Re: Best practices or implementations for ODRL enforcement/validation? from Joshua Cornejo on 2025-02-19 (public-odrl@w3.org from February 2025)

From: Joshua Cornejo <josh@marketdata.md>
Date: Wed, 19 Feb 2025 20:25:18 +0000
To: "public-odrl@w3.org" <public-odrl@w3.org>
Message-ID: <9CBB095F-2868-4A83-9E3D-29F524ACA93D@marketdata.md>

Also, for (3) & (4) from what I just read about SHARCS, it is using RDF Surfaces Primer – which at first glance looks like an RDF implementation of some Haskell concepts, but I might be mistaken. 

 

The repo speaks about “validation” (doesn’t need to keep context/state) vs “evaluation” (does need to keep context/state).

 

I think it is important to clarify the use of “validation”, as there are 3 possible interpretations in the overall lifecycle:

 
“is this policy structurally correct” (Is it a valid ODRL policy)
“is this policy something that makes sense” (Are the relations, functions, actions correct? When I am applying a constraint, does it make sense?)
“based on some inputs, is the request over the current state of the policy correct” (based on a series of inputs and the state/context, is this a request that should be processed, and this one is a step part of the evaluation)
 

Regards,

___________________________________

Joshua Cornejo

marketdata

smart authorisation management for the AI-era

 

From: "Theissen-Lipp, Johannes" <theissen-lipp@dbis.rwth-aachen.de>
Date: Wednesday 19 February 2025 at 09:40
To: "public-odrl@w3.org" <public-odrl@w3.org>
Subject: Best practices or implementations for ODRL enforcement/validation?
Resent-From: <public-odrl@w3.org>
Resent-Date: Wed, 19 Feb 2025 09:40:40 +0000

 

Dear ODRL Community,

 

in the scope of dataspaces, ODRL is often used to support data sovereignty by expressing data access/usage policies.

However, validating/enforcing these policies requires a well-defined definition of “the current state/context”. Like validate(state, policies) -> validation result.

 

We are wondering if there are (1) best practices to define such a state/context and (2) implementations to do so.

 

I found the 2024 “ODRE” paper by Cimmino et al. [1] and an accompanying GitHub repository [2] with Python and Java implementation. Only supporting “dateTime” by now, but appears to be a promising base for extensions.

I also found a GitHub repository “SHARCS ODRL enforcement examples” [3], based on some use cases by Inès, which I however do not really understand.

 

Any suggestions? Thank you and best wishes,

Johannes

 

 

[1] https://doi.org/10.48550/arXiv.2409.17602

[2] https://github.com/ODRE-Framework/

[3] https://github.com/KNowledgeOnWebScale/SHARCS

[4] https://github.com/Ines-Akaichi/SHARCS-Use-Case

 

-- 

Dr. rer. nat. Johannes Theissen-Lipp (he/him)

 

RWTH Aachen University: Information Systems & Databases

Ahornstraße 55, Building E2, 52074 Aachen

http://dbis.rwth-aachen.de

 

Fraunhofer Institute for Applied Information Technology FIT

Data Science and Artificial Intelligence – Data Management and Engineering

Schloss Birlinghoven 1, 53757 Sankt Augustin

https://www.fit.fraunhofer.de

Received on Wednesday, 19 February 2025 20:25:23 UTC