Policy Service In Wot

Potentialities offered by the Web of things(WoT) make possible the development of a huge number of applications, which are currently available to our society, such as transportation and logistics domain, healthcare domain, smart environment domain and personal and social domain. However, with the massive deployment of sensors and smart things enhanced with communication and computing capabilities, Web of Things raised ever-growing concerns for resource safety and network management. In this paper, we believe that policy management service is an efficient and flexible solution to the resource safety and network management issues, for policy based management is one of the important means of simplifying network management tasks and ensuring network security. There are two kinds of policies applied to our Web of Things scenes:Event-Condition-Action (ECA) obligation policy and authorization policy. ECA obligation policies are event-triggered condition-action rules that can be used to define adaptable management actions, which can conduct the behavior of system to accomplish tasks. Authorization policies are rules that define what services or resources a subject (management agent, user or role) can access, which can refuse to provide services to unauthorized subjects.The policy management framework deployed in WoT scene will be discussed from two parts, that is, policy language expression design and a device-centric policy conflict detection. To design an appropriate policy language expression, we firstly provide a survey on several general policy languages and evaluate them with three key requirements for the performance evaluation under the WoT scene, that is, expressiveness, simplicity and enforceability. Then, we select Ponder as our policy language and design a policy editing syntax for our typical SIoT scene to avoid complex Ponder syntax training for users without professional knowledge in policy field. Finally, we implement a WoT policy editorwith fuzzy matching function and conduct an experiment to compare our policy editing syntax and Ponder syntax. Test shows that editing through our policy editor can decrease error-rate considerably comparing with that by using Ponder syntax.In the second part, safety issues from a device’s point of view were proposed, which required the device to be deployed in a device-friendly environment and operated with proper and safe procedures. Then modality conflict and interest conflict were defined to address the safety issuesanda specific conflict detection approach was put forward for these conflicts.Our policy conflict detection algorithm is based on a two-phase matrix analysis algorithm, firstly the relationship between the new policy and a deployed policy is identified by analyzing every part of policies, and secondly the relationship will be examined with a conflict pattern matrix extracted from the practical application scene. Finally, we conduct three experiments to evaluate the accuracy and time performance of the detection approach. The evaluation shows that all the conflict results are correct and the time cost has a nonlinear relationship with the policy number.