On the 20th of June, Christopher Esterhuyse and Tim Mueller presented their paper (with L. Thomas van Binsbergen) on the novel JustAct framework at the 2024 DisCoTec federated conference, held this year in Groningen. JustAct lays a foundation for the automatic enforcement of policies that are changed by the users on the fly.
Abstract
Inter-organisational data exchange is regulated by norms originating from sources ranging from individual consent to (inter)national laws. Verifying norm-compliance is complex because laws (e.g., GDPR) distribute responsibility and require accountability. Moreover, in some domains (e.g., healthcare), the norms themselves may be private. In contrast, standard solutions (e.g., access- and usage-control, smart contracts) reason about policies that are assumed to be public. Instead, we present a novel framework prescribing how decentralised agents decide which actions are justified, despite their partial views of the policy. Crucially, justifications are universal, e.g., accepted by future auditors. Agents establish a common notion of compliance through an (externally synchronized) agreement, which is the basis of each justification defined by policy fragments agents autonomously create, gossip, and assemble.
Christopher Esterhuyse
Postdoc
Christopher is a post-doc researcher working on (languages for) specifying distributed systems, for eliciting, negotiating, testing, and verifying system properties.
Tim Müller
Scientific Programmer
