[Profile picture of Ruben Verborgh]

Ruben Verborgh

Enforcing Usage Control Policies in Solid using Rule-Based Web Agents

Wout Slabbinck, Julián Rojas Meléndez, Beatriz Esteves, Ruben Verborgh, and Pieter Colpaert

A core feature of the Solid ecosystem is enabling the sharing of data resources with other agents using access control policies. However, the decision of allowing access (or not) to a given data resource may not be final and might need to change over time. The Solid authorization specifications do not allow expressing and thus neither enforcing complex constraints (e.g., temporal) on access or more generally, usage policies. A policy language that does have the expressivity to declare permission rules, including temporal constraints, is the Open Digital Rights Language (ODRL) W3C standard. To support and enforce ODRL policies over Solid resources, we design and implement a Web agent-based solution where an agent (i) decomposes ODRL policies into actionable tasks (such as granting and retracting access to resources) using declarative condition-action rules and; (ii) takes care of executing such tasks. Usage control within Solid can be delegated to agents such that neither applications nor users within the ecosystem need to ensure that access permissions over their data resources are valid and up to date. We show how the expressivity limitations for usage control of the current Solid specifications could be addressed by supporting ODRL via long-running Web agents with the task of enforcement. Since currently all data-sharing actions within the Solid ecosystem are manually executed by the owner of the resource, future work includes automating policy-based negotiation processes among actors through Web agents.

full text BibTeX other citation formats

Published in 2024 in Proceedings of the Posters and Privacy Session of the Solid Symposium 2024.

Keywords:

Read this article online

Cite this article in your work

Cite this article easily using its BibTeX entry: 

@inproceedings{slabbinck_sosy_2024,
  author = {Slabbinck, Wout and Rojas Mel\'endez, Juli\'an and Esteves, Beatriz and Verborgh, Ruben and Colpaert, Pieter},
  title = {Enforcing Usage Control Policies in Solid using Rule-Based {Web} Agents},
  booktitle = {Proceedings of the Posters and Privacy Session of the Solid Symposium 2024},
  editor = {Estevez, Beatriz and Hofmann, Jan and Schmid, Sebastian},
  year = 2024,
  month = may,
  series = {CEUR Workshop Proceedings},
  volume = 3947,
  issn = {1613-0073},
  pages = {109--117},
  url = {https://ceur-ws.org/Vol-3947/short15.pdf},
}

Alternatively, pick a reference of your choice below:

ACM
Wout Slabbinck, Julián Rojas Meléndez, Beatriz Esteves, Ruben Verborgh, and Pieter Colpaert. 2024. Enforcing Usage Control Policies in Solid using Rule-Based Web Agents. In Proceedings of the Posters and Privacy Session of the Solid Symposium 2024 (CEUR Workshop Proceedings), 109–117.
APA
Slabbinck, W., Rojas Meléndez, J., Esteves, B., Verborgh, R., & Colpaert, P. (2024). Enforcing Usage Control Policies in Solid using Rule-Based Web Agents. In B. Estevez, J. Hofmann, & S. Schmid (Eds.), Proceedings of the Posters and Privacy Session of the Solid Symposium 2024 (Vol. 3947, pp. 109–117).
IEEE
W. Slabbinck, J. Rojas Meléndez, B. Esteves, R. Verborgh, and P. Colpaert, “Enforcing Usage Control Policies in Solid using Rule-Based Web Agents,” in Proceedings of the Posters and Privacy Session of the Solid Symposium 2024, 2024, vol. 3947, pp. 109–117.
LNCS
Slabbinck, W., Rojas Meléndez, J., Esteves, B., Verborgh, R., Colpaert, P.: Enforcing Usage Control Policies in Solid using Rule-Based Web Agents. In: Estevez, B., Hofmann, J., and Schmid, S. (eds.) Proceedings of the Posters and Privacy Session of the Solid Symposium 2024. pp. 109–117 (2024).
MLA
Slabbinck, Wout, et al. “Enforcing Usage Control Policies in Solid Using Rule-Based Web Agents.” Proceedings of the Posters and Privacy Session of the Solid Symposium 2024, edited by Beatriz Estevez et al., vol. 3947, 2024, pp. 109–17.

Discuss this article