Advertisement

A Data Sharing Agreement Framework

  • Vipin Swarup
  • Len Seligman
  • Arnon Rosenthal
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4332)

Abstract

When consumers build value-added services on top of data resources they do not control, they need to manage their information supply chains to ensure that their data suppliers produce and supply required data as needed. Producers also need to manage their information supply chains to ensure that their data is disseminated and protected appropriately. In this paper, we present a framework for data sharing agreements (DSA) that supports a wide variety of data sharing policies. A DSA is modeled as a set of obligation constraints expressed over a dataflow graph whose nodes are principals with local stores and whose edges are (typed) channels along which data flows. We present a specification language for DSAs in which obligations are expressed as distributed temporal logic (DTL) predicates over data resources, dataflow events, and datastore events. We illustrate the use of our framework via a case study based on a real-world data sharing agreement and discuss issues related to the analysis and compliance of agreements.

Keywords

Policy Language Service Level Agreement Data Resource Access Control Policy Deontic Logic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Arasu, A., Widom, J.: A denotational semantics for continuous queries over streams and relations. SIGMOD Record 33(3), 6–12 (2004)CrossRefGoogle Scholar
  2. 2.
    Babcock, B., Babu, S., Datar, M., Motwani, R., Widom, J.: Models and issues in data stream systems. In: Proceedings of the ACM SIGACT-SIGMOD Symposium on Principles of Database Systems, pp. 1–16 (2002)Google Scholar
  3. 3.
    Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Obligation monitoring in policy management. In: 3rd IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), June 2002, pp. 2–12 (2002)Google Scholar
  4. 4.
    Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Provisions and obligations in policy management and security applications. In: VLDB, pp. 502–513 (2002)Google Scholar
  5. 5.
    Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Provisions and obligations in policy rule management. J. Network Syst. Manage. 11(3) (2003)Google Scholar
  6. 6.
    Bierman, G.M., Meijer, E., Schulte, W.: The essence of data access in Cω. In: Black, A.P. (ed.) ECOOP 2005. LNCS, vol. 3586, pp. 287–311. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Chomicki, J., Lobo, J., Naqvi, S.A.: Conflict resolution using logic programming. IEEE Trans. Knowl. Data Eng. 15(1), 244–249 (2003)CrossRefGoogle Scholar
  8. 8.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Ehrich, H.-D., Caleiro, C.: Specifying communication in distributed information systems. Acta Inf. 36(8), 591–616 (2000)MATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Firozabadi, B.S., Sergot, M.J., Squicciarini, A.C., Bertino, E.: A framework for contractual resource sharing in coalitions. In: Proceedings of the 5th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), pp. 117–126 (2004)Google Scholar
  11. 11.
    Gama, P., Ferreira, P.: Obligation policies: An enforcement platform. In: Proceedings of the 6th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2005), pp. 203–212 (2005)Google Scholar
  12. 12.
    Hilty, M., Basin, D., Pretschner, A.: On obligations. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 98–117. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Irwin, K., Yu, T., Winsborough, W.H.: On the modeling and analysis of obligations. In: Proceedings 13th ACM Conference on Computer and Communications Security (to appear, 2006)Google Scholar
  14. 14.
    Keller, A., Ludwig, H.: The WSLA framework: Specifying and monitoring service level agreements for web services. Journal of Network and Systems Management, Special Issue on E-Business Management 11(1) (March 2003)Google Scholar
  15. 15.
    Leavens, G.T., Wahls, T., Baker, A.L.: Formal semantics for SA style data flow diagram specification languages. In: Proceedings of the ACM Symposium on Applied Computing (SAC), pp. 526–532 (1999)Google Scholar
  16. 16.
    Levy, A.Y., Mendelzon, A.O., Sagiv, Y., Srivastava, D.: Answering queries using views. In: Proceedings of the Fourteenth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, pp. 95–104 (1995)Google Scholar
  17. 17.
    Meyer, J.-J.C., Wieringa, R., Dignum, F.: The role of deontic logic in the specification of information systems. In: Logics for Databases and Information Systems, pp. 71–115. Kluwer, Dordrecht (1998)Google Scholar
  18. 18.
    Park, J., Sandhu, R.: The UCONABC usage control model. ACM Transactions on Information and System Security 7(1), 128–174 (2004)Google Scholar
  19. 19.
    Seligman, L., Rosenthal, A., Caverlee, J.: Data service agreements: Toward a data supply chain. In: Workshop on Information Integration on the Web, at VLDB 2004 (2004)Google Scholar
  20. 20.
    Swarup, V., Seligman, L., Rosenthal, A.: Specifying data sharing agreements. In: Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2006), pp. 157–162. IEEE Computer Society, Los Alamitos (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Vipin Swarup
    • 1
  • Len Seligman
    • 1
  • Arnon Rosenthal
    • 1
  1. 1.The MITRE CorporationMcLeanUSA

Personalised recommendations