Title: Rule Language Requirements for Privacy-Enabled Identity Management
Authors: HOGBEN Giles
Citation: W3C Workshop on Rule Languages for Interoperability: Accepted Papers
Publisher: W3C
Publication Year: 2006
JRC N°: JRC32157
URI: http://publications.jrc.ec.europa.eu/repository/handle/JRC32157
Type: Contributions to Conferences
Abstract: The overall use case that motivates this position paper is a privacy-enabled identity management system using semantic web technologies. By this, we mean a system that uses a set of RDF-based languages to * exchange instance data - often personal information - between clients and services * express client-side preferences * express contextual and assurance requirements * express service-side policies * express the agreements reached between clients and services * express the obligations that arise from these agreements. In discussing rule use cases and requirements, this position paper focuses on those requirements that are characteristic to the privacy-enabled identity management problem. Both preferences and policies can be cast in rule-like semantics, as both deal with conditions about what is acceptable, and what is not. In general two categories of rules are of relevance: inference rules and reactive rules. Specifically, we want to make a case for reactive rules in the context of privacy management. ECA reactive rules (Event-Condition-Action rules) are required to express access control policies, assurance policies and obligation policies. As a significant example we consider privacy obligations. Privacy obligations fit the reactive rule pattern: they define data lifecycle management practices including supported handling policies and under what conditions certain actions have to be taken.
JRC Institute:Institute for the Protection and Security of the Citizen

Files in This Item:
There are no files associated with this item.


Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.