End-to-End Semantic Accountability Project

Face-to-Face Meeting

DRAFT Agenda

31 January - 1 February 2007
Bleil Boardroom, 32-G601
MIT Stata Center
Cambridge, MA USA

Logistics

Timing: 0930 - 1830

Coordinates: IRC: irc.w3.org#e2esa

Attendees Expected:

• Hal Abelson
• Tim Berners-Lee
• Dan Connolly
• Li Ding
• Joan Feigenbaum
• Chris Hanson
• Sandro Hawke
• Jim Hendler
• Harvey Jones
• Lalana Kagal
• Tom Knight
• Daniel Krech
• Deb McGuinness
• Tingting Mao
• Yosi Scharf (invited)
• Howie Shrobe
• Robin Stewart
• Gerry Sussman
• K. Krasnow Waterman
• Danny Weitzner

Schedule

Boot up [9:15 - 9:30]

Welcome and Introductions [9:30 - 9:45]

• introductions
• scribing
• other logistics (timing, meals, etc.)

A. Why we're here [9:45 - 10:00]

1. End-to-End Accountability Goals (Danny) [slides]
   • Presentation
   • Discussion

B. Review of ongoing work

[20 minute presentations and 20 minutes for discussion of each.]

1. Semantic Web Knowledge Representation and Reasoning (Tim) [10:00 - 10:40]
   • presentation: web architecture, RDF/n3, cwm
   • discussion
2. Policy Aware Web access control techniques (Jim) [10:40 - 11:20]
   • presentation: PAW access control architecture and demo
   • discussion
3. Data Purpose Algebra (Gerry and Chris) [11:40 - 12:30]
   • presentation: overview of the DPA and associated code
   • demo: scenario 4 UI (Harvey)
   • discussion
4. New Accountability Scenarios -- #s 7, 8, etc. (KKW) [1:00 - 2:00]
   • Privacy scenarios (KKW)
   • Creative Commons scenario (Sandro, DanC, Harvey)
5. TIARA (Trust-Management, Intrusion-tolerance, Accountability, and Reconstitution Architecture (Schrobe & Knight, related NICECAP project at CSAIL) [2:00 - 2:45]

C. Shape of the E2ESA Project

1. Architectural Design
2. Development Strategy
   • scenarios with test data
   • policy langauges/vocabularies
   • transaction log format with non-repudiation
   • code modules
3. Major Deliverables
   • Scenarios
   • Data Purpose Algebra
   • e2esa architecture
   • Prototype Accountability Appliance
     • audit log maintenance
     • access proof generation and checking
   • Prototype Accountability Browser
   • Evaluation
4. Scheduling
   • Weekly calls
   • FTF meetings
   • NICECAP PI meetings
     • 7 March 2007 @IAD
   • TAMI Advisory Board
     • 26, 28 March
     • 11, 12 April
     • 16, 17 April
     • 23, 25, 26 April

Thursday agenda

1. teams for scenario creation (March 1)
   • Patient Zero - State of Emergency (9/8) [K, Lalana, Danny, Li, Tingting]
   • IP surveillance minimization (10) [next round]
   • Creative Commons scenario (11) [Danny, Hal, Harvey, Sandro, Robin]

   at least one scenario must combine PAW access control with TAMI accountability

   scenarios should include distributed event logging with agents spread around.

   Each scenario should include:

   • storyline
   • UI mockup
   • data
   • rules/policies (english plus concrete ontology (API))
   • defined endpoint with expected forensic outcome
2. Scenario 4 with PAW/IW/n3 tools (April FTF) [Jim, Daniel, DanC, Lalana, Deb, Li)
3. Software Architecture (presented at April FTF) [Chris, Gerry, Tim, Sandro]
4. explain scenario 4 (chris)
5. relationship between various policy languages and DPA

   functional goals:

   • forensic accountability
   • interactive warnings (in tabulator or any other web application)
   • ability to reason over multiple policy languages
   • easy policy-language authoring
6. transaction log format (need it soon)ack

Small groups:

1. PAW code transition
2. PML next steps (Deb & Li & Chris)

conclude: 5pm

Each day:

11:00 - 11:15 Break

12:30 - 13:00 Lunch

3:30 - 4:00 Break

18:30 Adjourn

19:30 Dinner (Wednesday night only)

Royal East

Required Reading

• End-to-End Semantic Accoountability Technical Proposal
• TAMI-Portia Workshop report
• Lalana Kagal, Tim Berners-Lee, Dan Connolly, and Daniel Weitzner, Using Semantic Web Technologies for Policy Management on the Web, 21st National Conference on Artificial Intelligence (AAAI), July 16 - 20, 2006.
• Hanson, Berners-Lee, Kagal, Sussman, Weitzner, Data-Purpose Algebra: Modeling Data Usage Policies, submitted to IEEE Policy07
• Lalana Kagal, Tim Berners-Lee, Dan Connolly, and Daniel Weitzner, Self-describing Delegation Networks for the Web, IEEE Workshop on Policy for Distributed Systems and Networks (IEEE Policy), 5 - 7 June 2006.
• Weitzner, Abelson, Berners-Lee, Hanson, Hendler, Kagal, McGuinness, Sussman, Waterman, Transparent Accountable Data Mining: New Strategies for Privacy Protection,; MIT CSAIL Technical Report MIT-CSAIL-TR-2006-007 [DSpace handle] (27 January 2006).
• Weitzner, Hendler, Berners-Lee, Connolly, Creating the Policy-Aware Web: Discretionary, Rules-based Access for the World Wide Web