ODRL Linked Data Profile
Design decisions
Generalities
What is the ODRL Linked Data Profile The ODRL Linked Data Profile is the ODRL profile for declaring intellectual property rights and access policies to Linked Data. The profile takes the form of:
- A set of new triples to be added to the ODRL Ontology
- Constraints for a subset of the ODRL Common Vocabulary to be used
Namespaces
After this work is finished, a W3C permanent URI will be requested to the ODRL Community Group. For the purpose of edition, this document assumes the prefix to be "odrl-ld".
Actions
To define a limited subset of actions, either from the ODRL common vocabulary or extended to satisfy the requirements The proposal is to add the following statements derived from the SPARQL query forms
odrl-ld:select a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL SELECT"@en ; rdfs:comment "Action that returns all, or a subset of, the variables bound in a query pattern match."@en . odrl-ld:construct a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL CONSTRUCT"@en ; rdfs:comment "Returns an RDF graph constructed by substituting variables in a set of triple templates."@en . odrl-ld:ask a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL ASK"@en ; rdfs:comment "Returns a boolean indicating whether a query pattern matches or not."@en . odrl-ld:describe a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL DESCRIBE"@en ; rdfs:comment "Returns an RDF graph that describes the resources found."@en . odrl-ld:insert-data a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL INSERT"@en ; rdfs:comment "Adds some triples, given inline in the request, into the Graph Store."@en . odrl-ld:delete-data a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL DELETE"@en ; rdfs:comment "Removes some triples, given inline in the request."@en . odrl-ld:load a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL LOAD"@en ; rdfs:comment "Reads an RDF document from a IRI and inserts its triples into the specified graph in the Graph Store."@en . odrl-ld:clear a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL CLEAR"@en ; rdfs:comment "removes all the triples in the specified graph(s) in the Graph Store."@en . odrl-ld:graph-create a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL GRAPH CREATE"@en ; rdfs:comment "creates a new graph in stores that support empty graphs."@en . odrl-ld:graph-drop a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL GRAPH DROP"@en ; rdfs:comment "removes a graph and all of its contents."@en . odrl-ld:graph-copy a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL GRAPH COPY"@en ; rdfs:comment "modifies a graph to contain a copy of another."@en . odrl-ld:graph-move a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL GRAPH MOVE"@en ; rdfs:comment "moves all of the data from one graph into another."@en . odrl-ld:graph-add a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "SPARQL GRAPH ADD"@en ; rdfs:comment "reproduces all data from one graph into another."@en .
Also, derived from the requirements of the Linked Data Platform for access control, the following CRUD actions are to be added:
odrl-ld:create a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "HTTP CREATE"@en ; rdfs:comment "Creates a resource identified by a URL."@en . odrl-ld:read a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "HTTP READ"@en ; rdfs:comment "Creates a resource identified by a URL."@en . odrl-ld:update a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "HTTP UPDATE"@en ; rdfs:comment "Updates or patches a resource identified by a URL."@en . odrl-ld:delete a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "HTTP DELETE"@en ; rdfs:comment "Deletes a resource identified by a URL."@en .
Assets
The following triples are to be added so that LD resources can be described:
odrl-ld:LinkedDataResource a odrl:Asset . rdf:Statement a odrl-ld:LinkedDataResource . void:Dataset a odrl-ld:LinkedDataResource . void:Linkset a odrl-ld:LinkedDataResource . owl:Ontology a odrl-ld:LinkedDataResource . ldp:Resource a odrl-ld:LinkedDataResource . ldp:Container a odrl-ld:LinkedDataResource .
From a legal perspective, linked data can be subject to ip law, database law and data protection law among others. The legal status may vary from jurisdiction to jurisdiction, but at least the following properties can be asserted by the linked data publishers.
odrl-ld:hasLegalStatus a owl:ObjectProperty ; rdfs:domain odrl-ld:LinkedDataResource ; rdfs:range odrl-ld:LegalStatus . odrl-ld:LegalStatus a owl:Class . odrl-ld:hasIPRights a odrl-ld:LegalStatus . odrl-ld:hasDatabaseRights a odrl-ld:LegalStatus . odrl-ld:hasPersonalDataRights a odrl-ld:LegalStatus .
How each requirement is satisfied
Considering the requirements gathered in the wiki, they are solved:
- RA1 and S4 - New actions for Linked Data have been defined
- S2 - New subclasses of Asset have been specifically declared covering the most common LD resources
User Stories
S1: Monetary Benefit
As owner of an asset, I want to be able to charge consumers for using my data. This fee should depend on the nature of use as well as data they actually want to consume.
Example
<http://example.com/policy:S1> a odrl:Agreement; odrl:permission [ a odrl:Permission; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:assignee <http://example.com/consumer:1> ; odrl:action odrl-ld:query ; odrl:duty [ a odrl:Duty ; odrl:action odrl:compensate; odrl:constraint [ a odrl:Constraint ; odrl:payAmount 50.00 ; odrl:operator odrl:eq ; odrl:unit <http://cvx.iptc.org/iso4217a:AUD> ] ; odrl:constraint [ a odrl:Constraint ; odrl:operator odrl:eq ; odrl:purpose odrl-ld:ask ] ] .
Required New Concepts
odrl-ld:query a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "Query"@en ; rdfs:comment "Action of querying a certain asset."@en .
S2: Granularity
As owner of an asset, I want to be able to define policies for different levels of granularity of data. It should be possible to operate on triple level, subgraph level, as well as on the entire RDF graph representing the data itself.
Example
Required New Concepts
rdf:Statement a odrl:Asset . void:Dataset a odrl:Asset . void:Linkset a odrl:Asset . owl:Ontology a odrl:Asset . ldp:Resource a odrl:Asset . ldp:Container a odrl:Asset .
S3: Licensing
As owner of an asset, I want to be able to define licensing conditions for that dataset. Those conditions must be as expressive as common license vocabularies (cf. Creative Commons, etc.), i.e. pre-defined data licenses like PDDL, CC-Family, ODC, etc. must be representable.
Example (CC-BY-NC-SA)
<http://example.com/policy:S3> a odrl-ld:License; odrl:permission [ a odrl:Permission; odrl:action odrl:reproduce, odrl:distribute, odrl:derive; odrl:duty odrl:attribution, odrl:attachPolicy, odrl:shareAlike ] ; odrl:prohibition odrl:commercialize .
Required New Concepts
odrl-ld:License a rdfs:Class , owl:Class ; rdfs:isDefinedBy odrl-ld: ; rdfs:subClassOf :Policy ; owl:disjointWith :Offer, :Privacy, :Request, :Set, :Ticket, :Agreement ; rdfs:label "License"@en ; rdfs:comment "Policy expressions that represent pre-defined data licenses like PDDL, CC-Family, ODC originating from common license vocabularies (cf. Creative Commons, etc.)"@en .
S4: Actions relevant to Linked Data
As owner of an asset, I want to be able to use/restrict actions which are relevant to Linked Data scenarios. Such actions include (but are not limited to): querying data, aggregating data, reading data, etc..
Example
Required New Concepts
S5: Defining Preconditions for Policies
As owner of an asset, I want to be able to define preconditions for my policies. It should be possible to state, that certain policies only apply within certain scenarios (i.e. when their precondition(s) hold). Those policies can include both permissions as well as prohibitions.
Simon: May be tied to SHACL Constraints.
Example
Required New Concepts
S6: Clustering Policies in Sets of Policies
As owner of an asset, I want to be able to cluster a policies into sets of policies. Those policy sets may adhere to different conflict resolution strategies than their containing policies.
Example
<http://example.com/policySet:S6> a odrl-ld:PolicySet ; odrl:conflict odrl:perm ; odrl-ld:involvedPolicy <http://example.com/policy:S6.1> ; odrl-ld:involvedPolicy [ a odrl-ld:License; odrl:permission [ a odrl:Permission; odrl:action odrl:reproduce, odrl:distribute, odrl:derive; odrl:duty odrl:attribution, odrl:attachPolicy, odrl:shareAlike ] ; odrl:prohibition odrl:commercialize ] . <http://example.com/policy:S6.1> a odrl:Set ; odrl:conflict odrl:prohibit ; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:permission odrl-ld:query .
Required New Concepts
odrl-ld:PolicySet a rdfs:Class , owl:Class ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "PolicySet"@en ; rdfs:comment "Concept that groups various different policies into one policy set."@en . odrl-ld:involvedPolicy a rdf:Property , owl:ObjectProperty ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "involvedPolicy"@en ; rdfs:comment "Relates a policy set to the policy it contains."@en ; rdfs:domain odrl-ld:PolicySet ; rdfs:range odrl:Policy .
S7: Defining Remedies
As owner of an asset, I want to be able to define remedies for violated prohibitions or duties (cf. ODRL Remedies)
Example
<http://example.com/policy:S7> a odrl:Agreement; odrl:permission [ a odrl:Permission; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:assignee <http://example.com/consumer:1> ; odrl:action odrl-ld:query ; odrl:duty [ a odrl:Duty ; odrl:action odrl:compensate; odrl:constraint [ a odrl:Constraint ; odrl:payAmount 50.00 ; odrl:operator odrl:eq ; odrl:unit <http://cvx.iptc.org/iso4217a:AUD> ] ; odrl-ld:hasRemedy <http://example.com/fine:S7> ] ] ; odrl:prohibition [ a odrl:Prohibition; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:assignee <http://example.com/consumer:1> ; odrl:action odrl:distribute ; odrl-ld:hasRemedy <http://example.com/fine:S7> ] . <http://example.com/fine:S7> a odrl:Duty ; odrl:action odrl:compensate; odrl:constraint [ a odrl:Constraint ; odrl:payAmount 5.00 ; odrl:operator odrl:eq ; odrl:unit <http://cvx.iptc.org/iso4217a:AUD> ] ] .
Required New Concepts
odrl-ld:hasRemedy a rdf:Property , owl:ObjectProperty ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "involvedPolicy"@en ; rdfs:comment "Relates violated duties and prohibitions to duties that have to be performed as a kind of remedy or consequence for the violation."@en ; rdfs:domain [ a owl:Class ; owl:unionOf ( odrl:Duty odrl:Prohibition ) ; ] ; rdfs:range odrl:Duty .
S8: Extended Relations
As owner of an asset, I want to be able to define more complex policies by combining permissions, prohibitions, constraints and duties using extended relations (cf. ODRL Extended Relations)
Simon: Whether we should add constraints too is open for discussion.
Example
<http://example.com/policy:S8> a odrl:Agreement; odrl:permission [ a odrl-ld:OrRuleSet; odrl-ld:rules ([ a odrl:Permission; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:assignee <http://example.com/consumer:1> ; odrl:action odrl:distribute ] [ a odrl:Permission; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:assignee <http://example.com/consumer:1> ; odrl:action odrl:share ]) ] .
Required New Concepts
odrl-ld:RuleSet a rdfs:Class , owl:Class ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "RuleSet"@en ; rdfs:comment "Abstract concept that defines a set of rules of the same type (e.g. Prohibition, Permission or Duty)."@en . odrl-ld:AndRuleSet a rdfs:Class , owl:Class ; rdfs:isDefinedBy odrl-ld: ; rdfs:subClassOf odrl-ld:RuleSet ; rdfs:label "AndRuleSet"@en ; rdfs:comment "A conjunctive set of rules."@en . odrl-ld:OrRuleSet a rdfs:Class , owl:Class ; rdfs:isDefinedBy odrl-ld: ; rdfs:subClassOf odrl-ld:RuleSet ; rdfs:label "OrRuleSet"@en ; rdfs:comment "A disjunctive set of rules."@en . odrl-ld:XorRuleSet a rdfs:Class , owl:Class ; rdfs:isDefinedBy odrl-ld: ; rdfs:subClassOf odrl-ld:RuleSet ; rdfs:label "XorRuleSet"@en ; rdfs:comment "A disjunctive set of rules where only one rule might be active."@en . odrl-ld:rules a rdf:Property , owl:ObjectProperty ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "rules "@en ; rdfs:comment "Relates a set of rules to the rules it contains."@en ; rdfs:domain odrl-ld:RuleSet ; rdfs:range rdf:List .
S9: Temporal Constraints
As owner of an asset, I want to be able to define fine-grained temporal constraints for my policies. It should be possible to define absolute as well as relative timeframes in terms of days, minutes, dates, etc. and to define that certain policies are only valid within those timeframes.
Example
Required New Concepts
S10: Specifying Default Behavior for missing Information
As owner of an asset, I want to be able to define not only conflict resolution strategies for my policies and policy sets, but also default behavior in terms of missing information. E.g., I want to be able to state that, if the execution a certain action is not explicitely prohibited, it is permitted.
Example
Required New Concepts
S11: Specifying Default Behavior for Parties
As owner of an asset, I want to be able to state whether policies defined for a group of assignees affect shall affect policies defined for single assignees. E.g., If everyone is prohibited to use my dataset but Alice is allowed to use it, does the more general policy "overrule" the more specific one?
Example
Required New Concepts
S12: Implicitely affected Actions
As owner of an asset, I want to know which actions are implicitely affected by permissions/prohibitions of others. I'm not only interested in the subsumption hierarchy of actions (e.g. use is more general than read) but also in part-of relationships of actions (e.g. to share something involves distributing it). To satisfy my needs, the ODRL core model should be extended by appropriate relationships between actions.
Example
odrl:shareAlike a odrl:Action, skos:Concept ; rdfs:isDefinedBy odrl: ; rdfs:label "Share-alike"@en ; skos:broader odrl:use ; odrl-ld:requires odrl:distribute ; rdfs:comment "The act of distributing any derivative asset under the same terms as the original asset."@en .
Required New Concepts
odrl-ld:requires a rdf:Property , owl:ObjectProperty ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "requires"@en ; rdfs:comment "Relates an action to actions that must be executable in order to ensure its executability."@en ; rdfs:domain odrl:Action ; rdfs:range odrl:Action .
S13: Precedence Relationship between Rules
As owner of an asset, I want to be able to define precedences among permissions, prohibitions, and duties. This would allow to easily map policies into defeasible logic (cf. A Modelling and Reasoning Framework for Social Networks Policies (Section 9.1))
Example
<http://example.com/policy:S13> a odrl:Agreement; odrl:conflict odrl:prohibit ; odrl:permission <http://example.com/permission:S13.1> ; odrl:prohibition <http://example.com/prohibition:S13.1> ; odrl:prohibition <http://example.com/prohibition:S13.2> . <http://example.com/permission:S13.1> a odrl:Permission; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:assignee <http://example.com/consumer:1> ; odrl:action odrl-ld:query ; odrl-ld:precedenceOver <http://example.com/prohibition:S13.1>; odrl:constraint [ a odrl:Constraint ; odrl:operator odrl:lteq ; odrl:dateTime "2010-12-31"^^xsd:date ] . <http://example.com/prohibition:S13.1> a odrl:Prohibition; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:action odrl-ld:query ; odrl:constraint [ a odrl:Constraint ; odrl:operator odrl:lteq ; odrl:dateTime "2010-12-31"^^xsd:date ] . <http://example.com/prohibition:S13.2> a odrl:Prohibition; odrl:target <http://example.com/dataset:1> ; odrl:assigner <http://example.com/publisher:1> ; odrl:action odrl-ld:query ; odrl:constraint [ a odrl:Constraint ; odrl:operator odrl:gteq ; odrl:dateTime "2010-12-25"^^xsd:date ] . odrl:constraint [ a odrl:Constraint ; odrl:operator odrl:lteq ; odrl:dateTime "2010-12-31"^^xsd:date ] .
Required New Concepts
odrl-ld:precedenceOver a rdf:Property , owl:ObjectProperty ; rdfs:isDefinedBy odrl-ld: ; rdfs:label "precedenceOver"@en ; rdfs:comment "Defines a precedence order between permissions and/or prohibitions."@en ; rdfs:domain [ a owl:Class ; owl:unionOf ( odrl:Permission odrl:Prohibition ) ; ] ; rdfs:range [ a owl:Class ; owl:unionOf ( odrl:Permission odrl:Prohibition ) ; ] .
S14: Responsibility
The consumer of a dataset is entirely responsible, to the exclusion of the dataset author and any other persons, for compliance of the use and reuse of the data with the regulations set by the dataset owners, and with the local regulations regarding use, including those regarding import, export, and use of encryption software.
Simon: I'm not entirely sure what's meant with this user story.
Example
Required New Concepts
S15: Precedence Relationship between (Sets of) Policies
As owner of an asset, I want to be able to define precedences among specific policies and/or sets of policies instead of (or in addition to) defining general conflict resolution strategies that apply to all policies.