Blog

The other day I was looking into a problem someone was reporting with an apache RewriteRule, only to conclude that it was using features of the Regex library which weren’t available in their version of apache.

I found a means of detecting the different versions of apache using the mod_version module. This allows you to write htaccess files which can fall back to other rules for older versions of apache.

Unfortunately it’s only been available since version 2.0.56, but given that this was before the first release of version 2 it’s fairly safe to assume that anything without mod_version will be running apache 1.

I will concede that this sounds very obvious, but there was a surprising lack of results in google for any of the keywords that immediately sprang to mind. For the benefit of anyone searching for this; below is an example of how you can use mod_version in practice:

<IfModule !mod_version.c>
	# Earlier than version 2.0.56, so almost certainly 1.x
	# as 2.0.63 was the first release of version 2.
</IfModule>
<IfModule mod_version.c>
	# Version 2.0.56 or later
	<IfVersion < 2.2>
		# Before version 2.2
	</IfVersion>
	<IfVersion >= 2.2>
		# Version 2.2 or later
	</IfVersion>
</IfModule>

We argued previously that there is a need for a system of identity for Semantic Web Agents, particularly in the process of making judgements of trust.

Examining the requirements of a system of identity, we recognise that such a system cannot count on universal uptake among Semantic Web agents, and therefore it cannot require each agent to state an identity for itself. Additionally even if universal uptake could be relied upon, we cannot count on the honest and benevolent behaviour of every Semantic Web agent. Thus, as we briefly mentioned at the end of our previous post, a system of identity for the Semantic Web must be primarily built around observable characteristics as a measure of identity.

As an analogy; when surfing the Web you would not rely on a Website’s claim that it is your bank’s online portal, you would rely on the factors you can observe (such as the domain name and also the digital certificate) to inform your judgement. Digital certificates are especially important if you are connected to the Internet over an untrusted network connection.

Building on our earlier example of a rudimentary HTTP-based Semantic Web agent, suppose we request a URI from it, and receive some RDF in response. The data we collect about the identity of the agent may look something like the following:

@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>.
@prefix xsd: <http://www.w3.org/2001/XMLSchema#>.
@prefix ex: <http://example.com/ont/>.

_:agent1
	rdf:type 	ex:HTTPAgent;
	ex:port  	80;
	ex:host  	"agent.example.com";
	ex:ip    	"10.0.0.1";
	ex:time  	"2010-04-14T14:37:37Z"^^xsd:dateTime.

Suppose at some later date we again communicate with the agent at the domain agent.example.com, and in the process observe that the DNS entry has changed, and the domain now refers to a new IP address. Do we then consider this to be the same agent which we have previous experience of? Further, is the information we have sufficient to make such a decision? Other attributes may influence the judgement of similarity if they significantly alter the behaviour of the agent, software version numbers or digital certificates, for example.

Returning to our analogy, if your browser stored the credentials for your bank’s online banking portal, you would specify very strict criteria, very similar to what we described above, to dictate which websites are permitted to see this information.

Below follows a second observation record, for an interaction with the same agent at a different IP address.

_:agent2
	rdf:type 	ex:HTTPAgent;
	ex:port  	80;
	ex:host  	"agent.example.com";
	ex:ip    	"10.0.0.2";
	ex:time  	"2010-04-14T14:37:37Z"^^xsd:dateTime.

It is possible to encode our criteria for equivalence using OWL (to some degree) such that a reasoner can identify that two agents are in fact the same entity. This involves declaring a class of all things which meet the criteria of being a particular agent such that those which meet the necessary and sufficient criteria may be considered the same.

Unfortunately the equivalence afforded by OWL causes the effective merging of the identifiers, such that, as below, the metadata from the two different requests becomes inseparable.

_:agent1
	owl:sameAs   	_:agent2;
	rdf:type 	ex:HTTPAgent;
	ex:port  	80;
	ex:host  	"agent.example.com";
	ex:ip    	"10.0.0.1";
	ex:ip    	"10.0.0.2";
	ex:time  	"2010-04-18T10:24:12Z"^^xsd:dateTime;
	ex:time  	"2010-04-14T14:37:37Z"^^xsd:dateTime.

The problem with this approach is not the use of OWL classification (though it is somewhat ill suited to this task), rather it is the result of a simplistic ontology design. We acknowledge that this crude example ontology has many flaws (the assumption that a HTTP agent operates on a sole port and network address, for example), however to fully satisfy our potential requirements we must adopt an event-based ontology design, as these observations are inherently temporal in nature.

Open Data movements are gradually gaining traction; government transparency efforts in the US and the UK have begun to release data-sets, some of which are published in Linked Data form. As the range and variety of Semantic Web data publishers grows, it is increasingly important that we address the problem of trust.

Previously we discussed the challenges of a trust layer for the Semantic Web, and more recently, how we think these challenges should be faced. We are convinced that provenance and reputation information will be a crucial basis for Semantic Web trust decisions.

Reputation and provenance are by no means new subjects in the domain of Computer Science, both are grounded in substantial bodies of literature. Existing techniques will likely require some adaption in order to match the challenges of the Web of Linked Data.

Hartig and Zhao‘s provenance vocabulary for Linked Data does exactly this, taking existing provenance techniques in a Web-friendly direction, recognising the distinctions between data curation, publishing and access. To do similar for reputation mechanisms will not be prohibitively difficult, however there remains a missing piece of the technological puzzle: a system of identity.

A notion of identity is necessary for any judgement of trust in order to fully link together available information. The FOAF vocabulary gives us identifiers for people, and the FOAF+SSL proposals allow us to prove the ownership of (Web of Trust, or PKI style) digital certificates, however there is of yet no accepted means of identifying a Semantic Web software agent (e.g. a Webserver) beyond the foaf:Agent type.

In order to properly describe the identity of a Semantic Web agent we require more information than a single URI. For example, in the case of a HTTP-Based Semantic Web agent (a Webserver), metadata such as the hostname and network port is to some purposes integral to the identity of the agent. To avoid coining a new identity with every HTTP request we must have some criteria by which we judge that the other parties of different data exchanges are the same entity.

An important point to make here is that we cannot rely on declarative identities, that is we cannot count on universal uptake among Semantic Web agents of a vocabulary in which to assert identity. Thus an appropriate identity mechanism must consider both observational identities (identities coined by another agent based on its observations) and declarative identities.

One of the issues which my internal examiner raised with my interim report was that while I described the differing definitions of trust in the field, I failed to describe the definition I was adopting for my work. This post attempts to describe my definition of trust, in the range of contexts in which it is used.

Depending on the context in which it is used, the term trust may identify a number of different forms of trust, and the distinction between them is rarely made. We describe our definition for each of these below.

Trust as an act

We consider this to be the primary meaning of the term “trust”. Trusting is the act of relying on the behaviour of another individual in an uncertain environment, where it is subjectively perceived that the outcome of the situation is contingent on the behaviour of the other individual.

Morton Deutsch’s definition of trust is perhaps the most widely accepted, it states that:

1. An individual is confronted with an ambiguous path, a path that can lead to an event perceived to be beneficial (Va⁺) or to an event perceived to be harmful (Va⁻);
2. they perceives that the occurrence of Va⁺ or Va⁻ is contingent on the behaviour of another person; and
3. he perceives the strength of Va⁻ to be greater than the strength of Va⁺.

If he chooses to take an ambiguous path with such properties, I shall say he makes a trusting choice; if he chooses not to take the path, he makes a distrustful choice.

We differ in opinion with Deutsch on two counts; we don’t consider it necessary for Va⁻ to be harmful, only that it be less preferable than Va⁺, and thus also that the relative strengths of Va⁺ and Va⁺ need not be a factor in whether it is labeled a trusting choice or not. Reference information for Deutsch’s work can be found on Google Scholar and the above passage is reproduced from Marsh’s PhD Thesis on trust as a computational concept.

As an aside, we do not believe that one can trust in an inanimate object, the true target of trust must be elsewhere. To trust in the strength of a tree branch is instead to trust that ones own internal models and estimates of its strength are correct. To trust in a safety harness is a similar situation, one does not trust the harness itself, instead one trusts first ones own personal judgement that the safety harness appears safe and then that those who are responsible for constructing and maintaining the harnesses have done so with due care and diligence.

Trust as a decision

The decision of whether or not to trust is a choice between different courses of action, of which one or more is a trusting path, and one or more is a path which does not rely on trust. When dealing with complex, multifaceted decisions, potential paths may include measures to decrease the degree of risks or selectively avoid particularly risky events, thus it is often possible to take a trusting path which does not rely on trust in every respect.

The degree of risk, the stakes, and the utility of potential outcomes may all play a role in the decision of whether to trust, however one must remember that their evaluation and weighting are inherently subjective.

Trust as a bond

Trust as a bond between two people is the notion that they are able to comfortably rely on the behaviour of each other. Thus a bond of trust is the confidence that each will act in the best interests of the other when placed in a scenario where the utility of the other is contingent on their own actions.

Trust as a property of society

Trust within society arises from the confidence that other members of the society share the same core values and ideals as oneself, and the conjecture that they will therefore behave in a manner which is consistent with these.

These behavioral expectations — or social norms — are enforced within the group and breaching them can lead to punishment and exclusion. For an extensive discussion of the roles trust plays within society, see O’Hara’s book “Trust: from Socrates to Spin”.

Previously we explored the challenges of trust on the Semantic Web and described our take on how we might go about engineering a trust layer for the Semantic Web technology stack. This post elaborates on the challenge of making a judgement of trust.

Recalling the two questions posed in the previous post:

1. Can I rely on this piece of information?
2. Can I trust this service provider?

As we observed previously, both questions call for a judgement to be made based on available information.

Consider the first question, of whether to rely on — and therefore trust in — a piece of information. We believe this decision should be based on the level of belief that is held in that statement. Furthermore, our level of belief in a statement should be grounded in an assessment of its credibility and plausibility.

To clarify further, we consider the credibility of a statement to be an assessment of the reliability and trustworthiness of the agents and processes involved in its assertion. Such an assessment would likely include analysis of the provenance data associated with the statement, as well as a review of reputation information and first-hand experiences of the actors and processes involved.

With respect to plausibility, we consider it to be a measure of how likely a statement is to be true, against the background of our existing knowledge, taking into account confirmatory or contradictory knowledge and trends.

The second question has much in common with the first; while the primary concern of the judgement is over the expected behaviour of the service provider, it too must be concerned to some degree with the provenance of information. Reputation information is valuable in judging expected behaviour and facilitates interactions with yet un-encountered providers, however the provenance of reputation information is also important because disreputable sources may provide fraudulent information when collaborating with disreputable service providers.

Therefore, if we are to construct an ecosystem of Semantic Web technologies in order to engineer trust as a macro phenomena, we must first engineer robust provenance and reputation systems for the Semantic Web.

Trust has long been foreseen as challenge for the Semantic Web research community, appearing in the upper echelons of the Semantic Web Layer Cake technology stack, however Semantic Web research around the topic of trust does not seem to have a clear idea of what exactly this challenge is.

Jen Golbeck‘s prominent work with Semantic Web technologies has harnessed trust within social networks, putting it to tasks such as Email filtering and film recommendation, unfortunately this does not really shed any light on the role trust might play in the Semantic Web technology stack.

If we unpack our expectations of a Semantic Web trust layer, taking the time to consider what we expect it to achieve,  by what questions we wish to be able to ask of it, we generally arrive at two questions:

1. Can I rely on this piece of information?
2. Can I trust this service provider?

These two questions are fundamentally different; the first pertains to the truth of a piece of information, whereas the second concerns the probable behaviour of another agent. However both are similar in that they require a judgement to be made based on information such as provenance and reputation.

To construct a trust layer we require both the capacity to make such judgements and the information on which to ground such decisions, both of which represent sizable research challenges.

The Semantic Web trust layer will not be a single technology, rather a collection of interacting techniques and standards whose emergent macro phenomena we must engineer to be trust.

Contrary to my previous post, I’m back on a self-hosted wordpress weblog. The main reason for the change is that Google are discontinuing support for (s)FTP publishing in late March.

The transition over to WordPress was painless (though I did have to switch away from FTP publishing to make the posts importer work properly) and the admin interface has grown up a lot since I last installed it, I’m very impressed with how clean and efficient it’s become.

I’ve settled on this minimal theme for now, but I intend to make it my own over the next few months. In the mean time, you can hopefully expect more frequent updates as I intend to make this blog a staging area of sorts for my research, a means of clarifying and refining my thoughts.

With some pointers from friends I’ve beaten applescript into submission and coded up a script to automate the bluetooth iSync syncing with my phone.

The script opens up System Preferences and enables Bluetooth, then launches iSync and instructs it to sync. It will then leave Bluetooth in the state that it found it in.

The code is below for anyone who might find it handy Oh and for the record this is written to run on Mac OS X Leopard.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

display dialog "Sync?" buttons {"Ok", "Cancel"} default button 2
if the button returned of the result is "Cancel" then
    stop
end if
 
tell application "System Preferences"
    activate
    set current pane to pane "com.apple.preferences.Bluetooth"
 
        tell application "System Events" to tell window "Bluetooth" of process "System Preferences"
            set was_on to the value of checkbox "On"
 
            if value of checkbox "On" is equal to 0 then
                tell checkbox "On" to click
            end if
        end tell
    end tell
 
    tell application "iSync"
        synchronize
 
        repeat while (syncing is true)
            delay 5
        end repeat
        set syncStatus to sync status
 
        if syncStatus is not 2 then
            if syncStatus = 3 then
                set syncStatus to "completed with warnings"
            else if syncStatus = 4 then
                set syncStatus to "completed with errors"
            else if syncStatus = 5 then
                set syncStatus to "last sync cancelled"
            else if syncStatus = 6 then
                set syncStatus to "last sync failed to complete"
            else if syncStatus = 7 then
                set syncStatus to "never synced"
            end if
        display dialog "syncStatus: " & syncStatus
    end if
    quit
end tell
 
if was_on is equal to 0 then
    tell application "System Preferences"
        set current pane to pane "com.apple.preferences.Bluetooth"
 
        tell application "System Events" to tell window "Bluetooth" of process "System Preferences"
            if value of checkbox "On" is 1 then
                tell checkbox "On" to click
            end if
        end tell
        quit
    end tell
end if

At work I have 3 Operating systems installed on my PC; Ubuntu Linux, Vista and XP. Originally I only had Ubuntu and Vista, and a big empty portion of the disk intended for XP if I needed it.

Due to these existing partitions, and a USB media card reader, the Windows XP installer would decide label it’s system partition “H:”, instead of the usual “C:”. I’m not sure how much this would have broken, but it annoyed me to the point that I found a hack to fix it.

I found that grub (the linux boot-loader) on my Linux partition allows you to edit the partition table and set the Vista NTFS partition to ‘hidden’. The XP installer could still see there was a partition there, but it didn’t understand it, and thus labelled it’s new partition “C:”. XP will of course then proceed to clobber your existing bootloader, but that’s a common occurrence, and fixable from a LiveCD, google is your friend here.

You should also be able to use a copy of grub on a LiveCD to mark the partition as (un)hidden if you don’t have Linux on your system normally.

Apologies for any vagueness and lack of technical details, this post has been on the back burner for a few months now, and I’ve actually forgotten most of the details.

In contrast to my normal coding related posts, this one is a status update on what I’ve been up to in the time since the end of my undergraduate degree.

Summer 2008 saw the conclusion of my undergraduate Masters degree in Computer Science, four years of both challenging and interesting work, and a result I am proud of every time it crosses my mind.

Over the summer I undertook another internship with the ALADDIN project; blending HTML, CSS, Java, Javascript and a drop or two of PHP I converted the desktop application I built the previous summer into a cross platform web application. Situational Awareness visualises publicly available weather sensor data in real-time, and is available online.

Come October I started a PhD on Trust and the Semantic Web, supervised by Nicholas Gibbins. So far it’s been very interesting, and also in hindsight a very wise decision, given the current economic climate. I’m starting to see where my research is going now and how it fits into the wider picture of the Semantic Web and I’m due to start writing my 9 month progress report soon, which should help crystallise my ideas further.

In my spare time I’ve joined the Southampton Open Wireless Network society (SOWN) who lend out custom Wireless Access points to students around Southampton, allowing students to share their Wifi with members of the community. It’s been a lot of fun, a lot to learn and also a great outlet for any coding urges that I might have.

SOWN have some big news in the pipeline, and it’s exciting to see it coming together. We hope to have some media coverage of it closer to the time, so if you’re in the Southampton area you probably won’t miss it!