Please use this identifier to cite or link to this item:
|Title:||Rule Language Requirements for Privacy-Enabled Identity Management|
|Citation:||W3C Workshop on Rule Languages for Interoperability: Accepted Papers|
|Type:||Contributions to Conferences|
|Abstract:||The overall use case that motivates this position paper is a privacy-enabled identity management system using semantic web technologies. By this, we mean a system that uses a set of RDF-based languages to * exchange instance data - often personal information - between clients and services * express client-side preferences * express contextual and assurance requirements * express service-side policies * express the agreements reached between clients and services * express the obligations that arise from these agreements. In discussing rule use cases and requirements, this position paper focuses on those requirements that are characteristic to the privacy-enabled identity management problem. Both preferences and policies can be cast in rule-like semantics, as both deal with conditions about what is acceptable, and what is not. In general two categories of rules are of relevance: inference rules and reactive rules. Specifically, we want to make a case for reactive rules in the context of privacy management. ECA reactive rules (Event-Condition-Action rules) are required to express access control policies, assurance policies and obligation policies. As a significant example we consider privacy obligations. Privacy obligations fit the reactive rule pattern: they define data lifecycle management practices including supported handling policies and under what conditions certain actions have to be taken.|
|JRC Institute:||Institute for the Protection and Security of the Citizen|
Files in This Item:
There are no files associated with this item.
Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.