00:04:38 timbl (n=timbl@pool-96-237-56-114.bstnma.fios.verizon.net) has joined #dig 00:35:09 oshani has quit () 00:44:48 lkagal has quit () 00:46:31 timbl_ (n=timbl@pool-96-237-56-114.bstnma.fios.verizon.net) has joined #dig 01:03:03 timbl has quit (Read error: 110 (Connection timed out)) 02:19:13 kennyluck (n=kennyluc@SIMMONS-THIRTY-FIVE.MIT.EDU) has joined #dig 03:06:29 DanC_lap (n=connolly@71.167.168.240) has joined #dig 03:42:39 timbl_ has quit () 07:57:08 kennyluck has quit () 08:59:08 harveyj_ has quit () 12:12:03 yosi_s (n=syosi@static-71-243-122-114.bos.east.verizon.net) has joined #dig 12:13:24 lkagal (n=lkagal1@79.68.171.66.subscriber.vzavenue.net) has joined #dig 12:29:46 yosi_s has quit () 12:38:24 Ralph (n=swick@30-6-176.wireless.csail.mit.edu) has joined #dig 12:39:07 Ralph is now known as RalphS 12:54:41 lkagal has quit () 13:41:43 DanC_lap has quit (Read error: 113 (No route to host)) 13:49:08 timbl (n=timbl@30-6-254.wireless.csail.mit.edu) has joined #dig 14:36:25 lkagal (n=lkagal1@30-6-125.wireless.csail.mit.edu) has joined #dig 14:40:00 djweitzner (n=djweitzn@31-33-212.wireless.csail.mit.edu) has joined #dig 14:41:05 yosi_s (n=syosi@30-6-193.wireless.csail.mit.edu) has joined #dig 14:41:21 oshani (n=oshani@30-5-136.wireless.csail.mit.edu) has joined #dig 14:42:58 Pipian (n=Pipian@30-6-160.wireless.csail.mit.edu) has joined #dig 14:43:04 kkw (i=kkw@30-7-225.wireless.csail.mit.edu) has joined #DIG 14:43:07 hendler (n=chatzill@30-5-21.wireless.csail.mit.edu) has joined #dig 14:43:11 djweitzner has changed the topic to: TAMI FTF meeting 14:43:23 scribenick: Sandro 14:43:27 chair: Danny 14:43:30 ======================================================== 14:43:32 meeting: TAMI F2F 14:43:42 introductions 14:43:50 timbl has changed the topic to: TAMI face-face meeting http://dig.csail.mit.edu/2008/02/12-tami-e2esa-ftf.html 14:44:09 Ian: Hi. I'm Ian. I'm working with Jim, primarily in access control. Planning to hack on Tabulator to add access control. 14:44:22 Jim: redo PAW with Tabulator, in some form. 14:44:40 Tim: I'd like Kenny here if we're going to get into Tabulator details. 14:44:52 Danny: Let's talk about agenda... 14:44:56 back to intro 14:45:11 Jim, Danny, TimBK, Jim, Oshana, K, Lalana, Yosi. 14:45:27 (Gerry is out of room at the moment) 14:45:40 (scribe, Sandro, sitting between Danny and Tim) 14:45:42 If anuone sees Kenny, mention I was looking for him in case he'd liek to drop ino the TAMI meeting when we discuss Tabulator future features for TAMI 14:45:57 Danny: (reading agenda) 14:47:10 Danny: "Next Steps" -- what do we do in the next chunk of time, between now and Summer. 14:48:48 Danny: DTO (Disruptive Technology Office) was the IC's DARPA. Was ARDA before that. Now it's called IARPA. 14:49:05 Jim: Now reports to DNI, not the separate agencies. 14:49:31 K: Intelligence in the US is getting to have more and more central control. 14:50:23 Tim: Even though they have to centralize to produce data integration, we should convey the message that they'll still need to be decentralized. 14:50:33 Jim: I have to leave around 3 or 3:30. 14:50:57 Joan: Train at 6:45. 14:51:03 Danny: wrap up at 6. 14:51:34 Tim: 6-8 is cambridge Semantic Web gathering, down the hall. 14:52:08 Star conference room 14:52:16 http://esw.w3.org/topic/CambridgeSemanticWebGatherings/Meeting/2008-02-12_Gathering 14:52:26 Topic: AIR -- Lalana 14:52:40 (and later the pub which is between this conference room and that) 14:53:09 Does TAMI/DIG have a mediawiki instance? (Tim?) 14:53:39 Lalana: (slides) 14:54:16 Lalana: ... to hold policy violators accountable ... 14:54:26 http://dig.csail.mit.edu/2008/Talks/0129-iARPA-lk/ 14:54:42 Lalana: ... explanatations generated at same time as reasoning ... 14:54:57 Lalana: ... goal direction, nested rules --- reduce search space .... 14:56:05 Lalana: Focus on explanation is important for users. Policy admins using it for debugging. End users need it to know they can trust the system. And to know why ones request has failed. 14:56:39 Joan: Yes, it's very important to have a method to debug policies. it's an accepted truth in the security world that people don;t really know what their policies are. 14:56:52 Joan: So, say more about how you are going to use this? 14:57:43 Lalana: We haven't use it, but we could. We are able to track the premises that any fact is inferred from. We also provide a natural-language description of rules, and we put them together with the rule chain, to provide the explanation. 14:58:43 Joan: Expressive Policy Languages have been tried before and have not panned out. This use of Justifications and Dependency Tracking / Explanations has not been done. People will want to know why they are not getting the effects on the system they want. 14:58:59 Jim: someone ... something about XACML 14:59:15 Vlad Kosolovski (sp?) 14:59:38 Jim: Prior to AIR, XACML is the most expressive, most used in industry. But it has an operational semantics. 14:59:55 Lalana: Lots of their semantics is hidden behind arbitrary functions. 15:00:08 Joan: I'm talking about security, more than logic. 15:00:34 Joan: ... what the threat is, etc. This may be a breakthrough in addressing this problem. 15:00:49 Danny: What would it take to work? Is there a well-defined class of things you can't do today? 15:00:52 Joan: No. 15:01:16 Joan: We never got this far before. There was a failure-to-launch of practical policy enforcement. 15:01:34 Tim: Can you tell me how it should look to an end-user in the field? 15:01:51 Joan: I'll have to look out to more systems/operations types, but I can do that. 15:02:47 Gerry: What we've got right now is a bunch of toys. When we get to a large amount of information, many computers, many people, .... Turning the toys into tools is hard. 15:03:00 Joan: Yes, in general, but .... 15:03:11 Danny: But there's a particular problem here that we might be able to help solve. 15:04:11 K: How do law-enforcement guys know all the laws? They went to one training program, then on-the-job. US Attys are the folks who figure out what laws really apply. 15:04:34 Lalana: We use a production rule system for the reasoner, and a TMS to track the dependencies. 15:05:10 Danny: Joan, we've worked in the last month to develop a model for selecting the relevant bits of the explanation. 15:05:32 Danny: We'll have the same issue on explaining security policy decisions. 15:06:11 Lalana: A policy admin does not need to manipulate dependencies, but they can. If you want to hide your policy, you can. 15:06:25 Lalana: (AIR Specifications slide) 15:07:15 Lalana: (How AIR fits.... slide) 15:08:10 Tim: From the last meeting, I came up with a worry about this log. 15:09:24 Tim: If the reasoner is in front of the user, then you've got the proof tree there, ... so rather than logging absolutely everything, maybe only keep the proof tree for the parts we're using. It may scale better. What we're doing now is a lot like a mainframe logging everu cycle. 15:09:40 Tim: We might not need a streaming log between the two pieces. 15:10:31 Tim: This architecture may not be optimal. We've assumed doing everything after the fact, so the log is needed. But in many cases, you only need the explanation at the time. 15:10:40 Jim: I either completely agree or completely disagree. 15:10:47 Jim: (depending on what you meant.) 15:11:24 Jim: The log should be created by a set of SPARQL queries on the reasoners sitting closer to the users. 15:11:38 Jim: The problem I have here -- nothing is server side. 15:12:41 Gerry: We need to be careful about what we mean about these divisions. We've made everything monotonic. So this could be done async and distributed. You never HAVE to lose any info. It just turns into a very large data storage/retreival problem. Some people (not me) know how to do that. 15:13:21 Gerry: It's not about where the reasoner is. It's about continually storing this stuff in an ever-expanding pile of data. This is a lot of data, but it's NOTHING like what folks do in astronomy or something. 15:13:44 Danny: Let's come back to this slide in Next Steps. 15:14:11 Jim: We've been talking Access Control, but... this all starts and stops after HTTP. When you get the thing, there's nothing... 15:14:22 Danny: We just haven't gotten to access control here, yet. 15:14:38 Lalana: (Demo Scenario slide) 15:14:51 (much laughter) 15:15:04 Lalana: quick look at policy 15:15:28 I note that the AIR rules still have the air:variable problem. 15:15:39 Lalana: uses quoting. 15:16:08 the AIR language is not in turtle. 15:16:13 Jim: We took out the deontics from rein. we may need some of it back. 15:16:39 Because in turtle the 15:16:53 air:variable statements would be about th e properiues of things. 15:17:21 Tim: You realize AIR isn't in Turtle. Any plans to resolve that? 15:17:27 Lalana: It's on the list. 15:17:56 Tim: this rule has a variable "event". it can't be both a variable and event. that's why we did @forall 15:18:12 Jim: So we're talking about how to make AIR reduce to RDF. 15:18:35 Lalana: Probably just use N3. 15:18:40 Yosi: 3 lines of code change. 15:19:11 Yosi: I wrote the reasoner to more-or-less accept n3 rules. 15:19:49 Jim: We want Yosi's backward chainer with --check and --proof 15:20:03 Yosi: We'll talk. (It's not what I'm supposed to be working on right now.) 15:20:24 Jim: Will ... cwm ... something something 15:20:38 Topic: Yosi presents his work, with Chris and Gerry 15:21:11 Danny: Chris is sick today. He is definitely leaving. No set timing. Will not take on new work in this group. 15:21:39 Yosi: Python reason is run from the command line. Generates RDF printout of TMS. 15:21:51 Yosi: A bunch of options which are Bad Ideas 15:22:34 Yosi: psyco does not speed up this reasoner. 15:23:57 Yosi: This reasoner was built trying to maintain compatibility with Chris' Scheme reasoner. First I built a TMS into cwm. I built a rete engine. Chris and I worked out how to get the goal direction stuff working. It generates too many goals, which is why --unify is a bad idea. It's possible for a goal to not match when it should, but we've never run into that. 15:24:17 Joan: Where in the system is this program used? 15:24:28 Yosi: This should not be run from the command line. 15:24:52 Yosi: I made a CGI interface. You give it a log, and a policy. 15:25:00 Joan: This is a compliance checker. 15:25:11 Yosi: Yes -- it generates proof of compliance or non-compliance. 15:25:30 Yosi: Adapting pychinko would have been harder than starting from scratch. 15:25:56 Yosi: Rete and cwm built-ins don't work so well. So I did something more like cwm (TREAT). 15:26:15 Joan: AIR is a reasoning language. Is this reasoner written in AIR? 15:26:47 Joan: Ah. AIR is what you write the policy in. This reasoner takes AIR policies and a log of what happened. 15:27:10 Joan: This is going to have to be explained. There are lot of different tools being brought to bear here, and they occur in diferent ways. 15:27:22 +Shauni 15:27:57 Joan: Why are you telling us about this options? 15:28:11 Jim: Because some of us need to work with this code. We as developers. 15:28:25 Yosi: Sorry my talk isn't so organized. 15:29:03 Yosi: The reasoner seems to work on the test we throw at it. 15:29:33 Yosi: If I switch reasoners, from the Rete to TREAT, it might run slightly faster. 15:30:40 Yosi: The reasoner takes the policy file, finds the rules in that, runs them on the log file, using its TMS, it looks for any statements that something was compliant with or not compliant with a policy, goes backwards and generates the justification tree in RDF. 15:31:12 Sandro: where do those statements come from? 15:31:20 Yosi: They are AIR rule conclusions. 15:31:38 Yosi: Shows some RDF that Oshani will try to make reasonable. 15:31:59 Yosi: (this is amord.py) 15:32:45 DanC_lap (n=connolly@71.167.168.240) has joined #dig 15:33:17 Danny: My hope is that the accountability/compiance reasoning -- what you're seeing here -- is stable. It can run any logs, any policies. I'd like to treat that as a black box. 15:33:24 Joan: There must be some restrictions. 15:33:32 Danny: Restrictions as defined by the language. 15:33:50 Danny: Only need to come back for scaling, or access control. 15:34:11 Topic: Oshani demo 15:34:45 Danny: Scenario 9. 15:37:12 Danny: a situation in which we could test these usage rules. public health. some guy shows up in ER with XDR TB. CDC uses extreme power in investigation. Looks through call data records. Phone technician sees a CDC-Healt-Investigation flag on a related record. Refuses to send tech. Decision to refuse service based on health info violates Mass Health Descrimination act. 15:37:58 Oshani: I'm using Yosi's python CGI interface 15:38:08 Jim: Can we look at log file and rules file? 15:38:28 Jim: Logs contain no extra stuff? 15:38:51 K: We made one with all the extra stuff, but here we're using narrow inputs. 15:39:01 Yosi: I don't think we're near he performance limits here. 15:39:25 Tim: The process taking Policy + Log, ... is it true that for any given log, there is one policy which applies? 15:39:50 Gerry: There will be many policies for any real log case. 15:40:17 Gerry: The log has to be the log of what really happened. The policies will come from many sources. 15:40:55 K: Some policies are in ordinary use in the business. Those are easy to find. But sometimes a situation arises where another policy comes into play. 15:41:44 Tim: Putting in URIs is not user friendly. 15:41:52 Oshani: So how do I find the policies? 15:41:59 Tim: Master List. 15:42:19 Oshani: So you can't add your own policy? 15:42:30 Tim: No. URIs in the UI are a red flag. 15:42:55 K: there is a Popular Names table for many bits of law. 15:43:12 Danny: A small library for any app area. 15:44:02 oshani: (shows stuff) 15:44:12 Danny: Bob's request and Betty's denial. 15:46:13 Joan: this is a policy.... MA Disability Rule 1 15:46:31 user feedback: Joan perfers the data content view ot the n3 serilization view 15:47:22 Tim: "if there's an event where someone is requestiong something, then rule 2 applies....." 15:48:16 Sandro: rule 1 has no semantics, it's just a performance hack. 15:48:21 Lalana: right. 15:48:42 Lalana: It could be one rule, but we split it up to make the explanation look better. 15:49:15 Yosi: the "description" properties allow the generation of a sentence in the explanation. 15:50:09 "The reason Bettyrejectsbob requestion is no complain with MA because... 15:51:34 Jim: It's hard to tell what's clickable. 15:51:54 Tim: There's clickable stuff that should be quiet -- you don't want it underlined. 15:52:22 [ I need to go to a meeting. New scribe needed. ] 15:52:56 maybe a tag 15:54:44 hendler will scribe 15:55:37 Oshani describes process for what is displayed when 15:55:54 discussion of what would happen with a tree-based policy 15:58:25 some discussion of the UI - mostly humorously 15:58:45 short break 15:59:12 shauni (n=chatzill@31-34-214.wireless.csail.mit.edu) has joined #dig 15:59:37 gjs (n=gjs@30-6-43.wireless.csail.mit.edu) has joined #dig 15:59:46 DIGlogger, pointer? 15:59:46 See http://dig.csail.mit.edu/irc/dig/2008-02-12#T15-59-46 16:09:39 DanC_lap has quit (Read error: 60 (Operation timed out)) 16:09:54 shauni has quit (Remote closed the connection) 16:10:48 shauni (n=chatzill@31-34-214.wireless.csail.mit.edu) has joined #dig 16:12:17 Danny: Many choices about how to move forward 16:12:36 Danny: Gerry will talk about next steps 16:13:23 Danny: Dan Brickley may come by 16:13:30 shauni has quit (Read error: 104 (Connection reset by peer)) 16:13:37 shauni (n=chatzill@31-34-214.wireless.csail.mit.edu) has joined #dig 16:13:42 lkagal, try http://people.csail.mit.edu/oshani/2008/02/justification-ui-2-12.xpi 16:13:47 Gerry: Worried about us becoming irrelevent 16:13:54 ... we have built toys 16:14:16 ... build tools, don't be part of Media Lab Demo Machine (TM) 16:14:38 ... organization using system 16:14:58 ... repository logging everything that happens (human interactions; limited) 16:15:19 ... for a particular definition of limited 16:15:23 Thanks Oshani, this xpi worked. Wonder why the checked out version is not working. 16:15:44 ... problem finding important stuff for an investigation --- extract, find, and deduce 16:15:52 lkagal, I 've committed all my code, so in theory it should work 16:16:05 ... monotonicity should allow us to distribute reasoning 16:16:23 ... but we are not set up for this 16:17:05 ... we will need a persistent store 16:17:14 ... and intermediate steps are in it 16:17:49 ... no time scale --- some things done in real time, some done later 16:18:03 ... problems 16:18:32 ... We have not build the appliance to build the log 16:19:28 ... nor authoring tools 16:19:42 ... neither authentication nor authorization solved 16:19:55 ... information will not all be in one place 16:20:21 ... find people to help us redundantly store information 16:21:27 Joan: [missed something] 16:21:47 k: What is the line between research and commerce? 16:22:00 Gerry: We can't build one for someone 16:22:19 ... but we need to build a prototype someone can copy 16:22:29 ... so we will not be ignored 16:23:04 Tim: We will need to define the interface to the store, and figure it out 16:23:22 ... find an existing triple store 16:23:32 Gerry: However it is done, it does need to be done 16:24:16 Jim: Programmatically, there are some things that may dominate others 16:24:34 ... we need to insure we can answer research questions 16:25:06 ... we need to show logs can be built, and deal with access 16:25:19 Gerry: We need to plan, to insure it will be done 16:25:56 ... we need someone who knows this 16:26:22 Joan: That's an oversimplification 16:26:27 ... we have not thought about deployment 16:26:50 ... we have been working from the other side 16:27:08 ... an organization will be trying to hold people accountable 16:27:35 k: The more this hooks into existing stuff, the more likely it will work 16:27:46 ... don't replace what they have; augment it 16:27:59 Danny: This is moving to a more practical set of questions 16:28:06 ... we skipped steps at first 16:28:15 ... time to go backwards 16:28:38 ... But to what will we go as a platform? 16:28:51 ... to Semantic Web and Tabulator? 16:29:02 ... to logs from SQL? 16:29:24 Gerry: I don't know if current logs have the right information 16:29:58 ... Other advantage to have audit trails on demand, if only to make decisions 16:30:30 Jim: My take is (as presented last week) we are attacking a harder problem (web) than the enterprise 16:30:43 ... but we are better suited for the Web anyways 16:30:57 ... so let us do the Web, but worry about SQL 16:32:12 Danny: We could do social networking 16:32:32 ... facebook, Google api, 16:33:24 ... an environment people think is ``current'', understand 16:35:52 ... with databases, I have talked with Oracle, and may be a later topic of funding 16:36:09 ... separate track is needed 16:37:20 k: Work a project from two ends, so people hear about it 16:39:26 ... even enterprise is web today 16:39:46 Tim: Enterprise and web people speak different languages 16:39:48 (scribe assist) 16:39:50 1 - MIT to focus on log creation (web) 16:39:51 2 - RPI to focus on access (discussion - access to logs or to access to info) 16:39:52 3 - Merge in summer -- for demo 16:39:54 -- tabulator as access device 16:39:55 -- server side needs to be looked at 16:40:16 q? 16:41:39 hendler: Acess cbtrol ahs been in everything w have done. 16:41:57 ... Also, we now know in the current model we are coming in through tabulator 16:42:32 ... We had some scenarios early n where depending onwhat you said downstrema it was eitehr appropraite or inappropriatr use. 16:42:43 ... We have also ignored the server side. 16:42:48 (??) 16:43:06 ... We have to do this no matter which direction w o for te ultimate demp 16:43:25 Gerry: Twist deduction to work off persistent store 16:43:37 Gerry: W should teist whatever reasoner we use so that it operates off a lreg ersistent store, so we don't have any memory limited. 16:43:42 limites 16:44:14 ... This may take time [to code] but it will remove limis 16:44:49 Dany: This is a log of the uses of data. 16:45:15 ... What we can do now is look at a bunch of usage events, and seect a policy, and check whjether the use of the dat was consisetnt with the policy. 16:47:16 danbri (n=danbri@unaffiliated/danbri) has joined #dig 16:47:44 Jim: how distributed the log is becomes something we need to deal with 16:48:47 different people will have different pieces 16:49:23 fwiw, we would like the "bottom" to be SPARQL as it will make the access control stuff both more interesting and more relevant 16:50:00 Tim: We need a way of saying what to find where 16:50:41 Ian: Sounds like we need a peer-to-peer style pointers from nodes to nodes 16:51:19 Tim: The full Semantic Web challenge is not something we will need at this stage 16:53:37 Ian: For access control, you will need a local store as well as the global store 16:54:57 Joan: I understand things will be distributed, so why are people talking about location? 16:55:44 Danny: The problem will always be to decide you have found enough 16:56:04 k: We should engage danbri 16:58:39 Jim: I want to ensure we are committed to something 16:58:53 Tim: Tabulator does SPARQL update to edit 16:59:37 The tabulator support in a srver include SPARQL update ... so if there were a rule engnein SPARQL, it would naturally be able to write bac its conclusions to a server. 17:00:19 Jim: But this does not resolve how access control will work 17:01:51 ... I'd like to see something build logs 17:03:18 Danny: Let's talk scenarios 17:03:23 1) Social networking 17:04:05 2) [missed it] 17:04:13 3) access control 17:05:36 Joan: We are being too scenario centric 17:05:41 we need to move on 17:06:02 ... Need to look at things from a user centric view 17:06:08 2) intelligence community [see agenda] 17:07:44 me brought a lunch 17:08:15 jar___ has quit (Remote closed the connection) 17:08:30 Danny: Social networking demo will start to get into that 17:14:20 I think in "technologies" not in scenarios - if the latter help us answer the former, then I'm happy 17:16:02 (starts scribing..) deb: describes 'network operator' 17:17:04 joan: how does one get started using E2ESA 17:17:48 djweitzner: nw operator makes sure that the right people have access to the data 17:19:53 joan: client centric browser tool? 17:20:57 hendler: access control, server side has some control and an audit log 17:21:19 ... a demo for this? 17:21:52 djweitzner; we are not developing sw that is installable on any enterprise system 17:22:04 I think we could build a "protoype" which would ground some of the things we haven't done yet 17:22:26 gjs: how do we not be a footnote? :) 17:22:32 (I change the word from demo to make it clear it would have next level of functionality) 17:22:56 kkw: architecture is what is the entire construct 17:23:12 ... reasoning capability and put in the architecture 17:24:08 djweitzner: picture of the architecure... End to End... the ends are on the web 17:24:22 ...client is the Tabulator 17:25:27 Joan: when I heard E2ESA, I assumed one end is the beginning, and the other end is the reasoning outcome? 17:26:25 ... Tab pointing data on the data on the semweb would not help ppl 17:26:37 djweitzner: is there an alernative? 17:27:20 gjs: what is a delivered object? 17:28:13 Pipian: input data for the application is something not created through Tabulator 17:28:26 Pipian: ... some other application 17:28:31 DanC_lap (n=connolly@72-255-49-75.client.stsn.net) has joined #dig 17:28:35 ... 2 parts to this 17:28:51 Joan: any user would need policies 17:29:06 djweitzner: we are missing ... 17:29:20 ... 1 formal account of what an accountable system is 17:29:34 Not only from Tabulator, but could be from Tabulator access to the log itself. 17:30:19 ... hopefully the work we have done will ilustrate what will go into that model 17:30:53 Joan: formal account/coherent textual account 17:31:23 djweitzner: much more conceptual descriptions 17:31:51 Joan: top down as the meaning of conceptual 17:33:18 djweitzner: the interesting abt social web, is the facts available on the web 17:33:38 hendler: next build plan should be an outcome of this meeting 17:34:03 ... forensic approach is what we've been doing 17:34:43 djweitzner: break for lunch 17:35:19 djweitzner: after lunch, we'll talk about project management 17:35:48 Joan: [missed something..] 17:54:53 DanC_lap has quit (Read error: 60 (Operation timed out)) 17:56:07 shauni has quit (Read error: 110 (Connection timed out)) 18:32:26 who is scribing? 18:37:39 nobody, it seems ;) 18:42:47 djweitzner: Is it profitable to focus on rule conflicts? 18:43:00 K: Yes. Need to address conflicts for viability. 18:43:23 Gerry: Need to show that there are conflicts. 18:43:34 Joan: Can we prioritize rules? 18:44:09 Lalana: Not yet. We could do it with nesting or overriding policies. 18:44:26 djweitzner: What do we need for prioritization? 18:44:56 Jim: It's either trivial or unsolved. 18:45:11 K: There are rules for prioritization. 18:45:22 ... And then there are some that aren't. 18:45:45 ... May want a mechanism for pointing out unclear situations. 18:45:53 djweitzner: What happens today? 18:46:05 Lalana: It'll show both. 18:46:31 djweitzner: Let's show we can recognize conflicts. 18:46:54 Joan: There's been work in KR about conflict handling, I believe. 18:47:40 Jim: If you can set prioritization, it's solved. If you have to REASON prioritization, then it's harder. 18:48:15 ... For now, let's just recognize we have two conflicting policies. 18:48:36 Joan: Handling of prioritized rules is essential goal. 18:48:50 Gerry: Prioritized TMS isn't a problem. 18:49:22 K: US Persons q. is really interesting... 18:49:55 ... A "US Person" is citizen or permanent resident. Interesting in needing another source of data. 18:50:06 I only said that handling prioritized rules is not hard. 18:50:42 Joan: This question cannot be automatically determined regardless of source. 18:51:04 ... Even if we had ID cards, how do we know identity? 18:51:38 K: We need even more data sources for internet identities, etc. 18:52:21 Jim: This is where we need notification on use of the data, esp. if we can't determine the answer. 18:53:05 Joan: Let's not assume that electronic data will determine status universally. 18:55:03 ... It's okay in some scenarios where we have known endpoints. If endpoints unknown, we simply can't determine identity. 18:55:22 ... Let's be precise in terminology. 18:56:06 K: All we need to know is that it's matching against third-party sources, rather than just a log and client. 18:56:37 ... We need to open up the world from just the log. 18:57:18 Jim: We knew we'd need human adjudicators at some point. These are good examples. 18:58:44 djweitzner: [missed this] 18:58:59 Joan: Is it missing data or not knowing? 18:59:10 This is the "Human Judgment Required' scenario 18:59:44 K: Communication outside the US is extending the scenario, except needing third-party source for determining foreign endpoint. 19:00:10 ... Invalidating other outcomes is another scenario. May be a bit farther than we want to go. 19:01:06 ... Can we send reasoner to find an alternate log to recreate invalid deductions (if deductions from log are ruled illegal)? 19:01:19 djweitzner: That would be a good thing. 19:01:57 K: Classified/unclassified data. How do we segregate access... More than one view. 19:02:19 ... I'll post it. 19:02:37 re proving citizenship, something of an aside but I assume you folks saw the Estonian OpenID service: https://openid.ee/about/english# 19:02:38 Hal: Are there scenarios where we can admit there's something there? 19:02:56 K: There can be. Depends on the scenario. 19:03:14 Jim: There's a protocol to determine whether, with the same clearance, we can exchange info. 19:03:52 (need-to-know is an extra level on top of clearance for clarifying access to classified info) 19:04:44 djweitzner: Relationship between reasoner and store is tied to this scenario 19:05:03 ... Ability to prune from log is limited. 19:05:27 ... If we have classification parameters on every log, we won't know who can see what. 19:05:53 Tim: We discussed nature as separate graphs. 19:06:17 ... "The Log" is actually multiple logs. 19:06:59 ... Might be able to smush Facebook to other data, for example... 19:07:23 djweitzner: Moving ahead, we should probably develop a scenario. 19:07:55 ... Demo requirements. We could use access control based on classification privileges, identity as target, etc. 19:08:16 Jim: One issue: I'm less convinced we want to do paw server-side. 19:08:45 ... Our AIR stops at HTTP. We should play with that, as well as traditional-access. 19:08:59 djweitzner: Access control is to access the log. 19:09:18 Jim: Yes, but there's a difference between the log and 'Is Bob a US Citizen?' 19:09:51 ... Or, getting information with 'caveat' 19:10:10 djweitzner: How do we move forward on screnario? 19:10:47 Tim: Later, should we have a scenario where technology is run on itself? 19:11:08 ... A meta-scenario. 19:12:10 Jim: Can we have K drive it? "We must have a way to do X." leads to discussions. 19:12:50 Someone gets acccess to te log fo the purpose of runnng an accountability check... but hey use it for something esle. 19:13:13 K: We may want a master list. 19:13:19 keep the 'someday pile'. 19:13:49 djweitzner: 'There will be some access control'... What pieces do we need? 19:14:11 Jim: Proposal on board: "Move from PAW-like AC to client side access compliance." 19:14:23 The master list should include functionality discussed and whether it's been accomplished, will be accomplished (and approximately by whom/when), or we've decided isn't part of our mandate 19:14:58 ... Let's check proofs at the bottom of AIR, but one variable would be used to determine 'claim' used for policy? 19:15:22 ... Heavy-weight solution for situations where we have known solutions. 19:15:51 ... We don't need to reinvent the wheel for some of the situations. 19:16:05 ... Attach use policy to media. 19:16:25 ... Log errors from breaking use policy. 19:17:08 ... Then, it's E2ESA. 19:17:46 ... Still rule-based use control in TAMI situation, rather than reimplementing PAW. 19:18:10 ... What's interesting about access compliance in client-side architecture? 19:18:41 djweitzner: Don't like premise, good conclusion. Something important about rule-based authorization in PAW that should be in. 19:19:11 ... 2) We should have client-side architecture for tracking conditions under which user gets access. 19:21:27 Lalana: [putting up diagram] 19:21:49 Jim: 'Disk' is 'The Log'. Several Issues: 19:22:02 ... 1. Client asking to see protected parts of log. 19:22:12 ... Rule-based access should be in that part. 19:22:24 ... in AI/AIR reasoner 19:23:03 ... 2. If we do SPARQL query, it returns a policy with data, extract it, and then comply with it. 19:23:33 ... Like social networking example. 19:24:45 Joan: Where are the policies? 19:25:09 hendler: They're together with 'The Log'? No, they aren't on the slide. 19:25:58 djweitzner: Do you have a scenario in mind? Can you provide one? What's the process? 19:26:28 hendler: Let's do something like PAW. Associated with a URI is a policy. Get a 401 with the policy, or even in the 200 response. 19:27:36 lkagal: The reasoning is in the log that you 'agreed' to the policy 19:28:45 hendler: Right now, policy reasoner says something, looks at log, says it's okay. 19:28:58 ... Some data may come with own rules. Let's integrate it[?] 19:29:38 djweitzner: We did tell IARPA we were presenting access control system. 19:30:05 ... I'd like to have a scenario where you get 'access denied' 19:31:02 hendler: We can do that, but I also think this would also be interesting. For example, not used to control access to FOAF, but rather rules to use of the FOAF. 19:31:20 ... We don't have to do server-side hacking for everything. 19:31:39 ... Eventually we may want to do this, but that's not as interesting. 19:32:16 ... We'd need to mark policy as classified[?] 19:32:20 Gerry: What's the purpose? 19:33:22 hendler: Assume W3C: Team can see Team + Member, Member can see Member. 19:33:44 ... Having gotten something Team, I could publish something to public, but accountability won't let me know about the error. 19:34:10 Gerry: You want to attach policy to the data? 19:34:15 hendler: Yes. 19:34:27 Gerry: Cryptographic signatures, etc. 19:35:01 ... Affixed info is not removable, and adding your signature, then you can actually see where the data came from. 19:35:18 djweitzner: Security problem, not in scope. 19:36:14 ... 2 things: 1) Under log creation, with SPARQL query, we log such that we can conclude that we got data with policy. This is an open question. This is what I think is 'log creation' 19:36:26 ... 2) We need to do SOME access control (it's in scope.) 19:37:37 Firstly, we should develop an enhanced web infrastrcurew which includes polcy and access control and aprobpriate use in a constent wy, and 2) we should design in terms of that infrastructure. and the 3) we should sho it has ceruian ploicies. 19:37:42 hendler: I agree. If we design it right, they work together well. Furthermore, the integration is interesting to them. 19:37:47 (IARPA) 19:38:09 Modularity of systems is interestin ... can we build a systm of this stuff which to the outside looka like an agnetin another system? 19:38:12 q+ 19:38:18 djweitzner: What's new is the PAW stuff. We can write rules like log in same language. 19:38:47 ... Suppose you need to be intelligence officer to use data for intelligence purposes. 19:38:53 hendler: Where does that live? 19:39:19 djweitzner: SPARQL server for access logs, right? 19:40:28 hendler: Let's do rule-based control in AIR Reasoner <-> Disk? 19:40:43 djweitzner: Don't like the diagram, not web-like. Doesn't represent goal. 19:41:02 http://dig.csail.mit.edu/2007/03/WebAccountArch2.jpg 19:41:09 timbl: Can we replace diagram? Let's discuss. 19:41:31 djweitzner: And now the other diagram [linked above] 19:41:45 ... Not all correct, but let's view it more like this... 19:42:21 hendler: Use more traditional authorization, then attach access stuff for use within system. 19:42:58 Gerry: What's the goal of this conversation? 19:43:18 hendler: Let's redefine our current location. 19:43:42 djweitzner: We ought to develop a scenario to get on the same page. 19:43:49 hendler: Two things missing from current work. 19:43:57 ... 1) Let's bring in real activity 19:44:12 ... 2) Associate rules, use AMORD reasoning on rules with that activity. 19:44:53 ... 'log creation' from real activity is a prerequisite for doing access control and PAW-access. 19:45:16 djweitzner: Let's do the SPARQL rules/activity second. 19:45:48 ... What I don't like about WebAccountArch2 is that we treat the log as just another source of data with policies that we get using SPARQL. 19:46:29 hendler: Where do we get the data and the policies in the log? 19:47:10 ... I want to have the policy attached with data. 19:47:17 Gerry: It's possible. 19:48:12 hendler: Two implementation tricks: 1) Where do you put data from document? 2) Where do you put log data from SPARQL? 19:48:32 kennyluck (n=kennyluc@30-5-213.wireless.csail.mit.edu) has joined #dig 19:48:53 djweitzner: We agree this is necessary. But we need to join tabulator and AMORD. 19:49:19 ... More people working on tabulator, less on reasoner. 19:49:35 cool! 19:50:04 *correction* More people are currently working on tabulator and less on the reasoner, which is concerning. 19:50:05 Hi kenny, if we have a discussion about tabr, wouldyou like to come to th emeeting? 19:50:33 sure, where are you? 19:50:47 djweitzner: We need log creation. 19:50:50 timbl: Yes. 19:51:07 ... Haven't built architecture for it. 19:51:10 hendler: Yes. 19:51:50 timbl: djweitzner and hendler need to come to a conclusion. 19:52:03 djweitzner: I thought we did, but maybe you didn't hear? 19:52:16 [some confusion???] 19:52:45 timbl: We've got annotations about what we can do with things, and how to access things[?] 19:53:17 ... Haven't looked at how groups of users work together. 19:53:45 ... Do we need architecture in group? 19:54:14 side note: kkw posted her scenario page at http://dig.csail.mit.edu/TAMI/2008/Natl.Sec.Scenario.1.html 19:54:18 ... When go external, it's a group-to-group discussion. 19:54:49 ... Groups acting as agents in scenarios[?] 19:54:55 I wonder how hard it would be to integrate the reasoner into Tabulator 19:55:53 djweitzner: We've been trying to answer question about what's recorded, w.r.t. log creation, no? 19:56:18 Gerry: Don't know until after the fact. 19:56:28 ... Combining authorized with unauthorized 19:56:40 ... I think there's confusion going on. 19:57:00 djweitzner: Let's rewind 30 minutes. 19:57:23 Gerry: What large-scale mechanism do we need to build? 19:57:23 Don't give up! We're all waiting patiently... 19:58:02 kennyluck, we are in the Kiva (32-G449) 19:58:06 djweitzner: Goal is to know if data is being used within policys. We need to track everything. 19:58:11 Gerry: Not a lot of stuff. 19:58:15 i've given up on opensocial APIs working, that's all :) Google's sandbox is offline today, and Ning's isn't working enough to tell me who the logged-in user is 19:58:37 djweitzner: We don't know in advance what we need to know. Keep everything. 19:58:52 timbl: If we build it right, we can know what to drop. 19:59:03 oshani, I am outside. Are they taking a break soon? 19:59:25 you can come inside 19:59:43 ... Let's make a protocol to find out policies. It's unbearable to not find out policies. 20:00:05 Kenny enters. 20:00:21 ... Let's find out where to find the policies. 20:01:18 ... All the stuff I don't need to log then. 20:01:29 Pipian: Throwing in extra data with HEAD 20:01:42 djweitzner: Can't know all policies when you get data. 20:02:00 ... e.g. If I stole document and then relicense. 20:02:29 timbl: Then it's irrelevant, because we can't find all data. 20:02:53 djweitzner: But at least we you have knowledge of how you got it. 20:03:21 ... We need to resolve the question: "Smart logs or dumb logs?" 20:03:35 ... I don't think this is possible. 20:04:08 K: I wonder if we should experiment with this? 20:04:27 djweitzner: Sure. 20:04:54 danbri: Assuming the log is entirely correct is setting self up to fail. You might not get everything anyway. 20:05:20 hendler: Asking to collect everything when we currently can get nothing. Let's settle on something so that we can collect SOMETHING. Proposals on what to do. 20:05:35 ... 6 things to do: 20:06:21 djweitzner: should we have all tms's instead of logs? 20:06:29 timbl: 20:06:38 There are a lot of things that point to a TMS 20:06:55 timbl: Tracking provenance, inferencing, etc. need a TMS. 20:07:29 ... People need to refresh data. 20:07:51 ... We need a TMS. Then we can make policies attached. Awful lot of data. 20:08:27 Gerry: 20:08:45 If we log everything, it's only $300 million to store everything everyone types in a year! 20:08:54 hendler: Action points: 20:09:15 ... 1) Build some "shims" to track provenance in a HTTP environment. 20:09:34 ... 2) Define a mechanism to tie policy to the data that comes with that data (MIT+RPI) 20:09:49 ... 3) Make amord.py work in this environment. 20:10:04 ... 4) Begin work on accountability definition (Joan) 20:10:22 ... 5) Resolve work on next version of architecture (Gerry &...) 20:10:36 ... 6) UI work (tabulator team) 20:11:48 ... (all by May) 20:12:27 ... Would like one of those for RPI. 20:14:04 I don't think I understand what *shims* mean 20:14:21 djweitzner: Best chance of getting something done: Work on one new scenario. 20:14:36 ... Anyone involved in code dev needs to be involved in scenario dev. 20:14:39 A shim is a thin adapter which connects an existing system to the new one. 20:14:39 oshani, http://en.wikipedia.org/wiki/Shim ? 20:14:46 shim in http://www.hacker-dictionary.com/terms/shim "n. A small piece of data inserted in order to achieve a desired memory alignment or other addressing property." is the wrong def here 20:14:55 "quick hacky adaptor" is how I understand it 20:15:08 DanC_lap (n=connolly@72-255-37-142.client.stsn.net) has joined #dig 20:15:24 hendler: Why not do with current scenarios? 20:15:32 how about http://en.wikipedia.org/wiki/API_shim 20:15:36 djweitzner: Sure. 20:16:17 hendler: May, because of Yosi and Ian disappear. 20:16:26 yep API_shim 20:16:48 djweitzner: If subset want to take scenarios 4, 9, and do SPARQL markup around it... Not trivial. 20:17:00 ... Social networking scenario is nice because graph exists already. 20:17:21 ... Law enforcement, CDC scenarios lack data to put SPARQL endpoint around. 20:17:44 K: If we do social net thing, we could get some data. 20:17:52 hendler: What's the accountability? 20:18:31 K said, we could ask people if they'd be willing to share their data with us for research purposes only. 20:18:39 timbl: Alternative to Facebook, where USER controls policy. 20:19:32 ... Auditing trail then created through use of policy. 20:19:55 hendler: That's one way to test 1, 2, 3. 20:20:50 ... Not trying to use word 'log' 20:21:40 djweitzner: Logging critical because existing systems need to keep track of events and have auditing. Logging is thus fundamental. 20:22:43 ... Reality check on social network: IARPA's problems won't be solved (directly). 20:23:22 ... Is it reasonable to present this as 'alike'? 20:23:55 Joan: Why is it an open question? Deliverables are in proposal and at IARPA meeting... 20:25:20 djweitzner: He's happy with direction in general. We told him we'd have an intelligence-centric scenario. We can probably do both, but intelligence with log creation, mockup of this is time-consuming and 'hokey' looking. 20:25:44 hendler: One order: Do a US Citizen scenario. 20:26:34 ... How do we (RPI) do something outside of tabulator to have other things (e.g. access control) done? 20:27:25 djweitzner: Everyone in the group will communicate together. Everyone get agreement on scenario. 20:27:59 timbl: Reasonable to set 'todo' list for the student coders. 20:28:34 ... Two sides to tabulator. Done UI for justifications, but UI for 'alerts' is not. We can look at this. 20:28:42 ... 'Runtime TAMI stuff' 20:28:59 ... For PAW, let's see if we can set up a server for it. Then it's done. 20:29:15 ... Then we have a list of what we need to configure. 20:30:12 djweitzner: We need policy-based access control. 20:30:40 timbl, danny, jim agree that we do not to use proof based access control (such as in PAW) but we need policy based access control. 20:30:44 ... Where we are: Three things: 20:30:51 ... 1) US Citizen scenario 20:31:01 ... 2) How to do social networking scenario 20:31:25 ... 3) Taking PAW access control and using FOAF info for Tabulator to get access to controlled resources 20:31:32 hendler: AMORD goes where? 20:31:45 what's the best thing I can read about AIR? 20:31:51 djweitzner: Policies in AIR, so use AMORD for reasoning about policies. 20:32:00 http://dig.csail.mit.edu/2008/Papers/IEEE%20Policy/air-overview.pdf I believe 20:32:05 thx 20:32:31 And the spec is at http://dig.csail.mit.edu/TAMI/2007/AIR/ 20:32:39 hendler: Interest in AMORD programming is Josi and Ian, any others? 20:32:52 ... Who is building reasoners? 20:33:56 ... Tomorrow, Ian will learn about AIR policy reasoner, AMORD, and we can work it together with Tabulator. 20:34:09 ... Not as interested in Tabulator, as much as the reasoning caused by it. 20:34:29 timbl: Level of sophistication of policy. FOAF challenge... 20:34:38 lkagal: Did it in the paper. 20:35:05 hendler: 20:35:18 I'm leaving. But... 20:35:31 djweitzner: Tabulator working on [???] 20:36:17 hendler: So the tabulator team will work on [???] and Ian, etc. will work on AMORD. 20:36:25 djweitzner: 10 minutes and then Social Networking. 20:37:58 shauni (n=chatzill@18.60.12.130) has joined #dig 20:39:39 DanC_lap has quit (Read error: 110 (Connection timed out)) 20:42:09 hendler has quit (Read error: 110 (Connection timed out)) 20:51:50 DanC_lap (n=connolly@72-255-49-75.client.stsn.net) has joined #dig 20:57:54 shauni has quit (Read error: 110 (Connection timed out)) 20:58:13 Next part of the meeting...Dan will talk about social networking 20:59:01 DanBri: Will talk about Brad Fitzpatrick started LiveJournal...sold to 6 Apart 20:59:23 Brad has now moved to Google 20:59:40 danbri has quit () 21:00:16 Showing Brad's presentation on Social Graph 21:01:25 Problem: how to share information from different sites and to different sites 21:02:06 Disambiguating identities...determining whether a pointer is a claim about self or a reference to someone else 21:02:28 Existing Google crawl has a bunch of crawl already 21:02:47 Looks at a document, analyzes it and spits out new triples 21:05:14 http://code.google.com/apis/socialgraph/ 21:06:28 Reads three kinds of things... html decorated, foaf, special purpose hard-coded knowledge 21:07:13 Provide someone's URL and get back everything they know about you. 21:08:22 Currently lacking accountability... many unverified results 21:08:28 Not currently in RDF 21:10:06 Shows flickr...which allows tags for pictures 21:10:53 flickr wants to allow more so that the pictures can identify the folks in the picture 21:11:07 still struggling with responsibility challenges 21:11:31 how to apply one person's instruction about being id'd in someone else's page 21:12:09 at least flickr or facebook are single db's so they can honor an "untag" request 21:12:16 how to do this on the open web? 21:12:53 Tim: Tabulator will allow personal interface that understands community-based instructions 21:13:08 Tim: Example, share the tag with my family 21:13:33 Tim: Also, tag shows source so someone discovering it can ask the originator to untag. 21:14:00 Dan: Googles answer is reconfigure the web 21:14:56 Danny: Need a UI box that lets the person note this wherever it's found 21:15:17 Danny: If Google finds data contradicted by the policy, what should it do? 21:15:29 Joan: It depends on multiple circumstances 21:15:56 Joan: Important question: How is it discoverable that the presence is in violation of someone's personal policy. 21:16:19 DanBri: Not an enforcement person, but could do a better job at exposing the person's policy. 21:16:52 Danny: Why is this different from P3P? People in social networks are used to making some narrow choices about their privacy. 21:17:46 DanBri: Social networks have become containers for applications. 21:19:00 DanBri: shows widget running inside OpenSocial where he sets policy and it should be honored by about 10-15 networks (as soon as they are stable). 21:19:13 KKW apology... Dan=DanBri 21:19:31 Joan: Doesn't show policy at the node, but it could. 21:20:36 DanBri: Javascript should know who's page the policies are in. 21:21:51 http://foafbook.ning.com/profile/danbri 21:23:27 DanBri: has been exporting information about himself which drags along information about his friends. When he mentions those people, it may cause the api to link it all and appear when the friends query the api. 21:24:26 RalphS has quit ("bye for today") 21:25:39 DanBri: Doesn't know how to keep track of the info he's collected which contains privacy instructions 21:25:55 DanBri: TAMI could help with this 21:28:14 this finally occurs, 21:28:26 409 Conflicts 21:29:56 because of cache. 21:30:38 ooops 21:30:46 That's interesting 21:31:03 Danny: The TAMI question is whether there's something we can do that would (a) do something useful in allowing people to express privacy policies that can be understood by social networks and (b) whether that would help us build some of the infrastructure we need 21:31:34 http://dig.csail.mit.edu/2007/wiki/tabulator#project 21:33:19 Tim now displays Tabulator task list 21:33:40 http:/dig.csail.mit.edu/2007/wiki/doapextension#featureAndBug 21:34:54 Tim: Hypothesis Management - ability to put in a sidebar to describe a hypothesis and then see what depends on the hypothesis 21:35:57 Tim: social networking features relating to Tabulator 21:37:47 Tim: shows Joe Lambda Tabulator FOAF view 21:37:57 DanBri: trusting app built on a paranoid base 21:38:35 (in response to Tim showing that Tabulator can show the source of the data) 21:39:39 Tim: shows that Tabulator can give a you-centric view (click on Amy and get the opportunity to say whether you know her and then find out if you know folks in common) 21:40:16 http://xmlns.com/foaf/0.1/knows 21:40:20 timbl, so the foaf file should be in a SPARQL updatable server right? 21:40:56 Tim: It follows links out but doesn't show what's happened about you 21:43:09 Tim: Update function will send notice of unchecking "I know" 21:44:35 Danny: Can tabulator answer scope queries -- which of these people live in Lexington, MA? work at nnnn? Ages between xx and yy? 21:44:49 danbri (n=danbri@unaffiliated/danbri) has joined #dig 21:45:01 yosi_s has quit () 21:50:05 Tim posts Google map of the locations of Tabulator project participants 21:50:18 DanBri asks if posting it on flickr violates a policy 21:51:16 Joan: Why is this (social networking) different from anyone else who posts data and has to comply with policies or laws? 21:51:59 Tim: One way to address this is through groups such as Google's public or private groups. 21:52:39 Joan: This is about accountability ... can we express some broadly applicable common policies? 21:52:59 Joan: People are often mistaken about what their policies are or what their systems are doing to implement them. 21:53:08 http://dig.csail.mit.edu/2007/12/rep.html 21:53:44 Tim: Google allowed people to create a group and decide what to share with whom, but only in a limited way 21:55:21 Joan: So part of the question is whether there wasn't enough structure to express the range of policies, not enough groups, 21:55:36 Danny: Provided a few examples in his paper 21:55:41 These are usage restrictions 21:55:52 Joan: Don't call them inference restrictions 21:56:10 Tim: Can we have republishing restrictions based on inference? 21:56:54 Danny: separated inferences from uses because of a student paper that showed how to infer who is gay 21:57:19 Danny: maybe we should say... we don't want people to publish 21:58:27 DanBri: Does some work for Joost...could do very targeted marketing ... but no quality restrictions 22:01:06 Joan: re: accountability -- that you have a way to gather the appropriate policies and all the appropriate data (identities, dependencies) 22:01:36 , to express the policies, to describe what happened, and allows you to reasona about it 22:03:16 Danny: Have a theory about how to do this. Usage restrictions, reciprocity, publisher has requirement to self identify and tell where it's used 22:03:55 Joan: people retrieve data not knowing how they'll use it ... and my usage may change over time 22:04:12 (if anyone has a problem with http://www.flickr.com/photos/danbri/2261574426/ being public, let me know) 22:04:32 Joan: in many cases, you shouldn't need prior notice 22:04:49 Joan: need a way for the publisher to be pro-active and notify you 22:05:06 Danny: maybe people should just identify themselves when they do 22:05:11 danbri, nice photo :) 22:05:32 DanBri just violated my no photos on the web rule 22:06:00 would you rather i take it down? (no prob if so...) 22:06:14 (or that we don't catalogue you as being in it...) 22:06:20 it's just me, but yes there are no photos of me 22:06:55 will explain off-line 22:08:12 Joan: should be able to ask for permission to be excused from policy and, if denied, be able to circumvent 22:08:23 K missed ... under which circumstances 22:08:52 thank you 22:08:53 (flickr, "We've replaced the old version of this photo with your shiny new edited one!") 22:10:33 kkw: 1. I mentioned last meeting, i've been playing with a spreadsheet of what the default policies are for most people /at least this country/culture ... 22:10:41 ...eg short-term health, long-term health, financial, ... 22:10:51 kkw: was playing with some default polices such as short/long term health financial 22:10:53 ...a matrix, who would get what, ... who would get detailed, general, specific info 22:11:27 ... there are some really major concerns about things being totally open and public, where warrants etc would be needed 22:11:51 Joan: data brokers 22:12:12 ... choic point aggregates are not in public domain 22:12:50 aside - a lot of users are convinced Facebook etc. is a CIA front (http://www.albumoftheday.com/facebook/ etc) 22:12:57 kkw: [missed] 22:13:35 djweitzner: get clear on how to make these systems accountable 22:14:11 kkw: do research on putting some control on [what?] 22:14:53 djweitzner: publish FOAF file with restrictions 22:15:22 ... similar argument about exisiting social networks 22:16:10 ... gaydar script: if someone used it maliciously, victims complain to FB 22:16:46 Joan: enforce the [rate limits?] 22:17:06 DanC_lap has quit (Read error: 110 (Connection timed out)) 22:17:52 kkw: small part of the problem, what happens if an FBI agent in [where?] 22:18:25 djweitzner: what is that a violation of? 22:18:42 Joan: what the information could be used for 22:19:10 ... if the FBI guy logs in to do FBI work, it's not the right use 22:19:55 kkw: fruit of the poisonous tree explanation 22:20:34 Joan: cover up tracks 22:20:46 ... by law enforcement agencies 22:21:03 djweitzner: great example to trigger log rules 22:21:23 Joan: you can not prove that someone else in the org did not come across that data 22:21:52 djweitzner: disconnect between illicit use and fair use 22:22:29 [which part should I scribe? :)] 22:23:09 kkw: 2. what can we do for danbri 22:23:40 ... get the data into Tabulator 22:23:52 danbri: Tabulator is a downstream app 22:24:43 ... keep a SPARQL, policy library 22:26:27 timbl: FOAF+OpenID to cutdown spam 22:26:59 djweitzner: let's imagine, we settle on what these policy elements are 22:27:22 ... and associate with FB profile and any other online ids they have 22:27:30 ... what do we tell ppl to with that? 22:28:29 Joan: usually what makes clear to ppl is that it wil enable them to do things they could not do before 22:28:40 ... but this seems like this will limit ppl 22:28:48 kkw: describes a story 22:29:00 ... highschool girl 22:29:36 ... you'd want some control over the negative things 22:29:48 djweitzner: Creative Commons experience 22:30:53 ... we have to show the 2 sides of the equation (what was before and what is capable after) 22:31:14 kkw: any non-hacking FB world will there be interest? 22:31:33 ... exhausted on registering over and over again 22:31:59 ... young ppl do not understand the consequences 22:32:26 ... if FB and other SN sites are primary targets, these elements should matter to them 22:32:45 Joan: our target should not be enterprise 22:33:04 .... it should be organization which want to hold ppl accountable 22:33:23 djweitzner: Google is a good example 22:33:42 ... lot of what we are doing is on the enterprise side 22:34:09 ... allow lot of ppl to experiment with these things 22:34:34 ... therefore, it's worth to do a sum of both 22:34:51 kkw: some overlap with LinkedIn and [what?] 22:34:54 sandro has quit (Remote closed the connection) 22:35:21 ... the comments the ppl post in some social context can be aggregated 22:35:29 sandro (n=nnnnnnnn@homer.w3.org) has joined #dig 22:35:43 timbl: are there sites that do that> 22:35:44 LinkedIn and Facebook 22:36:31 danbri: OpenID has exacerbated this problem 22:37:20 djweitzner: several ppl push back on the inference restriction 22:37:49 kkw: describes personal experience 22:38:11 Joan: the data is actually logically infereable 22:38:27 ... but we are going to prevent ppl from inferencing it 22:38:35 djweitzner: Q we still haven't asked 22:38:51 ... we are looking for some ways to create some logs 22:39:11 ... we still don't have a context in which we can create it 22:39:26 (I think http://esw.w3.org/topic/CambridgeSemanticWebGatherings/Meeting/2008-02-12_Gathering is starting nearby in 20mins ... anyone here also attending?) 22:39:49 ... a platform that we can create logs in some way? 22:40:05 timbl: explains how we could do that with Tabulator> 22:40:27 djweitzner: do we have a clear mapping from SPARQL queries and logs? 22:40:41 /me notes that another group needs to use the room when this meeting is over, so if people can go to the SW Gathering in the Star conference room, or simply use the tables (if available) at the faculty dining area, that would be helpful 22:41:37 timbl: we could log all the ... 22:41:52 ... where do we want to log? 22:42:41 djweitzner: CDC scenario, we want to trap the events somewhere 22:43:24 have a look around http://www.facebook.com/apps/# ... 15000 mini-apps using FB social data. How to help *those* app authors be responsible, acountable? (and in a model that extends to OpenSocial Platform too) 22:43:44 timbl: suppose the systsem loads lots of data, how we make sure she sees what she's expected to see? 22:43:58 djweitzner: play around with a bunch of scenarios 22:44:13 timbl: we can generate a list of all the sources 22:44:51 kkw: what if instead we keep track of ppl's preferences? 22:45:06 ... it's still a conflicting rules thing 22:45:20 djweitzner: that's kinda P2P 22:45:56 danbri: can we make an app for these 15k social apps on FB? 22:46:28 timbl: could we make a FB app to share data between each other apps? 22:46:39 danbri: we could probably hack on the cookies 22:47:21 danbri: right now Opensocial is in flux, but we could talk with them 22:49:36 djweitzner: semweb environment we could build on to collect data 22:49:45 ... problem with scraping off HTML 22:49:55 ... domain ontologies 22:50:00 gjs: other idea 22:50:09 ... from Intelligence community 22:50:20 ... ppl would be cooperative 22:50:40 djweitzner: so that's ppl manually create logs? 22:50:59 gjs: [missed the argument] 22:51:32 ... [was that to fabricate the log?] 22:51:45 kkw: you know what the log looks like 22:51:56 ... you just build a synthetic log 22:52:05 ... explains an example 22:52:55 ... about a bunch of telephone record extraction 22:53:07 timbl: browse RDF through Tabulator 22:54:18 ... Tabulator keeps a log of all the accesses 22:54:37 ... "Under the Hood" is a log of all the internals 22:55:05 Joan: Good bye 22:55:41 djweitzner: the timeline we are on with Carl is late Spring / early Summer 22:57:10 kkw: can danbri could get some contacts? 22:57:21 djweitzner: what questions can we ask of the data? 22:57:33 kkw: before doing anything automated 22:58:57 djweitzner: can we get the Tabulator hooked on to the Open Social API? 22:59:15 timbl: why do we want to do that? 22:59:28 djweitzner: because then we can browse around my social graph 22:59:45 ... and make inferences based on that 23:00:01 timbl: pulling up the data? 23:00:15 djweitzner: explains an example 23:01:34 danbri: [missed the example, but has to do with reverse indexing FOAF files?] 23:02:04 djweitzner:we are about to break 23:02:17 my example is http://danbri.org/words/2008/02/09/271 23:02:20 Pipian has quit () 23:02:27 thanks danbri 23:02:29 it used google to go from email addresses, hashed, to foaf descriptions 23:03:18 meeting is over 23:03:24 oshani has quit ("The computer fell asleep") 23:03:46 lkagal has quit () 23:03:55 kennyluck has quit () 23:03:55 gjs has left #dig 23:04:53 danbri has quit () 23:08:51 timbl has quit () 23:10:20 djweitzner has quit () 23:15:28 Pipian (n=Pipian@30-6-160.wireless.csail.mit.edu) has joined #dig 23:16:48 Pipian has quit (Client Quit) 23:21:18 kkw has quit (Read error: 110 (Connection timed out)) 23:29:21 lkagal (n=lkagal1@30-6-125.wireless.csail.mit.edu) has joined #dig 23:31:11 lkagal has quit (Client Quit) 23:32:01 lkagal (n=lkagal1@30-6-125.wireless.csail.mit.edu) has joined #dig 23:46:10 lkagal has quit () 23:48:00 danbri (n=danbri@unaffiliated/danbri) has joined #dig 23:53:36 danbri has quit () 23:55:22 danbri (n=danbri@unaffiliated/danbri) has joined #dig 23:55:26 danbri has quit (Client Quit)