Authors:
Gianpiero Costantino
;
Fabio Martinelli
;
Ilaria Matteucci
and
Marinella Petrocchi
Affiliation:
Consiglio Nazionale delle Ricerche, Italy
Keyword(s):
Data Sharing Rules, Policy Analysis and Conflict Detection, Performance Evaluation.
Related
Ontology
Subjects/Areas/Topics:
Information and Systems Security
;
Privacy Enhancing Technologies
Abstract:
An electronic Data Sharing Agreement (DSA) is the machine-processable transposition of a traditional paper contract regulating data sharing among different organizations. DSA conveys different information, like the purpose of data sharing, the parties stipulating the contract, the kind of data, and a set of rules stating which actions are authorized, prohibited, and obliged on such data. Possibly edited by different actors from various perspectives - such as the legal and the business ones - a DSA could quite naturally include conflictual data sharing rules: the same data access request could be permitted according to some rules and denied according to others. Starting from the DSA definition, this paper describes the design of a DSA analysis framework and the development of the associated analysis tool. The DSA-Analyser proposed here evaluates the DSA rules by simulating all the possible contextual conditions, which may occur at access request time and which are linked to the vocabu
lary associated to the rules themselves. The output of the tool conveniently guides the editor, pointing to those rules, which are potentially conflicting, and highlighting the reasons leading to those conflicts. We have experimented the DSA-Analyser performances in terms of execution time, by varying the number of rules in the DSA, as well as the terms in the DSA vocabulary. Our findings highlight the capability of the analyser to deal with hundreds of rules and dozens of contexts in a reasonable amount of time. These results pave the way to the employment of the analyser in a real-use context.
(More)