Usage Restriction Management for Accountable Data Transfer on the Web

We describe a novel way of usage management using a infrastructure that enables accountability on the Web at the protocol level. The protocol, HTTPA (Accountable Hyper Text Transfer Protocol), requires the data producer and the data consumer to come to an agreement before the data transfer, enabling both parities will be held accountable for the agreement they had entered into. The data consumer will express the intentions of data access and usage, whereas the data producer will express the usage restrictions on the data. This data transfer is facilitated by a trusted third party “Provenance Controller” in an “intentions and usage restrictions handshake”. The sender/data producer will evaluate to what extent the usage restrictions match the data consumer’s intentions. If they match, the data consumer is granted access to the data; else she is notified of the mismatched components. This protocol cannot prevent the unauthorized reuse of data, but rather it can be used to develop accountability mechanisms that will identify violators allowing them to be held them accountable for data they inappropriately consumed and served.

[1]  Lalana Kagal,et al.  Access Control is an Inadequate Framework for Privacy Protection , 2010 .

[2]  Kent E. Seamons,et al.  Or Best Offer: A Privacy Policy Negotiation Protocol , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[3]  Lalana Kagal,et al.  Gasping for AIR Why we need Linked Rules and Justifications on the Semantic Web , 2011 .

[4]  Ravi Kumar,et al.  A characterization of online browsing behavior , 2010, WWW '10.

[5]  Erik Wilde,et al.  Geolocation privacy and application platforms , 2010, SPRINGL '10.

[6]  Bhavani M. Thuraisingham,et al.  Inferring private information using social network data , 2009, WWW '09.

[7]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[8]  Erik Wilde,et al.  Simple Policy Negotiation for Location Disclosure , 2010 .

[9]  James A. Hendler,et al.  N3Logic: A logical framework for the World Wide Web , 2007, Theory and Practice of Logic Programming.

[10]  Butler W. Lampson,et al.  Usable Security: How to Get It , 2009 .

[11]  Oshani Seneviratne,et al.  Policy-Aware Content Reuse on the Web , 2009, International Semantic Web Conference.

[12]  Lalana Kagal,et al.  Enabling Privacy-Awareness in Social Networks , 2010, AAAI Spring Symposium: Intelligent Information Privacy Management.