Metadata
- Position paper is joint work with Giles Hogben (JRC) and
Marco Casassa Mont, Siani Pearson (HP Labs Bristol)
- All authors' work is supported by the PRIME Project. PRIME
receives funding from EU's 6th Framework Programme, and the
Swiss Federal Office for Education and Science.
Let's order a movie.
- Service: Prove you're age 18; give your name and address.
- Client: Here's proof, but please be careful.
- Service promises to be careful, and deletes information
after 10 days.
Let's order a movie: Details.
- Service: This movie is not suitable for minors.
- Access control policy
- Rule type: Constraint, necessary condition.
- Some version of this rule is transmitted to the client
But I'm grown up! Really!
- Means of proof: A read-out of your passport's RFID
chip.
- Privacy preferences:
- I'll only give you that read-out and my address
if you promise to delete it within 10 days
- While you have this information, only process it on secure
facilities.
- Constraints, client-side.
- Multiple credentials case: Priorities according to the level
of privacy-friendliness.
Promises must be kept
-
Service agrees to:
- Using secure facilities
- assurance constraint on service's data processing
- necessary condition, service-side
- Delete data 10 days after the transaction: Obligation.
-
Constraints and event-condition-action rules; constructed out
of the preferences transmitted by the client.
Passing on data: Delivering the DVD.
- Home delivery of a DVD:
- Address information needs to be
shared with the delivery service.
- Continue to obey obligations.
- Store and exchange obligations along with instance data --
uniform storage and transmission format for obligations and
instance data.
- RDF
What obligations do to data
- Instance data in RDF
- An obligation must be linked to from the instance data it
applies to.
- The obligation must link back to the data it refers to.
- Delete that.
- Obfuscate that.
- What to use for that? Reification?
- Data-related actions: delete, obfuscate