Loading…
ODRL Profile for Expressing Consent through Granular Access Control Policies in Solid
Solid, the emerging technology for organizing data in decentralized stores, relies on a simple authorization mechanism for granting access to data. Solid's personal online datastores (Pods) are ideal for keeping personal data, as they allow individuals to represent the access permissions in a v...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Conference Proceeding |
| Language: | English |
| Subjects: | |
| Online Access: | Request full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | |
| container_end_page | 306 |
| container_issue | |
| container_start_page | 298 |
| container_title | |
| container_volume | |
| creator | Esteves, Beatriz Pandit, Harshvardhan J. Rodriguez-Doncel, Victor |
| description | Solid, the emerging technology for organizing data in decentralized stores, relies on a simple authorization mechanism for granting access to data. Solid's personal online datastores (Pods) are ideal for keeping personal data, as they allow individuals to represent the access permissions in a very simple manner using Access Control Language (ACL) expressions. Whereas these expressions suffice for yes/no and read/write permissions, they cannot represent more complex rules nor invoke regulation-specific concepts. This paper describes an extension of the ACL language and algorithm to implement consent and data requests. The extension is based on the Open Digital Rights Language (ODRL) policy language, which allows expressing rich rules, and the Data Privacy Vocabulary (DPV), which permits invoking privacy and data protection-specific terms. Some usage examples illustrate this proposal. |
| doi_str_mv | 10.1109/EuroSPW54576.2021.00038 |
| format | conference_proceeding |
| fullrecord | <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_9583717</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9583717</ieee_id><sourcerecordid>9583717</sourcerecordid><originalsourceid>FETCH-LOGICAL-i252t-9d147bd1a90dbeac142ddf6ffe22b1cc8a422fabf144010ef420d9b02bbf3d003</originalsourceid><addsrcrecordid>eNotj1FLwzAUhaMgOOZ-gQ_mD3Tee5s27eOYcwqFDefwcSRNskVqM5IO9N-7oU_ng_Nx4DD2gDBFhPpxcYphs_4oRCHLKQHhFADy6opNallhWRYCAQmu2YhkWWVQFvKWTVL6vGgEAqAase3q6a3h6xic7yx3IfLF9zHalHy_5_PQJ9sPfDjEcNof-DKq_tSpyGdte1Yu_RBDx9eh8623ifueb85s7tiNU12yk_8cs-3z4n3-kjWr5et81mSeChqy2qCQ2qCqwWirWhRkjCuds0Qa27ZSgsgp7VAIQLBOEJhaA2ntcnN-MWb3f7veWrs7Rv-l4s-uLqpcosx_AR9DVF4</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>ODRL Profile for Expressing Consent through Granular Access Control Policies in Solid</title><source>IEEE Xplore All Conference Series</source><creator>Esteves, Beatriz ; Pandit, Harshvardhan J. ; Rodriguez-Doncel, Victor</creator><creatorcontrib>Esteves, Beatriz ; Pandit, Harshvardhan J. ; Rodriguez-Doncel, Victor</creatorcontrib><description>Solid, the emerging technology for organizing data in decentralized stores, relies on a simple authorization mechanism for granting access to data. Solid's personal online datastores (Pods) are ideal for keeping personal data, as they allow individuals to represent the access permissions in a very simple manner using Access Control Language (ACL) expressions. Whereas these expressions suffice for yes/no and read/write permissions, they cannot represent more complex rules nor invoke regulation-specific concepts. This paper describes an extension of the ACL language and algorithm to implement consent and data requests. The extension is based on the Open Digital Rights Language (ODRL) policy language, which allows expressing rich rules, and the Data Privacy Vocabulary (DPV), which permits invoking privacy and data protection-specific terms. Some usage examples illustrate this proposal.</description><identifier>EISSN: 2768-0657</identifier><identifier>EISBN: 9781665410120</identifier><identifier>EISBN: 1665410124</identifier><identifier>DOI: 10.1109/EuroSPW54576.2021.00038</identifier><identifier>CODEN: IEEPAD</identifier><language>eng</language><publisher>IEEE</publisher><subject>access control ; Authorization ; consent ; Data privacy ; data protection ; decentralized datastores ; DPV ; GDPR ; privacy ; regulatory compliance ; Shape ; Solids ; Vocabulary ; W3C</subject><ispartof>2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2021, p.298-306</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9583717$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,27923,54553,54930</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9583717$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Esteves, Beatriz</creatorcontrib><creatorcontrib>Pandit, Harshvardhan J.</creatorcontrib><creatorcontrib>Rodriguez-Doncel, Victor</creatorcontrib><title>ODRL Profile for Expressing Consent through Granular Access Control Policies in Solid</title><title>2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)</title><addtitle>EUROSPW</addtitle><description>Solid, the emerging technology for organizing data in decentralized stores, relies on a simple authorization mechanism for granting access to data. Solid's personal online datastores (Pods) are ideal for keeping personal data, as they allow individuals to represent the access permissions in a very simple manner using Access Control Language (ACL) expressions. Whereas these expressions suffice for yes/no and read/write permissions, they cannot represent more complex rules nor invoke regulation-specific concepts. This paper describes an extension of the ACL language and algorithm to implement consent and data requests. The extension is based on the Open Digital Rights Language (ODRL) policy language, which allows expressing rich rules, and the Data Privacy Vocabulary (DPV), which permits invoking privacy and data protection-specific terms. Some usage examples illustrate this proposal.</description><subject>access control</subject><subject>Authorization</subject><subject>consent</subject><subject>Data privacy</subject><subject>data protection</subject><subject>decentralized datastores</subject><subject>DPV</subject><subject>GDPR</subject><subject>privacy</subject><subject>regulatory compliance</subject><subject>Shape</subject><subject>Solids</subject><subject>Vocabulary</subject><subject>W3C</subject><issn>2768-0657</issn><isbn>9781665410120</isbn><isbn>1665410124</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2021</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotj1FLwzAUhaMgOOZ-gQ_mD3Tee5s27eOYcwqFDefwcSRNskVqM5IO9N-7oU_ng_Nx4DD2gDBFhPpxcYphs_4oRCHLKQHhFADy6opNallhWRYCAQmu2YhkWWVQFvKWTVL6vGgEAqAase3q6a3h6xic7yx3IfLF9zHalHy_5_PQJ9sPfDjEcNof-DKq_tSpyGdte1Yu_RBDx9eh8623ifueb85s7tiNU12yk_8cs-3z4n3-kjWr5et81mSeChqy2qCQ2qCqwWirWhRkjCuds0Qa27ZSgsgp7VAIQLBOEJhaA2ntcnN-MWb3f7veWrs7Rv-l4s-uLqpcosx_AR9DVF4</recordid><startdate>20210901</startdate><enddate>20210901</enddate><creator>Esteves, Beatriz</creator><creator>Pandit, Harshvardhan J.</creator><creator>Rodriguez-Doncel, Victor</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>20210901</creationdate><title>ODRL Profile for Expressing Consent through Granular Access Control Policies in Solid</title><author>Esteves, Beatriz ; Pandit, Harshvardhan J. ; Rodriguez-Doncel, Victor</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i252t-9d147bd1a90dbeac142ddf6ffe22b1cc8a422fabf144010ef420d9b02bbf3d003</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2021</creationdate><topic>access control</topic><topic>Authorization</topic><topic>consent</topic><topic>Data privacy</topic><topic>data protection</topic><topic>decentralized datastores</topic><topic>DPV</topic><topic>GDPR</topic><topic>privacy</topic><topic>regulatory compliance</topic><topic>Shape</topic><topic>Solids</topic><topic>Vocabulary</topic><topic>W3C</topic><toplevel>online_resources</toplevel><creatorcontrib>Esteves, Beatriz</creatorcontrib><creatorcontrib>Pandit, Harshvardhan J.</creatorcontrib><creatorcontrib>Rodriguez-Doncel, Victor</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Esteves, Beatriz</au><au>Pandit, Harshvardhan J.</au><au>Rodriguez-Doncel, Victor</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>ODRL Profile for Expressing Consent through Granular Access Control Policies in Solid</atitle><btitle>2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)</btitle><stitle>EUROSPW</stitle><date>2021-09-01</date><risdate>2021</risdate><spage>298</spage><epage>306</epage><pages>298-306</pages><eissn>2768-0657</eissn><eisbn>9781665410120</eisbn><eisbn>1665410124</eisbn><coden>IEEPAD</coden><abstract>Solid, the emerging technology for organizing data in decentralized stores, relies on a simple authorization mechanism for granting access to data. Solid's personal online datastores (Pods) are ideal for keeping personal data, as they allow individuals to represent the access permissions in a very simple manner using Access Control Language (ACL) expressions. Whereas these expressions suffice for yes/no and read/write permissions, they cannot represent more complex rules nor invoke regulation-specific concepts. This paper describes an extension of the ACL language and algorithm to implement consent and data requests. The extension is based on the Open Digital Rights Language (ODRL) policy language, which allows expressing rich rules, and the Data Privacy Vocabulary (DPV), which permits invoking privacy and data protection-specific terms. Some usage examples illustrate this proposal.</abstract><pub>IEEE</pub><doi>10.1109/EuroSPW54576.2021.00038</doi><tpages>9</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | EISSN: 2768-0657 |
| ispartof | 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2021, p.298-306 |
| issn | 2768-0657 |
| language | eng |
| recordid | cdi_ieee_primary_9583717 |
| source | IEEE Xplore All Conference Series |
| subjects | access control Authorization consent Data privacy data protection decentralized datastores DPV GDPR privacy regulatory compliance Shape Solids Vocabulary W3C |
| title | ODRL Profile for Expressing Consent through Granular Access Control Policies in Solid |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T11%3A50%3A47IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=ODRL%20Profile%20for%20Expressing%20Consent%20through%20Granular%20Access%20Control%20Policies%20in%20Solid&rft.btitle=2021%20IEEE%20European%20Symposium%20on%20Security%20and%20Privacy%20Workshops%20(EuroS&PW)&rft.au=Esteves,%20Beatriz&rft.date=2021-09-01&rft.spage=298&rft.epage=306&rft.pages=298-306&rft.eissn=2768-0657&rft.coden=IEEPAD&rft_id=info:doi/10.1109/EuroSPW54576.2021.00038&rft.eisbn=9781665410120&rft.eisbn_list=1665410124&rft_dat=%3Cieee_CHZPO%3E9583717%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i252t-9d147bd1a90dbeac142ddf6ffe22b1cc8a422fabf144010ef420d9b02bbf3d003%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=9583717&rfr_iscdi=true |