Using the ODRL Profile for Access Control for Solid Pod Resource Governance

 

 

 

 

Beatriz Esteves (beatriz.gesteves@upm.es), Víctor Rodríguez-Doncel: Ontology Engineering Group, Universidad Politécnica de Madrid, Spain

Harshvardhan J. Pandit: ADAPT Centre, Trinity College Dublin, Ireland

Nicolas Mondada, Pat McBennett: Inrupt, Inc., US

 

Abstract

 

This demo shows an ODRL editor where RDF policies can be defined and enforced to grant access to personal data stored in Solid Pods.

Policies are represented using OAC, the ODRL profile for Access Control, which allows the definition of complex, fine-grained permissive and prohibitive policies that are aligned with GDPR requirements regarding the processing of personal data.

In addition, a second demonstrator is presented to simulate an app's request for data and examples of policies and consent record modelling are showcased.

 

 

Paper GitHub repo

 

 

Video presenting the Solid demonstrators

 

 

 

 

 

 

Other resources

 

In this demo, ODRL is used to define access control policies for the governance of access to resources stored in Solid Pods.

In particular, we leverage our previous work, related to the specification of OAC, an ODRL profile to express consent through granular access control policies in Solid, and on DPV, to invoke specific privacy and data protection terms.

 

ODRL Recommendation DPV specification OAC Profile

 

 

Speed demo