Self-Sovereign Identity Model: Identity and Identity Data Usage Licensing - solution approaches?

I'm looking for projects, technologies, and/or notations/schema for specifying/declaring/processing the terms of a *user driven* SSI identity and identity data usage license presented to a consuming app or service (Consumer).  ...for example, being able to declare terms like:


  *   App X can refer to but can not read and persist my content to any external storage system (beyond where the original content currently resides) without my expressed permission.
  *   App X cannot attach it's own ancillary information to my Identity (e.g. DID) without my expressed permission.
  *   App X can read my content but cannot aggregate it (anonymously or not) to create its own new content without my permission.
  *   etc.

I think the overall SSI usage license negotiation process (story?) might looks something like:


  1.  User personally declares their SSI usage terms (claims?) based on their needs and the particular consuming app or service (Consumer)

  2.  User uses software to package their SSI usage terms into an SSI usage license (credential?) ...possibly a Presentation of selected Claims from the User's personal library of SSI usage claims (personal master SSI usage credential)

  3.  In lieu or in advance of a Consumer presenting their Terms of Service, User presents their SSI usage license credential for the Consumer

  4.  [perhaps some sort of semi-automated SSI usage terms negotiation takes place to arrive at an SSI usage contract (SSI usage contract credential) agreeable to both the User and Consumer.]

  5.  A Consent Receipt is sent to both parties along with the negotiated SSI usage contract

Any suggestions?  ...in terms of projects, technologies, notations, approaches?

Best regards,
Michael Herman
Self-Sovereign Blockchain Architect
Hyperonomy Digital Identity Lab
Parallelspace Corporation

[cid:image002.jpg@01D6ED8A.4CA686E0]