Post on 26-Jan-2015
description
Steffen Staabstaab@uni-koblenz.de
1WeST
http://wegov-project.eu/index.php
Web Science & Technologies
University of Koblenz ▪ Landau, Germany
Provenance in the Semantic Web
Christoph Ringelstein & Steffen Staab
Steffen Staabstaab@uni-koblenz.de
2WeST
http://wegov-project.eu/index.php
Web Science & Technologies
University of Koblenz ▪ Landau, Germany
Provenance in the Semantic Web
Christoph Ringelstein & Steffen Staab
Querying, Inferencing Policies, Obligations
Steffen Staabstaab@uni-koblenz.de
3WeST
http://wegov-project.eu/index.php
Web Science & Technologies
University of Koblenz ▪ Landau, Germany
What may I do with your data? What do I have to do with your data?
Policies and Provenance for Data Mgmt
Christoph Ringelstein & Steffen Staab
Steffen Staabstaab@uni-koblenz.de
4WeST
Do you remember?
That CIA published a list of his agents on the internet….
That Italian tax office published all tax data about citizens on its Web page…
Even in a friendly environment allowing/disallowing data handling is a big issue
Steffen Staabstaab@uni-koblenz.de
5WeST
Our Assumptions
Semantic Web: flexible graph data
• with ontologies as delicious icing - if you want icing a great infrastructure to share data all over the place distributed publishing, querying, replication,…
For instance: Facebook allows me to determine what pictures to share with who, BUT it is very inflexible!
Access rights management is not sufficient, we need decisions on complex `business rules‘
Steffen Staabstaab@uni-koblenz.de
6WeST
Alice (nurse)
transfer transfer discharge
Bob (physician)
Jane Doe
Middle Rhine Hospital
Steffen Staabstaab@uni-koblenz.de
7WeST
Jane Doe 1. I want to describe
what may be done
with my record
2. I want to define what
must be done with my
record (obligation)
Middle Rhine Hospital
Steffen Staabstaab@uni-koblenz.de
8WeST
WHAT MAY BE DONE?POLICIES FOR PERMIT & DENY WITH PAPEL
Steffen Staabstaab@uni-koblenz.de
9WeST
Alice (nurse)
transfer transfer discharge
Bob (physician)
Jane Doe
?
Steffen Staabstaab@uni-koblenz.de
10WeST
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.
Alice (nurse)
transfer transfer discharge
Bob (physician)
Jane Doe
?
Steffen Staabstaab@uni-koblenz.de
11WeST
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.
Alice (nurse)
transfer transfer discharge
Bob (physician)
Jane Doe
? Provenance-aware
Policies
Provenance Information
Semantics
Steffen Staabstaab@uni-koblenz.de
12WeST
Provenance
transfer discharge
Bob (physician)
Alice (nurse)
...step (record_jd, bob, null, discharge, 5, {4})step (record_jd, bob, alice, transfer, 6, {5,13})...
Steffen Staabstaab@uni-koblenz.de
13WeST
...step (record_jd, bob, null, discharge, 5, {4})step (record_jd, bob, alice, transfer, 6, {5,13})...
Provenance
s1admission
s2examination
s3asking permit
s6transfer
History now
s4examination
s10prepareshare
s11share
s12analysis
s13return
s5discharge
≤𝐻
Steffen Staabstaab@uni-koblenz.de
14WeST
Policies
Alice (nurse)
transfer
Jane Doe
?
Steffen Staabstaab@uni-koblenz.de
15WeST
transfer
Policies
ProvenanceInformation
History, ..
Propertiesof the Data
Owner, Type, ..
Contextual Information
Actor, Time, ..
XACMLEPALXrML
Steffen Staabstaab@uni-koblenz.de
16WeST
Policy Rules – Permit and Deny
PAPEL Syntax for Policies:permit (ID) IF Condition .deny (ID) IF Condition .
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.
permit (ID) IF step (record_jd, S, jane_doe, transfer, ID, _) AFTER step (record_jd, _, _, discharge, _, _) AND instance_of (S, staff_member).
Steffen Staabstaab@uni-koblenz.de
17WeST
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.
permit (ID) IF step (record_jd, S, jane_doe, transfer, ID, _) AFTER step (record_jd, _, _, discharge, _, _) AND instance_of (S, staff_member).
AFTER Operator
Alice (nurse)
transfer transfer discharge
Bob (physician)
Jane Doe
?
Steffen Staabstaab@uni-koblenz.de
18WeST
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.
permit (ID) IF step (record_jd, S, jane_doe, transfer, ID, _) AFTER step (record_jd, _, _, discharge, _, _) AND instance_of (S, staff_member).
Evaluation of Conditions
...step (record_jd, bob, null, discharge, 5, {4})step (record_jd, bob, alice, transfer, 6, {5,13})...
Steffen Staabstaab@uni-koblenz.de
20WeST
Policies
Alice (nurse)
transfer
Jane Doe
?
step (record_jd, alice, jane, transfer, 7, {6})
Steffen Staabstaab@uni-koblenz.de
21WeST
Policies
...step (record_jd, bob, null, discharge, 5, {4})step (record_jd, bob, alice, transfer, 6, {5,13})
permit (ID) IF step (record_jd, S, jane_doe, transfer, ID, _) AFTER step (record_jd, _, _, discharge, _, _) AND instance_of (S, staff_member).
step (record_jd, alice, jane, transfer, 7, {6})
+
Facts:
History + Next Step
Rules:
Policy Rule
Query & Results:
Allowed: permitted and not denied
Invalid: not allowed
+
isAllowed(7).
Steffen Staabstaab@uni-koblenz.de
22WeST
Policies
Alice (nurse)
transfer
Jane Doe
Steffen Staabstaab@uni-koblenz.de
23WeST
WHAT MUST BE DONE?OBLIGATIONS WITH CARE
Steffen Staabstaab@uni-koblenz.de
24WeST
Policies – Obligation
Alice (nurse)
transfer transfer discharge
Bob (physician)
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.(P2): Staff members and the archive are permitted to transfer the record to staff members.
(O1): Jane Doe demands to receive her record after her discharge.(O2): A nurse has to transfer the record to the archive if she received it after the patient’s discharge.
(D1): Jane Doe is denied to transfer her record.
Jane Doe
Steffen Staabstaab@uni-koblenz.de
25WeST
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.(P2): Staff members and the archive are permitted to transfer the record to staff members.
(O1): Jane Doe demands to receive her record after her discharge.(O2): A nurse has to transfer the record to the archive if she received it after the patient’s discharge.
(D1): Jane Doe is denied to transfer her record.
Policies – Obligation
Alice (nurse)
transfer transfer discharge
Bob (physician)
Jane Doe
Obligation 1
archive
Obligation 2 transfer
Steffen Staabstaab@uni-koblenz.de
26WeST
Alice (nurse)
Obligation 1
transfer transfer
Jane Doearchive
Obligation 2
transfer
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.(P2): Staff members and the archive are permitted to transfer the record to staff members.
(O1): Jane Doe demands to receive her record after her discharge.(O2): A nurse has to transfer the record to the archive if she received it after the patient’s discharge.
(D1): Jane Doe is denied to transfer her record.
Steffen Staabstaab@uni-koblenz.de
27WeST
Alice (nurse)
Obligation 1
transfer transfer
Jane Doearchive
Obligation 2
transfer
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.(P2): Staff members and the archive are permitted to transfer the record to staff members.
(O1): Jane Doe demands to receive her record after her discharge.(O2): A nurse has to transfer the record to the archive if she received it after the patient’s discharge.
(D1): Jane Doe is denied to transfer her record.
Steffen Staabstaab@uni-koblenz.de
28WeST
Alice (nurse)
Obligation 1
transfer
Jane Doearchive
Obligation 2
transfer
Bob (physician)
transfer
(P1): Staff members are permitted to transfer the record to Jane Doe after her discharge.(P2): Staff members and the archive are permitted to transfer the record to staff members.
(O1): Jane Doe demands to receive her record after her discharge.(O2): A nurse has to transfer the record to the archive if she received it after the patient’s discharge.
(D1): Jane Doe is denied to transfer her record.
Steffen Staabstaab@uni-koblenz.de
29WeST
....s13
Future Execution Graph
s2examination
s3asking permit
s6transfer
s4examination
s10prepareshare
s11share
s12analysis
s5discharge
s7.a
s8.a
s8.b s8.c
..
.... .. .... ..
invalid
allowed
History now Future Execution Graph
Steffen Staabstaab@uni-koblenz.de
30WeST
s13
Closing
s2examination
s3asking permit
s6transfer
s4examination
s10prepareshare
s11share
s12analysis
s5discharge
s7.a
s8.a
s8.b s8.c
..
.... .. .... ..
....
closed
invalid
allowed
History now Future Execution Graph
Steffen Staabstaab@uni-koblenz.de
31WeST
s7.a
s13
The Destiny
s2examination
s3asking permit
s6transfer
s4examination
s10prepareshare
s11share
s12analysis
s5discharge
s8.a
s8.b s8.c
closed
Destiny
..
.... .. .... ..
....invalid
allowed
Steffen Staabstaab@uni-koblenz.de
32WeST
s7.a
s13
The Destiny
s2examination
s3asking permit
s6transfer
s4examination
s10prepareshare
s11share
s12analysis
s5discharge
s8.a
s8.b s8.c
..
.... .. .... ..
....
?Destiny
closed
invalid
allowed
Steffen Staabstaab@uni-koblenz.de
33WeST
Alice (nurse)
transfer transfer
Jane Doe
discharge
archive
transfer
?Which next steps have a destiny?
Steffen Staabstaab@uni-koblenz.de
34WeST
Policies
...step (record_jd, bob, null, discharge, 5, {4})step (record_jd, bob, alice, transfer, 6, {5,13})
permit (ID) IF step (record_jd, S, jane_doe, transfer, ID, _) AFTER step (record_jd, _, _, discharge, _, _) AND instance_of (S, staff_member).
step (record_jd, alice, jane, transfer, 7, {6})
+
Input:
History + Next Step +Policy Rules
Translation:
Axioms + Translation
Decision:
Reachability of a future state where all obligations are met.
Axioms specifying possible steps.
+Translation to colored Petri nets.
+
Steffen Staabstaab@uni-koblenz.de
35WeST
Alice (nurse)
transfer transfer
Jane Doe
discharge
archive
transfer
Which next steps have a destiny?
Steffen Staabstaab@uni-koblenz.de
36WeST
Conclusion
Policies with Obligations:`Business rules‘ may decide about what may/may not and must be done to your data
Provenance Graph is core to store what has and will be done to data
Formal underpinning of our approach makes it semantically sound and complete
Steffen Staabstaab@uni-koblenz.de
37WeST
http://wegov-project.eu/index.php
Web Science & Technologies
University of Koblenz ▪ Landau, Germany
Thank You!
Key Publications
Ringelstein, Christoph; Staab, Steffen (2010): PAPEL: A Language and Model for Provenance-Aware Policy Definition and Execution. In: BPM 2010 - International Conference on Business Process Management.
Ringelstein, Christoph (2011): Data Provenance and Destiny in Distributed Environments. PhD-Thesis. Univ Koblenz, 2011.
They also link to a few more….