15
Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben Giles.hogben @ jrc . It European Commission Joint Research Center

Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Embed Size (px)

DESCRIPTION

Introduction: Use cases P3P (Platform for Privacy Preferences) 1.0 Supports all necessary features plus –Policy views –Loadable data schemas –Draggable Policy Reference File creation

Citation preview

Page 1: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Application Report: An extensible policy editing API

for privacy and identity management policies

Giles HogbenGiles.hogben @ jrc . It

European Commission Joint Research Center

Page 2: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

What’s this talk about

• An open source policy editor built by JRC• Initial conception for editing P3P 1.0 and

P3P 1.1 policies• Design now extended to editing of

semantic web privacy policies used in PRIME ( http://www.prime-project.eu.org )

• Further extensibility features built into design

• Hence we call it a Policy Editing API

Page 3: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Introduction: Use cases

• P3P (Platform for Privacy Preferences) 1.0Supports all necessary features plus– Policy views– Loadable data schemas– Draggable Policy Reference File creation

Page 4: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

P3P 1.1

– Supports user agent guidelines through XML specification of user agent strings

– Support for incorporating new data schema format

– Abstraction of policy/resource mappings makes it easier to adapt to new Policy Reference File features

Page 5: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

PRIME RDF policies (XACML style)

• Enterprise access control rules for• Client preference rules• RDF + OWL policies rules• Supports OWL data schemas• Supports RDF resource bindings• Flexible statement model

Page 6: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Generalizing the process of privacy/IDM policy editing

Page 7: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Resource-Policy association

API extensible through•Abstract representation of resources

•Format-independent Policy tree

•Abstract representation of mappings

Page 8: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Resource-Policy association

API extensible through•Support for semantic web RDF resources

•Query based representation of resources

Page 9: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Statement editor

API extensible through•Abstract representation of statements

•Separation between business objects (Statements) and display

•XPath and RDQL view description

•Extensible to ordering operations

Page 10: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Statement definitionAPI extensible through•XML definition of HR descriptions

•Abstract definition of statement attributes

•Definition based on standardized queries over schema definitions

Page 11: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Data Type Picking

API extensible through•Loadable data schemas of different types (currently support implemented for OWL and P3P 1.0)

•Standardized abstract definition of a data type

•Adapter classes for JTree representation

Link to Demo

Page 12: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Data Type Picking – Extensibility example

Link to Demo

Page 13: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Policy Views and legal hints

API extensible through•Use of XSLTs

•Support for rdf reasoning for legal hints view

Page 14: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

Where to get it

• Currently still development• We plan to publish code on sourceforge

within 6-8 months.• Please send me email if you would like to

be informed of developments or to access code in its current state

• Giles dot hogben at jrc dot it.

Page 15: Application Report: An extensible policy editing API for privacy and identity management policies Giles Hogben jrc. It European Commission

????