The research in this theme addresses several challenges that arise from modern service-oriented systems in which the development and operationalisation of (software) services is distributed across organisational domains. These systems have in common that parties may play different roles in the realisation of applications, e.g., providing a service (such as creating data insights), infrastructure (such as compute or storage resources), or assets (such as datasets and algorithms). In such systems, organisations wish to retain control over the usage of their resources, e.g., to limit their availability, adhere to (privacy) regulations, or to protect commercial interests. To give control to resource owners, we propose systems in which policies are used to express usage constraints, mechanisms are available to enforce these constraints, and monitoring provides the information necessary for making enforcement decisions. Data exchange systems and digital data marketplaces are the primary application context, providing motivation and specific case studies.

Particular challenges addressed by our work are:

• The expression of laws, regulations, organisational policies and contractual agreements as enforceable system-level policies. This requires policy languages bridging the gap between legal statements and system-level events and distributed usage control mechanisms for policy enforcement.
• The distribution of control itself: different stakeholders (users, resource owners) contribute parts of the policy and control mechanisms (besides their contribution to the application itself). How can the policies expressed at location A affect decisions made at location B, considering the desire to avoid centralisation and considering that policies themselves may be sensitive?
• The automatic integration of formalised interpretations of legal sources places demands on the underlying enforcement mechanisms. Firstly, ex-post enforcement (observing and responding to violations after their occurrence) is required as not all information may be available or (interpretations of) legal sources may be conflicting. Secondly, policy decisions need to be accountable such that information on which these decisions are based (policies, meta-data, actual data) may need to be retained and may themselves by sensitive.
• Compliance-by-design. How and to what extent can we schedule the execution of applications or reconfigure the system’s configuration to ensure compliance with identified policy requirements.

In this research theme we develop conceptual models, algorithms, protocols, languages and (prototype) tools that address these challenges.

Projects

Software

Publications

2024

2023

2022

2021

2020