Transcript policies

DataSpace
MIT Decentralized Information Group
Tim Berners-Lee
Lalana Kagal
Hal Abelson
Visitors:
Joe Pato (HP)
Danny Weitzner
Gerry Sussman
Latanya Sweeney (CMU)
Collaborators:
Joan Feigenbaum (Yale)
Jim Hendler & Deb McGuinness (RPI)
Wendy Hall & Nigel Shadbolt (Southampton)
1
Policy Awareness on the World-Wide Web
• Problem:
– Maintaining data use policies (privacy, security, ownership,
compliance) becomes infeasible as data bases become
increasingly interconnected via the Web
• Idea
– Tag information on the web with metadata that expresses
policy
– Use Semantic Web infrastructure so that metadata schemes
are open an extensible
– Develop rules and reasoning mechanisms that check for
adherence with policy
– Evaluate policies with reference to user preferences, user
data, Web data, operating context
• Benefits
– Enables flexible, decentralized approach to policy
management
– Permits local control (vs. global authorities)
– Can deal with contexts where access control is insufficient. 3
Information Accountability:
When information has been used, it should to possible
to determine what happened, and to pinpoint use
that is inappropriate
4
Augmenting information architecture to support
accountability
•
•
•
•
•
•
•
Information is annotated with provenance that identifies its source.
Data transfers and uses are logged so that chains of transfers have
audit trails
Databases and data providers supply machine-readable policies that
govern permissible uses of the data.
Automated reasoning engines use policies to determine whether data
use is appropriate.
Reasoning preserves context information and justifications supported
by truth-maintenance systems.
As data items are combined, the usage rules governing the
combinations are automatically deduced by means of a data-purpose
algebra
Users of manipulate information via policy-aware interfaces that can
enforce policies and/or signal non-compliant uses.
5
Use Case: Sharing of Data in Fusion Centers
Sender: Mia Analysa of Commonwealth Fusion Center
•
Data: Request for Information regarding Robert Guy
•
Receiver: Fedd Agenti of DHS
•
Is this allowed under policies of involved parties ?
•
6
Policy reasoning result in Justification UI
7
Exploring Policy Reasoning Results
8
9
AIR: A Policy Language for Usage Rules
:Rule1 a air:Belief-rule;
air:variable :U2;
air:variable :P2;
air:variable :AP;
air:label "FirstAIRRule";
air:pattern
{
:U2 a air:UseEvent;
:refers-to [ a mit:ProxCardEvent ];
:purpose P2;
:UseEvent :allowed-purposes :AP.
:P2 is-member-of :AP
};
air:assert { :U2 :validPurpose :P2 }.
10
DSpace @ MIT enforces privacy policy at http://libraries.mit.edu/dspace-mit/build/policies/privacy.html
@prefix : <http://www.dspace.org/rules#> .
@prefix action: <http://www.cs.umbc.edu/~lkagal1/rei/ontologies/ReiAction.owl#> .
@prefix constraint: <http://www.cs.umbc.edu/~lkagal1/rei/ontologies/ReiConstraint.owl#> .
...
:CU0002UserPrivacy a policy:Policy;
policy:context :MITLibrariesPrivacyPolicy;
policy:grants :UserProvdePersonalInfo;
policy:grants :UsePersonalInfo;
policy:grants :DoNotDisclosePersonalInfo;
policy:grants :DoRemovePersonalInfo .
:UserProvidePersonalInfo a deontic:Obligation;
deontic:actor :varPerson;
deontic:action :ProvidePersonalInfo;
deontic:context :EventParticipationAndAlertSubscription;
policy:desc "DSpace requires users to provide personal information if they:
1. are involved in the submission of DSpace content and metadata
2. subscribe to the DSpace alerting service" .
:ProvidePersonalInfo a action:Action;
a history:ModifyMetadata;
action:actor :varPerson;
action:target :varPersonInfo;
policy:desc "Provide Personal Information is the act of
supplying the metadata recorded as an EPerson's object in DSpace.".
A snippet of
DSpace policy,
expressed in
REI