policies composition based on data usage context
TRANSCRIPT
Policies Composition Based on Data Usage Context
Valeria Soto-Mendoza, Patricia Serrano-Alvarado, Emmanuel Desmontils, José-Antonio García-Macías
1
In International Workshop on Consuming Linked Data (COLD) at ISWC, 12 pages,
Bethlehem, Pennsylvania, United States,12 October 2015
https://hal.archives-ouvertes.fr/hal-01184660
Problem
• Massive production and usage of (personal) data
• Usage policies should be defined for every data (PriLoo, ODRL, PPo, l4all, CC, GPL, etc.)
• But in a collaborative application combining data, which will be the usage policy of the resulting data?
12/01/16 2
Our goal
• A method to combine policies – based on semantic web technologies
(ontologies, reasoning rules, rdf,…) – considering usage context – easy to extend
12/01/16 3
Proposed approach
• Federation of personal data servers servers (e.g., SPARQL endpoints)
• Usage policies linked to personal data
• Federated query • Before query evaluation,
PrODUCE makes policies composition
PrODUCE is a mechanism for policies composition based on semantic web technologies
12/01/16 4
PriLoo usage policies
Like other policies, but in addition they describe: • the contexte under
which data should be used – Usage purposes, usage
duration, usage locality, storage locality, etc.
• What to do with non-explicit terms/properties – implicitProperties (all-
but-prohibited, all-but-permitted-or-obliged)
• Families of licensesPriLoo ontology http://www.privacy-lookout.net/pluxml/index.php
12/01/16 5
Some details
• For ImplicitStatus, two values are allowed: – all-but-prohibited, to prohibit all implicit terms and – all-but-permits-or-obliges, to permit or to oblige
implicit terms
• LegalTerms, Operations and Purposes are terms structured in a hierarchical tree – For instance, LegalTerm “moral rights preserve”
inherits of “rights preserve”, consultation purpose inherits of medical purpose
– For legal terms, operations and purposes defined in PriLoo, see http://privacy-lookout.net/ontologies/2015/06/28/pl-usage-terms.n3
12/01/16 6
PriLoo – available usage policies
• Several standard licenses have been defined in PriLoo like CC-By or Beerware
http://privacy-lookout.net/ontologies/2015/06/28/pl-licenses.n3
12/01/16 7
lic:Beerware a pl:License ; rdfs:label "Beer-ware Licence (Revision 42)"@en ; rdfs:comment "If we meet some day, and you think this stuff is worth it, you can buy me a beer in return"@en ; pl:legalTermsURL "http://people.freebsd.org/~phk/"^^xsd:anyURI ; pl:memberOfTheFamily lic:PublicDomain ; pl:permitedOperation operation:rename ; pl:obligedLegalTerm term:copyrightNotice ; pl:permitedLegalTerm term:warranty .
lic:CC-BYv3 a pl:License ; rdfs:label "CC BY 3.0"@en , "CC BY 3.0"@fr ; rdfs:comment "Creative Commons Attribution 3.0 Unported"@en ; pl:obligedLegalTerm term:by ; pl:legalTermsURL "http://creativecommons.org/licenses/by/3.0/legalcode"^^xsd:anyURI ; pl:memberOfTheFamily lic:CreativeCommonsFreeCulture ; pl:permitedOperation operation:write ; owl:sameAs sc_registro:CC-BY_1, <http://creativecommons.org/licenses/by/3.0/> .
PrODUCE composition process
• Stage 0 applies ontology-based rules to consider data usage context: Bussines rules, propagation rules, implicit management rules
• Stage 1 applies operators AND and OR: AND for permissions, OR for prohibitions/obligations
• Stage 2 uses priorities to resolve conflicts: 1 for original terms, 2 for terms produced by bussines rule, 3 for rules produced by implicit management and propagation rules
12/01/16 8
A custom usage policy#Policy 1 1. :License1 a pl:License ; 2. pl:permits operation:read .
3. :PUCelder1 a pl:PUC ; 4. pl:permits purpose:scientific, purpose:medical ; 5. pl:prohibits purpose:tracking ; 6. pl:object <Resident1PersonalData.n3> ; 7. pl:hasLicense :License1 ; 8. pl:duration ”P0Y0M2D”ˆ ˆ xsd:duration ; 9. pl:maxUses ”3”ˆ ˆ xsd:integer ; 10.pl:grantee <http://www.clinicasantaclarita.com/ 11 Dr Clemente Humberto
Zuniga Gil.html>, 11.<http://serenaseniorcare.com/>, <http://www.cicese.edu.mx/> ; 12.pl:grantor <Resident1.n3> ; 13.pl:usageLocality <http://dbpedia.org/resource/Mexico>, <http://
dbpedia.org/resource/USA> ; 14.pl:storageLocality <http://dbpedia.org/resource/Mexico> .
12/01/16 9
Example of composition
#Policy 1 1. :License1 a pl:License ; 2. pl:permits operation:read .
3. :PUCelder1 a pl:PUC ; 4. pl:permits purpose:scientific, purpose:medical ; 5. pl:prohibits purpose:tracking ; 6. pl:object <Resident1PersonalData.n3> ; 7. pl:hasLicense :License1 ; 8. pl:duration ”P0Y0M2D”ˆ ˆ xsd:duration ; 9. pl:maxUses ”3”ˆ ˆ xsd:integer ; 10. pl:grantee <http://www.clinicasantaclarita.com/ 11 Dr Clemente
Humberto Zuniga Gil.html>, 11. <http://serenaseniorcare.com/>, <http://www.cicese.edu.mx/> ;
#Policy 4 1 :License4 a pl:License ; 2 pl:permits operation:sharing, operation:publishing, 3 operation:distribute, operation:read ; 4 pl:obliges legalTerm:by .
5 :PUCelder3 a pl:PUC ; 6 pl:permits purpose:scientific, purpose:medical, 7 purpose:wellbeing, purpose:consultation, 8 purpose:comercial ; 9 pl:object <Resident3PersonalData.n3> ; 10 pl:hasLicense :License4 ; 11 pl:duration "P0Y0M2D"^ ^ xsd:duration ; 12 pl:maxUses "3"^ ^ xsd:integer ; 13 pl:grantee <http://serenaseniorcare.com/>, 14 <http://www.cinicasantaclarita.com/Dr Clemente Humberto 15 Zuniga Gil.html> ; 16 pl:grantor <Resident3.n3> ; 17 pl:usageLocality <http://dbpedia.org/resource/Mexico>, 18 <http://dbpedia.org/resource/USA> ; 19 pl:storageLocality <http://dbpedia.org/resource/Mexico>, 20 <http://dbpedia.org/resource/USA> .
#Policy 5 1 :License5 a pl:License ; 2 pl:permits operation:distribute, operation:read ; 3 pl:obliges legalTerm:by .
4 :PUCelder2 a pl:PUC ; 5 pl:permits purpose:scientific, purpose:tracking ; 6 pl:prohibits purpose:commercial, purpose:medical ; 7 pl:object <Resident2PersonalData.n3> ; 8 pl:hasLicense :License5 ; 9 pl:duration "P0Y0M2D"^ ^ xsd:duration ; 10 pl:maxUses "3"^ ^ xsd:integer ; 11 pl:grantee <http://serenaseniorcare.com/> ; 12 pl:grantor <Resident2.n3> ; 13 pl:usageLocality <http://dbpedia.org/resource/Mexico> ; 14 pl:storageLocality <http://dbpedia.org/resource/Mexico> .
12/01/16 10
Query for scientific purposes wanting access to elders data
Stage 0 Pre-processing #Policy 1 extended 1. :License1 a pl:License ; 2. pl:obliges legalTerm:fairDealing, legalTerm:constraintDerivative, legalTerm:waiver, 3. legalTerm:otherRightsPreserve, legalTerm:copyrightNotice, legalTerm:warranty, legalTerm:history, 4. legalTerm:sa, legalTerm:notice, legalTerm:holdLiable, legalTerm:lesserCopyLeft, legalTerm:by, 5. legalTerm:origin, legalTerm:PublicDomainPreserve, legalTerm:moralRightsPreserve, 6. legalTerm:limitedCommercial, legalTerm:freeSourceCode, legalTerm:rightsPreserve ; 7. pl:prohibits operation:rename, operation:write ; 8. pl:permits operation:read , operation:distribute , operation:publishing .
9. :PUCelder1 a pl:PUC ; 10.pl:begin "2014-02-03T00:00:00.000+01:00" ; 11.pl:duration "P0Y0M2D"^ ^ xsd:duration ; 12.pl:grantee <http://serenaseniorcare.com/> ; 13.pl:grantor <Resident1.n3> ; 14. pl:hasLicense :License1 ; 15.pl:implicitProperties pl:all-but-prohibited ; 16.pl:object <Resident1PersonalData.n3> ; 17. pl:permits purpose:consultation , 18. purpose:scientific , purpose:medical ; 19.pl:prohibits purpose:tracking , purpose:sales , 20. purpose:commercial , purpose:care, purpose:gift, 21. purpose:privateUse, purpose:wellbeing, 22. purpose:management ; 23.pl:storageLocality <http://dbpedia.org/resource/Mexico> ; 24. pl:usageLocality <http://dbpedia.org/resource/Mexico>, 25.<http://dbpedia.org/resource/USA> ; 26.pl:maxUses ”3”ˆ ˆ xsd:integer .
#Policy 1 1. :License1 a pl:License ; 2. pl:permits operation:read .
3. :PUCelder1 a pl:PUC ; 4. pl:permits purpose:scientific, purpose:medical ; 5. pl:prohibits purpose:tracking ; 6. pl:object <Resident1PersonalData.n3> ; 7. pl:hasLicense :License1 ; 8. pl:duration ”P0Y0M2D”ˆ ˆ xsd:duration ; 9. pl:maxUses ”3”ˆ ˆ xsd:integer ; 10. pl:grantee <http://www.clinicasantaclarita.com/ 11 Dr Clemente
Humberto Zuniga Gil.html>, 11. <http://serenaseniorcare.com/>, <http://www.cicese.edu.mx/>
; 12. pl:grantor <Resident1.n3> ; 13. pl:usageLocality <http://dbpedia.org/resource/Mexico>,
<http://dbpedia.org/resource/USA> ; 14. pl:storageLocality <http://dbpedia.org/resource/Mexico> .
Scientific and medical purposes generate
obligations, prohibitions, implicit properties and other
purposes.
12/01/16 11
Stage 1 – composition operations (1/2)
#Policy 1 extended 1. :License1 a pl:License ; 2. pl:obliges legalTerm:fairDealing, legalTerm:constraintDerivative, legalTerm:waiver, … ; 3. pl:prohibits operation:rename, operation:write ; 4. pl:permits operation:read , operation:distribute , operation:publishing .
5. :PUCelder1 a pl:PUC ; 6. pl:begin "2014-02-03T00:00:00.000+01:00" ; 7. pl:duration "P0Y0M2D"^ ^ xsd:duration ; 8. pl:getPurposeFrom :License1 ; 9. pl:grantee <http://serenaseniorcare.com/> ; 10.pl:grantor <Resident1.n3> ; 11.pl:hasLicense :License1 ; 12.pl:implicitProperties pl:all-but-prohibited ; 13.pl:object <Resident1PersonalData.n3> ; 14. pl:permits purpose:consultation , purpose:scientific , purpose:tracking , purpose:medical ; 15.pl:prohibits purpose:sales , purpose:commercial , purpose:care, purpose:gift, purpose:privateUse, 16.purpose:wellbeing, purpose:management ; 17. pl:storageLocality <http://dbpedia.org/resource/Mexico> ;
#Policy 4 extended 1. :License4 a pl:License ; 2. pl:obliges legalTerm:by, legalTerm:constraintDerivative ; 3. pl:prohibits legalTerm:otherRightsPreserve, legalTerm:copyrightNotice, legalTerm:warranty, … ; 4. pl:permits operation:read, operation:sharing, operation:publishing .
5. :PUCelder3 a pl:PUC ; 6. pl:begin "2014-02-03T00:00:00.000+01:00" ; 7. pl:duration "P0Y0M2D"^ ^ xsd:duration ; 8. pl:getPurposeFrom :License4 ; 9. pl:grantee <http://serenaseniorcare.com/> ; 10.pl:grantor <Resident3.n3> ;
Model Operator Description
Permits operation/purpose ANDAn operation or purpose is permitted in the composed policy if it appears in all policies.
Prohibits operation/purpose/legalTerm OR
An operation, purpose or legalTerm is prohibited in the composed policy if it appears in at least one policy.
Obliges legalTerm ORA legalTerm is obligated in the composed policy if it appears in at least one policy.
Operators applied for legalTerms and
operations in the licenses.
12/01/16 12
#Policy 5 extended 1. :License5 a pl:License ; 2. pl:obliges legalTerm:fairDealing , legalTerm:otherRightsPreserve, legalTerm:copyrightNotice, legalTerm:warranty, … ; 3. pl:permits operation:read, operation:sharing, operation:rename, operation:distribute, operation:publishing, … .
4. :PUCelder2 a pl:PUC ;
Stage 1 – composition operations (2/2)
#Policy 1 extended 1. … 2. :PUCelder1 a pl:PUC ; 2. pl:permits purpose:consultation , purpose:scientific , purpose:tracking , purpose:medical ; 3. pl:prohibits purpose:sales , purpose:commercial , purpose:care, purpose:gift, purpose:privateUse, … ; 4. … .
#Policy 4 extended 1. … 2. :PUCelder3 a pl:PUC ; 3. pl:permits purpose:wellbeing, purpose:management , purpose:commercial , purpose:tracking , 4. purpose:consultation , purpose:scientific, purpose:sales, purpose:medical, purpose:care, purpose:gift ; 5. pl:prohibits purpose:privateUse ; 6. … .
Model Operator Description
Permits operation/purpose ANDAn operation or purpose is permitted in the composed policy if it appears in all policies.
Prohibits operation/purpose/legalTerm OR
An operation, purpose or legalTerm is prohibited in the composed policy if it appears in at least one policy.
Obliges legalTerm ORA legalTerm is obligated in the composed policy if it appears in at least one policy.
Operators applied to purposes in the PUC.
12/01/16 13
#Policy 5 extended 1. … 2. :PUC elder2 a pl:PUC ; 3. pl:permits purpose:management, purpose:scientific, purpose:tracking, purpose:privateUse, purpose:care, purpose:wellbeing ; 4. pl:prohibits purpose:sales, purpose:commercial, purpose:medical, purpose:gift, purpose:consultation ; 5. … .
Stage 2 – solution of conflicts
12/01/16 14
• Based on priorities – High priority: original terms/purposes – Medium priority: terms/purposes added by business rules – Low priority: terms/purposes added by implicit management and propagation
rules
• In addition – If same priority for a permitted term/purpose that is prohibited in at least one
policy, then it will not be included in the final policy; – if two terms are not compatible then one of them is chosen based on the
requester purposes;#Composite policy 1. :scientificCompositePolicy a pl:License ; 2. pl:obliges legalTerm:moralRightsPreserve, legalTerm:by, legalTerm:notice, 3. legalTerm:lesserCopyLeft, legalTerm:holdLiable, legalTerm:fairDealing, legalTerm:origin, 4. legalTerm:rightsPreserve, legalTerm:publicDomainPreserve, legalTerm:warranty, 5. legalTerm:copyrightNotice, legalTerm:waiver, legalTerm:sa, legalTerm:otherRightsPreserve, 6. legalTerm:constraintDerivative, legalTerm:history, legalTerm:freeSourceCode, legalTerm:limitedCommercial ; 7. pl:permits operation:publishing, operation:read ; 8. pl:prohibits operation:rename, operation:write, operation:using, operation:distribute, operation:derivative, 9. operation:copy, operation:sharing, operation:unlimitedDisclosure, legalTerm:publicDomainPreserve, 10. legalTerm:waiver, legalTerm:fairDealing, legalTerm:otherRightsPreserve, legalTerm:holdLiable, 11. legalTerm:coyrightNotice, legalTerm:warranty, legalTerm:sa, legalTerm:rightsPreserve, legalTerm:lesserCopyLeft, 12. legalTerm:by, legalTerm:history, legalTerm:moralRightsPreserve, legalTerm:freeSourceCode, legalTerm:origin, 13. legalTerm:notice .
14. :escenario2 a pl:PUC ;
Resulting composed policy#Composite policy 1. :scientificCompositePolicy a pl:License ; 2. pl:obliges legalTerm:moralRightsPreserve, legalTerm:by, legalTerm:notice, 3. legalTerm:lesserCopyLeft, legalTerm:holdLiable, legalTerm:fairDealing, 4. legalTerm:origin, legalTerm:rightsPreserve, legalTerm:publicDomainPreserve, 5. legalTerm:warranty, legalTerm:copyrightNotice, legalTerm:waiver, 6. legalTerm:sa, legalTerm:otherRightsPreserve, legalTerm:constraintDerivative, 7. legalTerm:history, legalTerm:freeSourceCode, legalTerm:limitedCommercial ; 8. pl:permits operation:publishing, operation:read ; 9. pl:prohibits operation:rename, operation:using, operation:distribute, 10. operation:derivative, operation:copy, operation:sharing, 11. operation:unlimitedDisclosure, operation:write .
12. :escenario2 a pl:PUC ; 13.pl:permits purpose:scientific ; 14. pl:prohibits purpose:consultation, purpose:care, purpose:tracking, 15.purpose:management, purpose:sales, purpose:privateUse, purpose:commercial, 16.purpose:gift, purpose:medical, purpose:welllbeing ; 17. pl:object <CompositePersonalData.n3> ; 18.pl:hasLicense :scientificCompositePolicy ; 19.pl:duration "P0Y0M2D"^ ^ xsd:duration ; 20.pl:maxUses "3"^ ^ xsd:integer ; 21.pl:grantee <http://cicese.edu.mx/> ; 22.pl:grantor <Resident1.n3>, <Resident2.n3>, <Resident3.n3> ; 23.pl:usageLocality <http://dbpedia.org/resource/Mexico> ; 24. pl:storageLocality <http://dbpedia.org/resource/Mexico> .
12/01/16 15
Positioning with the state of the art
16
Gangadharan, et al.
Mesiti, et al. Villata, et al. PrODUCE
Context Web services MPEG resources Web of data Web of data
Policies representation Ontology-based Set of grants Ontology-based Ontology-based
ModelsPermission,
requirement, constraint
-Permissions, obligations, prohibitions
Permissions, obligations, prohibitions
Terms
By scopes. Rights:{adaptation, composition, derivation, attribution,
shareAlike, non-commercial}, Financial:
{peruse,payment}
By groups. Use:{play, print, execute}, Manage:{install, uninstall, move, delete}, Transformation:{reduce, enlarge, modify, diminish enhance, adapt, embed}
DerivativeWorks, Sharing, Distribution, Reproduction,
Notice, Attribution, ShareAlike, SourceCode,
CopyLeft, NonCommercial, Commercial,
HighIncomeNationUse
Operations:{read, write, unlimitedDisclosure,rename
}, terms:{notice, copyrightNotice, waranty, holdliable, fairDealing}, purposes:{commercial,
private, medical, scientific}
Composition rules Meaning-based Group-based Deontic logic-
basedOntology-based
Unspecified terms
Rules case-by-case
- Conservative decision
Decision based on the data-usage
context
Data-usage context No
Yes (only usage purpose in the composition
request)
No Yes17
Perspectives
• Custom policies and resulting policies are legal ? We have to talk with Jurists…
• To define new rules for contextual aspects like Laws of the usage and storage locations of concerned data
• To construct a feedback when the policies combination is not possible
12/01/16 18
12/01/16 19