Promoting Interoperability between Heterogeneous Policy Domains



Daniel Weitzner
*Lalana Kagal
Tim Berners-Lee
Dan Connolly



Decentralized Information Group
MIT Computer Science and Artificial Intelligence Laboratory


What is Rein ?

Rein terminology

  • Policy language : A set of terms that can be used to define policies with respect to a certain domain or context
    • Permitted to / prohibited from viewing photographs
    • Can/cannot print documents
  • Policy : Resource-specific declarative rules over a policy language
    • Photographs of a girl scout troop
    • Printing pdfs on the xerox printer in 32G
  • Meta policy : Additional rules associated with a policy language that help intrepet policies (optional)
    • Default rules : If no prohibition can be inferred, then permit the photo to be viewed
    • Conflict resolution rules : If the printing is both prohibited and permitted, then the prohibition overrides
Policy terms

Rein in a Nutshell


Reasoning Engine

Rein ontologies

Policy Network Ontology

  • policy : property of a resource
  • policy-language : property of a policy
  • meta-policy : property of a policy language

Request Ontology

  • resource : resource being requested
  • access : policy language specific term
  • requester : credentials of the requester
  • ans : whether the Request is valid or not
Rein ontology

Rein Policy Networks

  • Resources, policies, policy languages, and meta-policies, and their relationships together form Rein policy networks
  • Rein allows these entities to be located on local or remote Web servers
  • Rein network ontology is used to describe the relationships between these entities
  • All entities are self describing except the resource
  • Relationship between resource and its policies is given to the web server by the resource owner
Policy Network

Rein Engine

Implementation Testbed

Rein Ontologies

Supported rule language : N3Logic

Reasoning engine


Policy Aware Web

  • Project by DIG (MIT) and MINDSWAP (UMCP) that uses Rein
  • Client-based and proof-based approach to controlling access to Web resources using domain specific policies

Photo Sharing Example

Flickr, Zoomr, etc

Flickr + Rein

Girl scout troop use Flickr + Rein


Policy Language

Policy language

Troop ontology

troop ontology


Partial FOAF ontology

Foaf ontology

Example Request

Example request

Policy Example : RDFS

<rdf:Description rdf:about="">
     <rein:policy-language rdf:resource=""/>

<pol:PermittedToView rdf:about="">
    <pol:picture rdf:resource=""/>
    <pol:user rdf:parseType="Resource">
        <maker rdf:resource=""/>

<pol:PermittedToView rdf:about="">
    <pol:picture rdf:resource=""/>
    <pol:user rdf:parseType="Resource">
        <maker rdf:resource=""/>

Policy Example : OWL

<rdf:Description rdf:about="">
     <rein:policy-language rdf:resource=""/>
<owl:Class rdf:ID="ViewingMeetingPhotos">
  <rdfs:subClassOf rdf:resource="" />
      <owl:onProperty rdf:resource=""/>
         rdf:resource="" />
      <owl:onProperty rdf:resource="" />
          rdf:resource="" />

Policy Example : N3 Logic

<> rein:policy-language <>

{ REQ a rein:Request.
  REQ rein:resource PHOTO.
  ?F a TroopStuff; log:includes
        { PHOTO a t:Photo; t:location LOC.
          LOC a t:Jamboree.
          LOC t:attendee [ is foaf:maker of PG ]. }.

  REQ rein:requester WHO.
  WHO session:secret ?S.
  ?S crypto:md5 TXT.

  PG log:semantics [ log:includes
        { PG foaf:maker [ session:hexdigest TXT ] }

} => { [ ] a pol:PermittedToView; pol:user WHO; pol:picture PHOTO }.


More Information

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.5 License.