[Profile picture of Ruben Verborgh]

Ruben Verborgh

A Policy-Oriented Architecture for Enforcing Consent in Solid

Laurens Debackere, Pieter Colpaert, Ruben Taelman, and Ruben Verborgh

The Solid project aims to restore end-users’ control over their data by decoupling services and applications from data storage. To realize data governance by the user, the Solid Protocol 0.9 relies on Web Access Control, whose expressivity and interpretability are limited. In contrast, recent privacy and data protection regulations impose strict requirements on personal data processing applications and the scope of their operation. The Web Access Control mechanism lacks the granularity and contextual awareness needed to enforce these regulatory requirements. Therefore, we suggest a possible architecture for relating Solid’s low-level technical access control rules with higher-level concepts such as the legal basis and purpose for data processing, the abstract types of information being processed, and the data sharing preferences of the data subject. Our architecture combines recent technical efforts by the Solid community panels with prior proposals made by researchers on the use of ODRL and SPECIAL policies as an extension to Solid’s authorization mechanism. While our approach appears to avoid a number of pitfalls identified in previous research, further work is needed before it can be implemented and used in a practical setting.

full text BibTeX other citation formats

Published in 2022 in Proceedings of the 2nd International Workshop on Consent Management in Online Services, Networks and Things.

Keywords:

Read this article online

Cite this article in your work

Cite this article easily using its BibTeX entry: 

@inproceedings{debackere_consent_2022,
  author = {Debackere, Laurens and Colpaert, Pieter and Taelman, Ruben and Verborgh, Ruben},
  title = {A Policy-Oriented Architecture for Enforcing Consent in {Solid}},
  booktitle = {Proceedings of the 2nd International Workshop on Consent Management in Online Services, Networks and Things},
  year = 2022,
  month = apr,
  publisher = {Association for Computing Machinery},
  pages = {516--524},
  doi = {10.1145/3487553.3524630},
  isbn = 9781450391306,
  url = {https://dl.acm.org/doi/pdf/10.1145/3487553.3524630},
}

Alternatively, pick a reference of your choice below:

ACM
Laurens Debackere, Pieter Colpaert, Ruben Taelman, and Ruben Verborgh. 2022. A Policy-Oriented Architecture for Enforcing Consent in Solid. In Proceedings of the 2nd International Workshop on Consent Management in Online Services, Networks and Things, Association for Computing Machinery, 516–524.
APA
Debackere, L., Colpaert, P., Taelman, R., & Verborgh, R. (2022). A Policy-Oriented Architecture for Enforcing Consent in Solid. Proceedings of the 2nd International Workshop on Consent Management in Online Services, Networks and Things, 516–524.
IEEE
L. Debackere, P. Colpaert, R. Taelman, and R. Verborgh, “A Policy-Oriented Architecture for Enforcing Consent in Solid,” in Proceedings of the 2nd International Workshop on Consent Management in Online Services, Networks and Things, 2022, pp. 516–524.
LNCS
Debackere, L., Colpaert, P., Taelman, R., Verborgh, R.: A Policy-Oriented Architecture for Enforcing Consent in Solid. In: Proceedings of the 2nd International Workshop on Consent Management in Online Services, Networks and Things. pp. 516–524. Association for Computing Machinery (2022).
MLA
Debackere, Laurens, et al. “A Policy-Oriented Architecture for Enforcing Consent in Solid.” Proceedings of the 2nd International Workshop on Consent Management in Online Services, Networks and Things, Association for Computing Machinery, 2022, pp. 516–24.

Discuss this article