Master theses

In recent years, Personal Data Stores (PDS) and dataspaces have emerged with the aim to provide data control and data sovereignty for their users. One such PDS technology is Solid, introduced by Sir Tim Berners-Lee, the inventor of the Web. It is a protocol that promotes data re-use and interoperability by decoupling applications from storage. To provide control over the resources in the storage, access control policies are employed, specifying who can perform which actions on particular resources. Unfortunately, this does not take into account what happens after a given action is performed or why that action was performed. In order to handle this, Solid requires usage control enforcement. This requires a policy language capable of expressing usage control policies and an extension to the Authorization mechanism to enforce these policies and to monitor whether the data is still allowed to be used. The Community Solid Server, which implements the Solid Protocol, has been extended to support the User-Managed Access (UMA) protocol. As a result, we now have a resource server for serving resources and an authorization server that decides whether those resources can be accessed.

The goal of these theses is to extend an interoperable Authorization Server. Concretely, this entails picking one of the open challenges of decentralized usage control enforcement and incorporating that aspect in the Authorization Server.

• Monitoring capabilities: Ensuring that the conditions for access over the data are still met
• Legal alignment: Ensuring that the configured usage control policies are aligned with GDPR
• Explainability: How can non-experts understand and/or create policies in a manner they understand the consequences
• Scalability: Creating a usage control benchmark - estimating the needs on computation and storage, and the limits of how long policies can be trusted.