PL is a low-complexity profile of OWL2, expressly designed to encode data usage policies and personal data protection regulations - such as the GDPR - in a machine understandable way. With PL, the compliance of privacy policies with the GDPR and with the data subjects' consent to processing can be checked automatically and in real time. In this paper, we extend PL to support”sticky policies”. They are a sort of license that applies to data transfers, and specifies how the recipient can use the data. Sticky policies may be”recursive”, i.e. they may apply not only to the first data transfer, but also to all subsequent transfer operations that the (direct or indirect) recipients may execute in the future. Recursive sticky policies can be encoded with fixpoints or transitive role closure. In this paper we prove that such extensions make compliance checking intractable. Since the scalability of compliance checking is a major requirement in this area, these results justify a specialized, polynomial-time approach to encoding sticky policies.
Sticky Policies in OWL2: Extending PL with Fixpoints and Transitive Closure / Bonatti, P. A.; Sauro, L.. - (2022), pp. 73-80. ( 19th International Conference on Principles of Knowledge Representation and Reasoning, KR 2022 Haifa, Israel July 31 - August 5, 2022) [10.24963/kr.2022/8].
Sticky Policies in OWL2: Extending PL with Fixpoints and Transitive Closure
Bonatti P. A.;Sauro L.
2022
Abstract
PL is a low-complexity profile of OWL2, expressly designed to encode data usage policies and personal data protection regulations - such as the GDPR - in a machine understandable way. With PL, the compliance of privacy policies with the GDPR and with the data subjects' consent to processing can be checked automatically and in real time. In this paper, we extend PL to support”sticky policies”. They are a sort of license that applies to data transfers, and specifies how the recipient can use the data. Sticky policies may be”recursive”, i.e. they may apply not only to the first data transfer, but also to all subsequent transfer operations that the (direct or indirect) recipients may execute in the future. Recursive sticky policies can be encoded with fixpoints or transitive role closure. In this paper we prove that such extensions make compliance checking intractable. Since the scalability of compliance checking is a major requirement in this area, these results justify a specialized, polynomial-time approach to encoding sticky policies.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
