AmigaAnywhere is effectively a virtual operating system. There is no hardware to dazzle us or anything like that but as Amiga Inc. (the company that made it) says AmigaAnywhere is a

“device-independent, single, ubiquitous Virtual Environment that functions across different operating systems and the internet”.

So it is like an operating system that sits on top of any other operating systems so that applications can actually run anywhere (or at least any machine that runs AmigaAnywhere) It is a good idea and it targets a very neice market.

The idea of having software applications that are actually platform and processor independent is great, although it is not new. I also think that if it came out a few years ago it would create more of a stir. Still, i hope it catches up. I like knowing that my Mac, my PC and my phone can exchange applications. If they all run AmigaAnywhere they actually can. If there is a real need by simple every day users to have such functionality remains to be seen. The BIG IRONY however is that although Amiga was a machine that was shouting out loud how brilliant it was, in its latest incarnation will be something invisible to the user. It will be visible only as a process running on operating systems. smile ..i find this ironic...

The name which initially was AmigaOS5 was changed (according to reports) at the request of Microsoft who apparently support the product although they do not like the idea of running software on top of windows that it is also an operating system. Amiga inc had exploited such technologies in the recent years, during the development of AmigaOS4. Some names to look out in the area of virtual operating system are TAO

Again according to the website AmigaAnywhere 2 currently runs under Windows proper, Windows Mobile, Linux for PCs and Linux for embedded systems. A Mac OS X version is on its way but the company wants to get the Symbian version finished first.

There is also an SDK for the AMIGA OS5 (or AmigaAnywhere). So if you are interested in checking it out you can register as a developer with www.amiga.com (click the developers Tab) and after registration you will receive Amiga SDK 1.5.

I have registered myself. Great news for some...HERE is something to remember the old days check it out

more soon.

panos periorellis on 01.25.08 @ 08:10 PM gmt [Full Entry]

Friday, December 21st

Happy Holidays

I'm off to Amsterdam soon for the Christmas period. Happy holidays to everyone specially those i have forgotten to email. speak soon...

p
panos periorellis on 12.21.07 @ 10:38 AM gmt [Full Entry]

Monday, November 5th

iMac

I am witing impatiently for the iMac i ordered via the online UK apple store. I 've been wanting to buy for a while and now that it ships with Leopard i could't wait any longer. I found out that Leopard comes with BootCamp build in so that you can install windows without the need to create additional discs. All windows drivers come in the Leopard DVD. I also ordered the new Sony Viao TZ5X laptop for my university work. I found it the best in terms of configuration and weightness, at only 1.6Kg with 160HDD, intel duo core, and Nvidia graphics card I think it is a great buy...

panos periorellis on 11.05.07 @ 08:55 PM gmt [Full Entry]

Thursday, October 25th

Protected by SecPAL

I have spent hte last month or so doing all sorts of programming. I have been creating a certificate issuer and repository for the Carmen project in the hope that we will use it, I have been writing glue code so that the Carmen Portal can make use of my access control engine (nicknamed the junk). In addition I have been spending my free time as you may have guessed doing more programming on SecPAL who I consider my baby although the concept, c# development, and everything else belongs to MS.

On the plus side I identified several potential evaluators for the SecPAL API which may or may not please my colleagues at Microsoft. I have identified a bioinformatics project here at Newcastle called Cisban which deals with large biology related datasets that are handled by various (hudrends as i understand it) users. The security requirements as they were expressed to me by my liaison on CISBAN relate closely to SecPAL's grammar so Iam excited about this potential collaboration.

I have also identified another project at the City University London in collaboration with my colleague Christos Kloukinas. I got some positive feedback from him to whom I have spoken about SecPAL on several occassions in the past.

Apart from academic partners British telecom wih whom i closely collaborate on other projects have offerred themsevels as potential collaborators of the API. Their experience and skills in the area of web services security will enable them provide invaluable feedback for the API and SecPAL in general.

I am looking forward to dicsussing these projects with MS and decide on future steps. The code is been debugged and debugged again although the Datalog engine and in particular the transformation from the SecPAL grammar to the Datalog Objects took more time than i had initially estimated...the end is near now and i look forward to having it evaluated. Here is an example of how easy it is to write SecPAL using the current API...just to wet your apettite

package org.secpal.test;

import org.secpal.Authorization.*;

import xsl.XsltProc;

import java.util.ArrayList;
import java.util.List;

public class CanActAsScenario
{

private KeyHolderPrincipal stsPrincipal = new KeyHolderPrincipal("K-STS");
private KeyHolderPrincipal userPrincipal2 = new KeyHolderPrincipal("K-User2");

public List getPolicies() {
List policies = new ArrayList();
List claims = new ArrayList();
List tokens = new ArrayList();

claims.add(
new Claim(
new CanSayFact(
this.stsPrincipal,
new PossessFact(
new PrincipalVariable("p"),
new AttributeVariable("a"),
new FactQualifier(
new DateTimeVariable("t1"),
new DateTimeVariable("t2"),
new LocationVariable("f"),
new DurationVariable("ts")))),
new Constraint[] {
new DurationConstraint("t1", "t2", 366, 0, 0, 0),
new TemporalConstraint("t1", "t2"),
new AttributeMatchConstraint(
"a",
AttributeType.RFC_822_NAME,
new String[] {".*@fabrikam\\.com"}) }));

claims.add(
new Claim(
new ActionFact(
new PrincipalVariable("p"),
VerbType.READ,
new Resource(
"digitalContent",
"file:///public/")),
new Fact[]{new PossessFact(
new PrincipalVariable("p"),
new AttributeVariable("a"))},
new Constraint[]{ new AttributeMatchConstraint(
"a",
AttributeType.RFC_822_NAME,
new String[]{".*@fabrikam\\.com"})}));

claims.add(
new Claim(
new CanSayFact(
this.stsPrincipal,
new CanActAsFact(
new PrincipalVariable("x"),
new PrincipalVariable("y")))));

policies.add(
new Policy(
new PrincipalIssuer(new LocalAuthorityPrincipal()),
claims));

return policies;
}

public AuthorizationQuery getQuery()
{
// K-User2 read file:///public/data.txt
Expression expression =
new AssertionExpression(
new LocalAuthorityPrincipal(),
new ActionFact(
this.userPrincipal2,
VerbType.READ,
new Resource(
ResourceType.DIGITAL_CONTENT,
"file:///public/data.txt")));

return new AuthorizationQuery(expression);
}

public String GetXml(){
String output="";

try {
for(Policy pol : this.getPolicies()){
output += pol.encode();
}
} catch (Exception e){
output += e.getMessage();
}

return output;
}

public String GetDataLog(){
String output="";
XsltProc myProc = new XsltProc();
output=myProc.Xslt(this.GetXml(), "C:\\SecPalToDataLog.xsl", output);
return output;
}
public static void main(String[] args)
{
ArrayList lp;
ArrayList lt=new ArrayList();
CanActAsScenario c=new CanActAsScenario();
lp=(ArrayList)c.getPolicies();
AuthorizationQuery aq= c.getQuery();
DatalogBridge d=new DatalogBridge();
PrincipalIdentifier p=c.stsPrincipal;

try {
d.makeDecision(p, lt, lp, aq);
}
catch (Exception e) {e.printStackTrace();}
}

}
panos periorellis on 10.25.07 @ 05:34 PM gmt [Full Entry]

Tuesday, October 9th

New futurama

May be of interest to some

panos periorellis on 10.09.07 @ 04:20 PM gmt [Full Entry]

Wednesday, September 19th

Interesting Papers

Here are a few links to some interesting papers i came across at the last AHM2007

paper 877 on Security for mobile Codes
paper 792 on Visualisation
paper 785 on CARMEN
paper 786 on Security/Authorisation
paper 888 on Shiboleth
paper 893 on Grid middleware

panos periorellis on 09.19.07 @ 02:05 PM gmt [Full Entry]

BBC article

From BBC News

panos periorellis on 09.19.07 @ 02:03 PM gmt [Full Entry]

Monday, September 10th

SecPAL Editor

My colleague Jason Hogg informs that few days ago he decided to release an editor he developed for the creation and editing of SecPAL policies. Although the semantics of SecPAL are very close to natural language the SecPAL Parser makes things even easier. Check out Jason's blog for more info...and some nice pics of the lunar eclipse!

more soon...

panos periorellis on 09.10.07 @ 03:13 PM gmt [Full Entry]

New academic year

I got back from Greece yesterday after a couple of weeks holiday. I am travelling to AHM2007 in just under 2 hours to catch up with the latest eScience projects and GRId apps. I have been attending AHM for the last 5 years and this is the first time that i am not presenting anything or have anything major to do. Still i will try to attend as many talks as i can in the areas of security and dependable computing. I will post again during the conference on how things are going.

more soon...p

panos periorellis on 09.10.07 @ 02:15 PM gmt [Full Entry]

Friday, August 17th

Off for 2 weeks

I got back home late last night after a whole day's meeting with my colleagues at BT. The meeting went well. We saw a number of demos of BT's work on ESB's which were really impressive. It makes such a difference seeing a particular technology being applied in a real industrial setting.

BEinGRID was also brought to my intention. The project brings together academics that have developed GRID infrastructures and invites them to apply them in the real world. It is a way of showcasing certain pieces of Grid middleware or rather exposing Grid success stories such as the GOLD project to a wider audience. Shame the GOLD project did not take advantage of this opportunity. I am keeping an eye on the project though.

I am flying to Greece tonight and to Syros tommorow evening. More soon..

panos periorellis on 08.17.07 @ 04:08 PM gmt [Full Entry]

Monday, August 13th

Weekend

I spent the weekend in Bastille/Paris with friends. I sampled a few french restaurants and bars and then visited the Rodin museum on the Sunday. Took an early morning flight back to NCL today. My name day is coming up on Wednesday and i have not made any plans yet, since it is likely i will be travelling. I 'm spending most of today catching up with emails and preparing some slides for my visit to British Telecom on Thursday to defend the grant of my ph.d. student. As I blogged earlier Im off at the end of the week.

panos periorellis on 08.13.07 @ 01:12 PM gmt [Full Entry]

Wednesday, August 8th

Gibson's new book

Spook Country came out couple of days ago and i just myself a hardcopy. I will post my personal review here.

panos periorellis on 08.08.07 @ 11:26 AM gmt [Full Entry]

Holidays

I finally managed to take my mind off work and book my flight to Greece. I am travelling on the 17th of August and returning in time for the AHM2007 conference. I am spending a few days on the island of Siros and then I will be visiting family and friends. I look forward to Autumn as there are several big events to look out for namely, the OGF in Seattle, the Supercomputing conference at Reno-Nevada and the middlware conference in Los Angeles in which i am hoping to be able to present my recent work on Access contol. I haven't been updating the blog on personal news mostly because i hardly had any I'd be willing to share.

i will write again soon.

panos periorellis on 08.08.07 @ 11:25 AM gmt [Full Entry]

Monday, August 6th

SecPAL further progress

The following screen dump shows the "CanActAs" Scenario implemented with the JAVA API. I am closing in on the release date of the API which should be available before the AHM2007 Grid meeting in Nottingham. The top 3 screen show the Policy being transform into a datalog script. While the bottom screen shows a request going through the same stages. The bottom 2 text boxes show how the request/fact was evaluated against the script, before and after the constraints were considered.

More Soon.

panos periorellis on 08.06.07 @ 04:12 PM gmt [Full Entry]

Monday, July 30th

SecPAL and Software Licenses

The CARMEN project and in particular its consortium have identified a novel way of processing license information attached to software resources and that is by expressign the lisence is a format that can be electronically processed. We believe that SecPAL's formal model provides a grammar rich enough to capture lisence information. We have started work on the CreativeCommons Lisence with other lisences to follow.

By attaching these lisences expressed as SecPAL policies into resources we can predict whether the desired objective of a workflow enactment (for example identifying the function of a set of brain neurons and publicizing it) would be prohibited due to lisence constraints of the individual pieces of data or services used to accomblished the desired goal. the Following is the CC license example which I should stress it is under construction since i am still trying ot figure out how to express condition one which is an obligation for a future action.

Creative commons license

1. to Share — to copy, distribute and transmit the work
2. to Remix — to adapt the work

Under the following conditions:

1. Attribution. You must attribute the work in the manner specified by the author or licensor(but not in any way that suggests that they endorse you or your use of the work).

2. For any reuse or distribution, you must make clear to others the license terms of this work. The best way to do this is with a link to this web page.

3. Any of the above conditions can be waived if you get permission from the copyright holder.

4. Nothing in this license impairs or restricts the author's moral rights.

SecPAL Definition

We assume x is the owner of a resource r
We assume that y is any user

FACTS
x possesses r
x can copy r
x can distribute r

CLAIMS
y can act as x if y possesses "credential c1"
**credential c1 refers to the written permission given to y by x (condition 3)

ASSERTION
x can say y can act as x

periorellis periorellis on 07.30.07 @ 04:55 PM gmt [Full Entry]

SecPAL Development

The folllowing snipet of code is the JAVA implementation of the canActAs example that you can find in the .NET implementation. I find it cool that both API's (NET and JAVA) are identical (well almost) as this promotes interoperability between Linux/Windows developers. In addition it allows developers to build on their .NET experience (from the released version) rather than learn the JAVA API from scratch. I will put some screenshots up from a GUI that demonstrates SecPAL policies soon.

package org.secpal.test;

import org.secpal.*;
import java.util.ArrayList;
import java.util.List;

public class CanActAsScenario {

private KeyHolderPrincipal stsPrincipal = new KeyHolderPrincipal("K-STS");

public List getPolicies() {
List policies = new ArrayList();
List claims = new ArrayList();

claims.add(
new Claim(
new CanSayFact(
this.stsPrincipal,
new PossessFact(
new PrincipalVariable("p"),
new AttributeVariable("a"),
new FactQualifier(
new DateTimeVariable("t1"),
new DateTimeVariable("t2"),
new LocationVariable("f"),
new DurationVariable("ts")))),
new Constraint[] {
new DurationConstraint("t1", "t2", 366, 0, 0, 0),
new TemporalConstraint("t1", "t2"),
new AttributeMatchConstraint(
"a",
AttributeType.RFC_822_NAME,
new String[] {".*@fabrikam\\.com"}) }));

claims.add(
new Claim(
new ActionFact(
new PrincipalVariable("p"),
ActionVerbs.READ,
new Resource(
"digitalContent",
"file:///public/")),
new Fact[]{new PossessFact(
new PrincipalVariable("p"),
new AttributeVariable("a"))},
new Constraint[]{ new AttributeMatchConstraint(
"a",
AttributeType.RFC_822_NAME,
new String[]{".*@fabrikam\\.com"})}));

claims.add(
new Claim(
new CanSayFact(
this.stsPrincipal,
new CanActAsFact(
new PrincipalVariable("x"),
new PrincipalVariable("y")))));

policies.add(
new Policy(
new PrincipalIssuer(new LocalAuthorityPrincipal()),
claims));

return policies;
}
}

periorellis periorellis on 07.30.07 @ 04:28 PM gmt [Full Entry]

DKAL

Final encore

In Greece