Dr.Aid: Supporting Data-governance Rule Compliance for Decentralized Collaboration in an Automated Way

Rui, Zhao; Atkinson, Malcolm; Papapanagiotou, Petros; Magnoni, Federica; Fleuriot, Jacques

doi:10.1145/3479604

Cited by 2 publications

(2 citation statements)

References 67 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Smart object [29] uses complex constructs to define permitted and prohibited use of data, and combines this with the application information (using relational calculus) (C2) to derive policies for output data (C5), assuming and leveraging a tabular structure of data. Dr.Aid [28] focuses on the context of data-intensive scientific workflows, employing different structures to express data rules and process rules (C2). It supports policy reasoning and derivation for workflow graphs composed of multi-input-multi-output processes (C5).…”

Section: Related Researchmentioning

confidence: 99%

See 1 more Smart Citation

Perennial Semantic Data Terms of Use for Decentralized Web

Zhao,

Zhao

2024

Proceedings of the ACM Web Conference 2024

Self Cite

View full text Add to dashboard Cite

In today's digital landscape, the Web has become increasingly centralized, raising concerns about user privacy violations. Decentralized Web architectures, such as Solid, offer a promising solution by empowering users with better control over their data in their personal 'Pods'. However, a significant challenge remains: users must navigate numerous applications to decide which application can be trusted with access to their data Pods. This often involves reading lengthy and complex Terms of Use agreements, a process that users often find daunting or simply ignore. This compromises user autonomy and impedes detection of data misuse. We propose a novel formal description of Data Terms of Use (DToU), along with a DToU reasoner. Users and applications specify their own parts of the DToU policy with local knowledge, covering permissions, requirements, prohibitions and obligations. Automated reasoning verifies compliance, and also derives policies for output data. This constitutes a "perennial" DToU language, where the policy authoring only occurs once, and we can conduct ongoing automated checks across users, applications and activity cycles. Our solution is built on Turtle, Notation 3 and RDF Surfaces, for the language and the reasoning engine. It ensures seamless integration with other semantic tools for enhanced interoperability. We have successfully integrated this language into the Solid framework, and conducted performance benchmark. We believe this work demonstrates a practicality of a perennial DToU language and the potential of a paradigm shift to how users interact with data and applications in a decentralized Web, offering both improved privacy and usability. CCS CONCEPTS• Computing methodologies → Knowledge representation and reasoning; • Security and privacy → Usability in security and privacy; • Information systems → Semantic web description languages.

show abstract

Section: Related Researchmentioning

confidence: 99%

“…(:col-2, :field, :column-2)). This concept of attributes is borrowed from Dr.Aid [28], which has been demonstrated as a powerful structure for supporting policy derivation. The following example shows how Alice defines her email address information as an attribute -the attribute is a kind of 'string' and has the value of "alice@a.b".…”

Section: Data Policymentioning

confidence: 99%