RE: Policy use case

Michael,

thanks for sharing your use case and related requirements with us.

I understand that some of the key aspects of your use case and requirements are:

- "access" to data depends on the context, including people roles, involved institutions, intent/purpose, nature of data, etc.
- time-based constraints on data retention/access
- potential conflicts between policies defined by different stakeholders
- relevace of the legal/legislative framework
- need to formalise all these aspects in policies in a framework involving policy decision making and enforcement
- need to create awareness and handle penalty clauses

In my view, this is an interesting use case, where a blend of security and privacy policies need to be properly represented and enforced on personal/sensitive data. Further "complexity" is introduced by the need to comply with legislation and deal with the "multiparty" nature of this scenario, where competing policies exist and conflicts could arise.

Does anybody else would like to add their input and/or comments to this use case?

We should start refining some of the core flavours and needs emerging from use cases and capture them in the in the PLING Wiki site. This site should now be up an running.

Thomas, Rigo - could you please provide the PLING mailing list with details about how to access the PLING Wiki site and related procedures?

Regards,
Marco


>-----Original Message-----
>From: public-pling-request@w3.org
>[mailto:public-pling-request@w3.org] On Behalf Of Wilson, MD (Michael)
>Sent: 13 January 2008 03:31
>To: public-pling@w3.org
>Subject: Policy use case
>
>
>All,
>
>I work in a government science laboratory where we provide
>large national facilities in the order of 100's of millions of dollars.
>Researchers from universities use our large experimental
>facilities to analyse samples of stuff. They produce large
>data files which we store, and they may use our large compute
>facilities to further analyse. The resulting data is stored on
>our 5 Petabyte data store. People then want access to the raw
>or analysed data.
>
>The national funding body who has paid for the research has a
>data policy which states that the funded researchers, staff in
>the funding body and their reviewers should have access to the
>data for 3 years, but nobody else.
>
>The researchers work in a university who have a data access
>policy that all researchers in the university should retain
>IPR on their data and not allow others access to it for 5
>years. All researchers in the university have access to the
>data of all other researchers in the university in order to
>facilitate interdisciplinary research.
>
>The pharmaceutical company who co-sponsor the research have a
>policy that although others can have access to the data, they
>are the only ones who can use the data for commercial purposes.
>
>One researcher on the project is submitting part of the work
>to her university to acquire a PhD, and does not want any body
>else, even in the university, to see it.
>
>Our own facilities organisation has a policy that our staff
>can have access to the data produced on our facilities for
>administration and for use in developing the facilities.
>
>These policies need to be encoded in a policy language that a
>PEP can enforce, and conflicts and priorities can be resolved by a PDP.
>
>I've not tried to define the roles precisely in an ontological
>manner since they arise from different bodies who have not
>agreed on compatible definitions. The durations are defined
>precisely because lawyers are accustomed to these. The data
>sets themselves are not defined precisely in the agreements
>since they are too technical to be well understood by the
>lawyers, or too poorly defined by the researchers.
>
>The legal agreements include this style of authorisation
>limitation, and sometimes also include penalty clauses
>defining actions to be taken in breach of these conditions
>which go beyond the XACML or SAML descriptions - e.g. if x
>tries to access data sets to which they are not authorised
>then they will lose their authorisation on all data sets.
>
>We provide a Web Service interface to a data portal for users,
>funders, commercial sponsors, administrators etc.., to access
>the data. How do we represent these various policies given the
>legal text in English, identify conflicts between them,
>priorities the policies where conflicts exist (ok, that's out
>of scope) and enforce the right policy in the PEP?
>
>Michael Wilson
>STFC Rutherford Appleton Laboratory, UK
>http://www.e-science.stfc.ac.uk/organisation/staff/michael_wilson/
>
>

________________________________


[http://www.hp.ca/corporate/signature/hp_logo.gif]<http://www.hp.com/>


Marco Casassa Mont
Senior Researcher
Hewlett-Packard Labs

+44 117 3128794 Phone
+44 117 3129250 Fax
marco_casassa-mont@hp.com<mailto:marco_casassa-mont@hp.com>
http://www.hpl.hp.com<http://www.hpl.hp.com/>

External Web Page: http://www.hpl.hp.com/personal/mcm/
Blog:   http://h20325.www2.hp.com/blogs/mcm

 'All points of view are my own and not necessarily HP's as well'
Hewlett-Packard Limited registered Office: Cain Road,      Bracknell,  Berks RG12 1HN Registered No: 690597 England

The contents of this message and any attachments to it are confidential and may be legally privileged. If you have received this message in error, you should delete it from your system immediately and advise the sender.

To any recipient of this message within HP, unless otherwise stated you should consider this message and attachments as "HP CONFIDENTIAL".

________________________________