Simon Steyskal

Defining expressive access policies for linked data using the ODRL ontology 2.0

Together with the latest efforts in publishing Linked (Open) Data, legal issues around publishing and consuming such data are gaining increased interest. Particular areas of interest include (i) how to define more expressive access policies which go beyond common licenses, (ii) how to introduce pricing models for online datasets (for non-open data) and (iii) how to realize (i)+(ii) while providing descriptions of respective meta data that is both human readable and machine processable. In this paper, we show based on different examples that the Open Digital Rights Language (ODRL) Ontology 2.0 is able to address all previous mentioned issues, i.e. is suitable to express a large variety of different access policies for Linked Data. By defining policies as ODRL in RDF we aim for (i) higher flexibility and simplicity in usage, (ii) machine/human readability and (iii) fine-grained policy expressions for Linked (Open) Data.

Towards Formal Semantics for ODRL Policies

Most policy-based access control frameworks explicitly model whether execution of certain actions (read, write, etc.) on certain assets should be permitted or denied and usually assume that such actions are disjoint from each other, i.e. there does not exist any explicit or implicit dependency between actions of the domain. This in turn means, that conflicts among rules or policies can only occur if those contradictory rules or policies constrain the same action. In the present paper - motivated by the example of ODRL 2.1 as policy expression language - we follow a different approach and shed light on possible dependencies among actions of access control policies. We propose an interpretation of the formal semantics of general ODRL policy expressions and motivate rule-based reasoning over such policy expressions taking both explicit and implicit dependencies among actions into account. Our main contributions are (i) an exploration of different kinds of ambiguities that might emerge based on explicit or implicit dependencies among actions, and (ii) a formal interpretation of the semantics of general ODRL policies based on a defined abstract syntax for ODRL which shall eventually enable to perform rule-based reasoning over a set of such policies.

Mix’n’Match: An Alternative Approach for Combining Ontology Matchers

The existence of a standardized ontology alignment format promoted by the Ontology Alignment Evaluation Initiative (OAEI) potentially enables different ontology matchers to be combined and used together. Along these lines, we present a novel architecture for combining ontology matchers based on iterative calls of off-the-shelf matchers that exchange information in the form of reference mappings in this standard alignment format. However, we argue that only a few of the matchers contesting in the past years’ OAEI campaigns actually allow the provision of reference alignments to support the matching process. We bypass this lacking functionality by introducing an alternative approach for aligning results of different ontology matchers using simple URI replacement in the aligned ontologies. We experimentally prove that our iterative approach benefits from this emulation of reference alignments.

Leveraging Semantic Web Technologies for Consistency Management in Multi-viewpoint Systems Engineering

Systems modeling is an important ingredient for engineering complex systems in potentially heterogeneous environments. One way to deal with the increasing complexity of systems is to offer several dedicated viewpoints on the system model for different stakeholders, thus providing means for system engineers to focus on particular aspects of the environment. This allows them to solve engineering tasks more efficiently, although keeping those multiple viewpoints consistent with each other (e.g., in dynamic multiuser scenarios) is not trivial. In the present chapter, we elaborate how Semantic Web technologies (SWT) may be utilized to deal with such challenges when models are represented as RDF graphs. In particular, we discuss current developments regarding a W3C Recommendation for describing structural constraints over RDF graphs called Shapes Constraint Language (SHACL) which we subsequently exploit for defining intermodel constraints to ensure consistency between different viewpoints represented as RDF graphs. Based on a running example, we illustrate how SHACL is used to define correspondences (i.e., mappings) between different RDF graphs and subsequently how those correspondences can be validated during modeling time.

Modeling and Reasoning over Data Licenses.

In this paper, we propose an extension of the Open Digital Right Language for modeling well-known licenses and propose an approach to automatically check license compatibility.

Automated Rights Clearance Using Semantic Web Technologies: The DALICC Framework

The creation of derivative data works, e.g. for purposes such as content creation, service delivery or process automation, is often accompanied by legal uncertainty about usage rights and high costs in the clearance of licensing issues. DALICC stands for Data Licenses Clearance Center. It supports legal experts, innovation managers and application developers in the legally secure reutilization of third party data and software. DALICC is a Semantic Web enabled software framework which allows the attaching of licenses in a machine readable format to a specific asset and supports the clearance of rights by providing the user with information about equivalence, similarity and compatibility between licenses if used in combination in a derivative work. In essence, DALICC helps to determine which information can be shared with whom, to what extent and under which conditions, thus lowering the costs of rights clearance and stimulating the data economy.

Self-Enforcing Access Control for Encrypted RDF

The amount of raw data exchanged via web protocols is steadily increasing. Although the Linked Data infrastructure could potentially be used to selectively share RDF data with different individuals or organisations, the primary focus remains on the unrestricted sharing of public data. In order to extend the Linked Data paradigm to cater for closed data, there is a need to augment the existing infrastructure with robust security mechanisms. At the most basic level both access control and encryption mechanisms are required. In this paper, we propose a flexible and dynamic mechanism for securely storing and efficiently querying RDF datasets. By employing an encryption strategy based on Functional Encryption (FE) in which controlled data access does not require a trusted mediator, but is instead enforced by the cryptographic approach itself, we allow for fine-grained access control over encrypted RDF data while at the same time reducing the administrative overhead associated with access control management.

Data Integration for Open Data on the Web

In this lecture we will discuss and introduce challenges of integrating openly available Web data and how to solve them. Firstly, while we will address this topic from the viewpoint of Semantic Web research, not all data is readily available as RDF or Linked Data, so we will give an introduction to different data formats prevalent on the Web, namely, standard formats for publishing and exchanging tabular, tree-shaped, and graph data. Secondly, not all Open Data is really completely open, so we will discuss and address issues around licences, terms of usage associated with Open Data, as well as documentation of data provenance. Thirdly, we will discuss issues connected with (meta-)data quality issues associated with Open Data on the Web and how Semantic Web techniques and vocabularies can be used to describe and remedy them. Fourth, we will address issues about searchability and integration of Open Data and discuss in how far semantic search can help to overcome these. We close with briefly summarizing further issues not covered explicitly herein, such as multi-linguality, temporal aspects (archiving, evolution, temporal querying), as well as how/whether OWL and RDFS reasoning on top of integrated open data could be help.

A Framework for Safety-Critical Process Management in Engineering Projects

Complex technical systems, industrial systems or infrastructure systems are rich of customizable features and raise high demands on quality and safety-critical aspects. To create complete, valid and reliable planning and customization process data for a product deployment, an overarching engineering process is crucial for the successful completion of a project. In this paper, we introduce a framework for process management in complex engineering projects which are subject to a large amount of constraints and make use of heterogeneous data sources. In addition, we propose solutions for the framework components and describe a proof-of-concept implementation of the framework as an extension of a well-known BPMS.