Protect Network
Published July 17, 2021 | Version AAM
Conference paper Open

ODRL Profile for Expressing Consent through Granular Access Control Policies in Solid

Authors/Creators

  • 1. Universidad Politécnica de Madrid
  • 2. ADAPT Centre, Trinity College Dublin

Description

Solid, the emerging technology for organizing data in decentralized stores, relies on a simple authorization mechanism for granting access to data. Solid's personal online datastores (Pods) are ideal for keeping personal data, as they allow individuals to represent the access permissions in a very simple manner using Access Control Language (ACL) expressions. Whereas these expressions suffice for yes/no and read/write permissions, they cannot represent more complex rules nor invoke regulation-specific concepts. This paper describes an extension of the ACL language and algorithm to implement consent and data requests. The extension is based on the Open Digital Rights Language (ODRL) policy language, which allows expressing rich rules, and the Data Privacy Vocabulary (DPV), which permits invoking privacy and data protection-specific terms.
Some usage examples illustrate this proposal.

Notes

This research has been supported by European Union's Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813497 (PROTECT) and `Datos 4.0 Retos y Soluciones' (TIN2016-78011-C4-3-R). Harshvardhan J. Pandit is funded by Irish Research Council Government of Ireland Postdoctoral Fellowship Grant#GOIPD/2020/790; European Union's Horizon 2020 research and innovation programme under NGI TRUST Grant#825618 for Project#3.40 Privacy-as-Expected: Consent Gateway; and by the ADAPT SFI Centre for Digital Media Technology which is funded by Science Foundation Ireland through the SFI Research Centres Programme and is co-funded under the European Regional Development Fund (ERDF) through Grant#13/RC/2106\P2. Project webpage https://protect.oeg.fi.upm.es/solid-consent/ Profile documentation https://w3id.org/oac/ Code repository https://github.com/besteves4/odrl-access-control-profile

Files

ODRL_Consent_ACP_Solid_CONSENT_WS_2021_AAM.pdf

Files (188.1 kB)

Name Size Download all
md5:43b090b4cdf1aeae1e99376a8888a63f
188.1 kB Preview Download

Additional details

Funding

European Commission
PROTECT - Protecting Personal Data Amidst Big Data Innovation 813497
European Commission
NGI_TRUST - Partnership for innovative technological solutions to ensure privacy and enhance trust for the human-centric Internet 825618
Science Foundation Ireland
ADAPT: Centre for Digital Content Platform Research 13/RC/2106