1

DataSpaceMIT Decentralized Information Group

Tim Berners-Lee Danny WeitznerLalana Kagal Gerry SussmanHal Abelson

Visitors:Joe Pato (HP) Latanya Sweeney (CMU)

Collaborators:Joan Feigenbaum (Yale)Jim Hendler & Deb McGuinness (RPI)Wendy Hall & Nigel Shadbolt (Southampton)

3

Policy Awareness on the World-Wide Web• Problem:

– Maintaining data use policies (privacy, security, ownership, compliance) becomes infeasible as data bases become increasingly interconnected via the Web

• Idea– Tag information on the web with metadata that expresses policy– Use Semantic Web infrastructure so that metadata schemes are

open an extensible– Develop rules and reasoning mechanisms that check for

adherence with policy– Evaluate policies with reference to user preferences, user data,

Web data, operating context• Benefits

– Enables flexible, decentralized approach to policy management– Permits local control (vs. global authorities)– Can deal with contexts where access control is insufficient.

4

Information Accountability:

When information has been used, it should to possible to determine what happened, and to pinpoint use

that is inappropriate

5

Augmenting information architecture to support accountability

• Information is annotated with provenance that identifies its source.

• Data transfers and uses are logged so that chains of transfers have audit trails

• Databases and data providers supply machine-readable policies that govern permissible uses of the data.

• Automated reasoning engines use policies to determine whether data use is appropriate.

• Reasoning preserves context information and justifications supported by truth-maintenance systems.

• As data items are combined, the usage rules governing the combinations are automatically deduced by means of a data-purpose algebra

• Users of manipulate information via policy-aware interfaces that can enforce policies and/or signal non-compliant uses.

6

Use Case: Sharing of Data in Fusion Centers

•Sender: Mia Analysa of Commonwealth Fusion Center

•Data: Request for Information regarding Robert Guy

•Receiver: Fedd Agenti of DHS

•Is this allowed under policies of involved parties ?

7

Policy reasoning result in Justification UI

8

Exploring Policy Reasoning Results

9

10

AIR: A Policy Language for Usage Rules

:Rule1 a air:Belief-rule; air:variable :U2; air:variable :P2; air:variable :AP; air:label "FirstAIRRule"; air:pattern { :U2 a air:UseEvent; :refers-to [ a mit:ProxCardEvent ]; :purpose P2; :UseEvent :allowed-purposes :AP. :P2 is-member-of :AP }; air:assert { :U2 :validPurpose :P2 }.

DSpace @ MIT enforces privacy policy at http://libraries.mit.edu/dspace-mit/build/policies/privacy.html

@prefix : <http://www.dspace.org/rules#> .@prefix action: <http://www.cs.umbc.edu/~lkagal1/rei/ontologies/ReiAction.owl#> .@prefix constraint: <http://www.cs.umbc.edu/~lkagal1/rei/ontologies/ReiConstraint.owl#> .

...

:CU0002UserPrivacy a policy:Policy; policy:context :MITLibrariesPrivacyPolicy; policy:grants :UserProvdePersonalInfo; policy:grants :UsePersonalInfo; policy:grants :DoNotDisclosePersonalInfo; policy:grants :DoRemovePersonalInfo . :UserProvidePersonalInfo a deontic:Obligation; deontic:actor :varPerson; deontic:action :ProvidePersonalInfo; deontic:context :EventParticipationAndAlertSubscription; policy:desc "DSpace requires users to provide personal information if they: 1. are involved in the submission of DSpace content and metadata 2. subscribe to the DSpace alerting service" . :ProvidePersonalInfo a action:Action; a history:ModifyMetadata; action:actor :varPerson; action:target :varPersonInfo; policy:desc "Provide Personal Information is the act of supplying the metadata recorded as an EPerson's object in DSpace.".

A snippet of DSpace policy, expressed in REI