Inflexible and simplistic security and access control for the decentralized environment of the World Wide Web have hampered the full development of the Web as a social information space because, in general, the lack of sufficiently sophisticated information controls leads to unwillingness to share information. This problem is greatly exacerbated when information must be shared between parties that don’t have reexisting information sharing policies, and where the „granularity“ of the information to be shared is coarse – that is, where access is granted to an entire website or data resource because policy control mechanisms for access at a finer-grained level aren’t available. Even large intranets and controlled-access Webs, face these problems as the amount of information and the number of information seekers grow. Thus, despite ever-greater amounts of useful information residing on the Web in a machine-retrieval form, reluctance to share that information remains and is likely to increase.
In this chapter, we will argue that a new generation of Policy-Aware Web technology can hold the key for providing open, distributed and scaleable information access on the World Wide Web. Our approach provides for the publication of declarative access policies in a way that allows significant transparency for sharing among partners
without requiring pre-agreement. In addition, greater control over information release can be placed in the hands of the information owner, allowing discretionary (rather than mandatory) access control to flourish.
This is what we probably need.