Downstream usage control

Ref: Laurent Bussard, Gregory Neven, and Franz-Stefan Preiss. In IEEE International Symposium on Policies for Distributed Systems and Networks - POLICY 2010, pages 22-29. IEEE Computer Society, 2010.

Abstract: Whereas access control describes the conditions that have to be fulfilled before data is released, usage control describes how the data has to be treated after it is released. Usage control can be applied to digital rights management, where the data are usually copyright-protected media, as well as in privacy, in which case the data are privacy-sensitive personal information. An important aspect of usage control for privacy, especially in light of the current trend towards composed web services (so-called mash-ups), is downstream usage, i.e., with whom and under which usage control restrictions data can be shared. In this work, we present a two-sided XML-based policy language: on the one hand, it allows users to express in their preferences in a fine-grained way the exact paths that their data is allowed to follow, and the usage restrictions that apply at each hop in the path. On the other hand, it allows data consumers to express in their policies how they intend to treat the data, with whom they intend to share it, and how the downstream consumers intend to treat the data. Downstream usage paths can be specified up to any desired depth, with the option to let the final usage control restrictions apply recursively to any further sharing of the data. Moreover, we describe a matching algorithm by which users can efficiently test whether all hops in a proposed policy match their own preferences, allowing them to decide autonomously and in an automated way whether it is safe to release the requested personal information. When a match occurs, a sticky policy is generated describing the precise rights and obligations that the consumers have to adhere to.