
A policy-oriented architecture for enforcing consent in solid
- Author
- Laurens Debackere, Pieter Colpaert (UGent) , Ruben Taelman (UGent) and Ruben Verborgh (UGent)
- Organization
- Abstract
- The Solid project aims to restore end-users' control over their data by decoupling services and applications from data storage. To realize data governance by the user, the Solid Protocol 0.9 relies onWeb Access Control, which has limited expressivity and interpretability. In contrast, recent privacy and data protection regulations impose strict requirements on personal data processing applications and the scope of their operation. The Web Access Control mechanism lacks the granularity and contextual awareness needed to enforce these regulatory requirements. Therefore, we suggest a possible architecture for relating Solid's low-level technical access control rules with higher-level concepts such as the legal basis and purpose for data processing, the abstract types of information being processed, and the data sharing preferences of the data subject. Our architecture combines recent technical efforts by the Solid community panels with prior proposals made by researchers on the use of ODRL and SPECIAL policies as an extension to Solid's authorization mechanism. While our approach appears to avoid a number of pitfalls identified in previous research, further work is needed before it can be implemented and used in a practical setting.
- Keywords
- Access Control, ODRL, Semantic Web, Consent, Solid
Downloads
-
(...).pdf
- full text (Published version)
- |
- UGent only
- |
- |
- 614.34 KB
Citation
Please use this url to cite or link to this publication: http://hdl.handle.net/1854/LU-8752108
- MLA
- Debackere, Laurens, et al. “A Policy-Oriented Architecture for Enforcing Consent in Solid.” COMPANION PROCEEDINGS OF THE WEB CONFERENCE 2022, WWW 2022 COMPANION, edited by Frédérique Laforest et al., Association for Computing Machinery (ACM), 2022, pp. 516–24, doi:10.1145/3487553.3524630.
- APA
- Debackere, L., Colpaert, P., Taelman, R., & Verborgh, R. (2022). A policy-oriented architecture for enforcing consent in solid. In F. Laforest, R. Troncy, & L. Médini (Eds.), COMPANION PROCEEDINGS OF THE WEB CONFERENCE 2022, WWW 2022 COMPANION (pp. 516–524). https://doi.org/10.1145/3487553.3524630
- Chicago author-date
- Debackere, Laurens, Pieter Colpaert, Ruben Taelman, and Ruben Verborgh. 2022. “A Policy-Oriented Architecture for Enforcing Consent in Solid.” In COMPANION PROCEEDINGS OF THE WEB CONFERENCE 2022, WWW 2022 COMPANION, edited by Frédérique Laforest, Raphaël Troncy, and Lionel Médini, 516–24. Association for Computing Machinery (ACM). https://doi.org/10.1145/3487553.3524630.
- Chicago author-date (all authors)
- Debackere, Laurens, Pieter Colpaert, Ruben Taelman, and Ruben Verborgh. 2022. “A Policy-Oriented Architecture for Enforcing Consent in Solid.” In COMPANION PROCEEDINGS OF THE WEB CONFERENCE 2022, WWW 2022 COMPANION, ed by. Frédérique Laforest, Raphaël Troncy, and Lionel Médini, 516–524. Association for Computing Machinery (ACM). doi:10.1145/3487553.3524630.
- Vancouver
- 1.Debackere L, Colpaert P, Taelman R, Verborgh R. A policy-oriented architecture for enforcing consent in solid. In: Laforest F, Troncy R, Médini L, editors. COMPANION PROCEEDINGS OF THE WEB CONFERENCE 2022, WWW 2022 COMPANION. Association for Computing Machinery (ACM); 2022. p. 516–24.
- IEEE
- [1]L. Debackere, P. Colpaert, R. Taelman, and R. Verborgh, “A policy-oriented architecture for enforcing consent in solid,” in COMPANION PROCEEDINGS OF THE WEB CONFERENCE 2022, WWW 2022 COMPANION, Online, 2022, pp. 516–524.
@inproceedings{8752108, abstract = {{The Solid project aims to restore end-users' control over their data by decoupling services and applications from data storage. To realize data governance by the user, the Solid Protocol 0.9 relies onWeb Access Control, which has limited expressivity and interpretability. In contrast, recent privacy and data protection regulations impose strict requirements on personal data processing applications and the scope of their operation. The Web Access Control mechanism lacks the granularity and contextual awareness needed to enforce these regulatory requirements. Therefore, we suggest a possible architecture for relating Solid's low-level technical access control rules with higher-level concepts such as the legal basis and purpose for data processing, the abstract types of information being processed, and the data sharing preferences of the data subject. Our architecture combines recent technical efforts by the Solid community panels with prior proposals made by researchers on the use of ODRL and SPECIAL policies as an extension to Solid's authorization mechanism. While our approach appears to avoid a number of pitfalls identified in previous research, further work is needed before it can be implemented and used in a practical setting.}}, author = {{Debackere, Laurens and Colpaert, Pieter and Taelman, Ruben and Verborgh, Ruben}}, booktitle = {{COMPANION PROCEEDINGS OF THE WEB CONFERENCE 2022, WWW 2022 COMPANION}}, editor = {{Laforest, Frédérique and Troncy, Raphaël and Médini, Lionel}}, isbn = {{9781450391306}}, keywords = {{Access Control,ODRL,Semantic Web,Consent,Solid}}, language = {{eng}}, location = {{Online}}, pages = {{516--524}}, publisher = {{Association for Computing Machinery (ACM)}}, title = {{A policy-oriented architecture for enforcing consent in solid}}, url = {{http://doi.org/10.1145/3487553.3524630}}, year = {{2022}}, }
- Altmetric
- View in Altmetric
- Web of Science
- Times cited: