7 research outputs found
Modelling the General Data Protection Regulation
The new EU General Data Protection Regulation (GDPR) will soon replace the older data protection directive. Currently, the knowledge to comply with the regulation is only available in a human-readable format. If this knowledge is translated into machine-readable rules then computer based systems can ease data protection information retrieval as well as the process of checking GDPR compliance. In this paper, we model the obligations defined in the GDPR and then translate the model into a machine readable format by extending the Open Digital Rights Language (ODRL) ontology. The model is, in turn, used for a compliance checking tool
ECLAP 2012 Conference on Information Technologies for Performing Arts, Media Access and Entertainment
It has been a long history of Information Technology innovations within the Cultural Heritage areas. The Performing arts has also been enforced with a number of new innovations which unveil a range of synergies and possibilities. Most of the technologies and innovations produced for digital libraries, media entertainment and education can be exploited in the field of performing arts, with adaptation and repurposing. Performing arts offer many interesting challenges and opportunities for research and innovations and exploitation of cutting edge research results from interdisciplinary areas. For these reasons, the ECLAP 2012 can be regarded as a continuation of past conferences such as AXMEDIS and WEDELMUSIC (both pressed by IEEE and FUP). ECLAP is an European Commission project to create a social network and media access service for performing arts institutions in Europe, to create the e-library of performing arts, exploiting innovative solutions coming from the ICT
Contribution à la modélisation des données spatio-temporelles
Rapport de recherche en modelistion spatio-temporelle impliquant divers technologies incluant les bases de données spatiales, les systèmes d'information géographiques participatifs, le web sémantique, les ontologies spatiales, la knowledge discovery et les réseaux des capteurs sans fils
First International Open Digital Rights Language (ODRL) Workshop
peer-reviewedSoftware license management is currently expanding from its traditional
desktop environment into the mobile application space, but software vendors are still
applying old licensing models to a platform where application rights will be specified,
managed and distributed in new and different ways. This paper presents an open-source
pervasive application rights management architecture (PARMA) for fixed network and
mobile applications that supports the specification of application rights in a rights
expression language (REL) based on ODRL. Our rights specification model uses aspectoriented
programming to generate modularized rights enforcement behaviour, which
reduces development time for rights models such as feature-based usage rights and
nagware. PARMA manages vendor and customer application rights over multiple
platforms using a web services architecture and a container model on the client-side. The
container model also supports the integration of services such as payment and
encourages the super distribution of the rights object with associated default (evaluation)
rights
Pervasive Application Rights Management Architecture
This dissertation describes an application rights management architecture that combines
license management with digital rights management to provide an integrated platform for the
specification, generation, delivery and management of application usage rights for pervasive
computing environments. A new rights expression language is developed, extended from the
existing language, ODRL, which allows the expression of mobile application usage rights
and supports fine-grained usage models. An audit-based usage rights model is introduced
to support application usage without requiring immediate network availability. Rights are
designed to be enforced on the device itself, without the need for communication with a
server for every validation, realising the goal of reduced wide-area communications by mobile
devices. The addition of the rights enforcement source code to the original application is
facilitated using aspect-oriented programming and is performed at the license management
server rather than by the developer. Back-end license management services, hosted by the
application vendor, and/or enterprise customer, are based on web services so they can deliver
applications and licenses to any client device that supports SOAP and/or HTTP(S) protocols
and provide an integrated platform for management of licenses on both desktop and mobile
devices.
The thesis was motivated by the lack of suitable usage right management systems for the
emerging pervasive environments. Pervasive computing devices include handheld computers,
personal digital assistants, mobile phones, pagers, and others, and are generally characterised
by mobility, occasional network connectivity, constrained resources, and, in the case of mobile
phones, unique hardware identification by an IMEI number. Communication via wide-area
network is available in the mobile environment but is still costly when compared to fixed
networks. However, mobile devices can communicate using a variety of free short-range
protocols, such as Bluetooth, Infrared, and 802.11.
Software applications running on pervasive computing devices are generally licensed using
software License Management Systems (LMS), distributed software architectures that manage
software licenses throughout their life-cycle, or Digital Rights Management (DRM) systems,
systems that specify and enforce usage rights on copyrighted information. Both these types of systems are originally developed for desktop devices in the fixed network environment.
Existing LMS assume constant network connectivity present in LANs and require network
connections for license validation and enforcement. This assumption can not be made in
pervasive environments because network connectivity is only occasional and often costly.Existing LMS assume constant network connectivity present in LANs and require network
connections for license validation and enforcement. This assumption can not be made in
pervasive environments because network connectivity is only occasional and often costly.
Existing LMS also require the addition of calls to a licensing API in the licensed application?s
source code. This increases the application development time, as it is performed by the
application developer, and it requires knowledge of licensing APIs.
DRM systems that are used to manage usage rights on applications do not require a network
connection or knowledge of proprietary APIs, however they are primarily designed for
management of usage rights on content. As DRM systems treat applications and content in
the same manner, they fail to support fine-grained usage models for applications. License
validation and enforcement for an application is performed only once, on application loading,
but license enforcement needs to be performed throughout the application execution to
support flexible usage models such as feature-based, audit-based, and metered usage models.
A pervasive license management system should overcome the limitations of the existing
DRM and desktop LMS when deployed in pervasive computing environments. It should
minimize the amount of wide area network traffic to reduce overhead costs introduced by the
licensing system. It also requires usage rights models that do not make the assumption of an
immediate network connection, to account for the occasional connectivity of mobile devices.
A variety of application usage models should be supported so users can choose the best value
model. Also, this system should provide a central point for managing all of the licensed
software to support enterprise customers, whether it runs on mobile or desktop devices, and
integrate easily within other enterprise services, such as payment or asset management. The
architecture described in the thesis is designed to meet all of these requirements.
This thesis is a part of the PARMA project that provides a full usage rights architecture.
A rights expression language, usage rights servers and a means of integration of usage rights
in applications are provided in this thesis, while a client usage right enforcement architecture
is provided by the remaining parts of the project
Digital Rights Enforcement for Pervasive Computing Applications
Increasingly, application software is expanding from the desktop into mobile application environments,
such as handset devices and embedded systems which are more limited in resources and volatile in their
network connectivity. An integrated architecture that can protect intellectual property for both types
of environments should offer the promise of reduced software maintenance costs. Software licensing is
an existing mechanism by which specific license agreements are enforced between a software provider
and the users of the software. Usually, the license terms are activated by a unique activation code
delivered to the user. Digital Rights Management (DRM) is a more recent development that covers
the description, identification, trading, protection, monitoring, and tracking of all forms of rights usage
over both tangible and intangible assets. This includes the management of Rights Holder relationships
with the help of special purpose rights expression languages (REL). Both, software licensing and DRM
approaches have failed to address the new challenges posed by protecting intellectual property for mobile
application software. This thesis, therefore, proposes a solution to merge the best of both approaches for
the special case of application software rights enforcement. It is targeted to mobile computing platforms
to meet the challenges in that area.
Existing distributed software licensing systems were originally designed for fixed network applications
and typically assume the immediate availability of a network connection to verify and validate rights with
a rights server. Yet, this approach is not feasible for mobile environments, because of occasional connected
network characteristics. Moreover, software licensing systems do not implement an existing standard for
the description of license terms which cause interoperability issues with asset management software. The
focus of the DRM community to date has been on rights management for media content, which has
left many issues unresolved for the specific case of rights management for application software.The
difficulties of developing an all-encompassing DRM solution for the media industry has left standards based
work on the enforcement of rights for application software under-specified. This is mainly because
the media industry requires a broad consensus of hardware and software manufacturers to implement
an agreed standard, whereas application software does not require runtime support of the underlying
hardware or any third party applications.
The existing rights expression languages supported by DRM systems lack the support for the explicit
specification of application-level features. Existing usage-based restrictions on digital work usually
include display, print, play, and execute permissions. Also, the assumption of immediate or constant
network connectivity to a rights management server cannot be made for the validation and enforcement
of rights on a pervasive computing platform, because factors such as network unavailability have to be
anticipated. Therefore, the introduction of more flexible rights models for occasionally connected mobile
environments is required. This is achieved through the specification and implementation of novel rights
models, such as audit-based and feature-based models.
The introduction of these flexible rights models poses new challenges to designing an enforcement
architecture for pervasive environments. The enforcement architecture has to deal with resource constraints
on mobile devices, such as limited memory and processor power, while at the same time provide
an extensible set of APIs so that it can be adapted for different computing platforms.
This thesis proposes a solution to enforce and deliver application software rights implemented in
a generic enforcement framework, based on an extended version of the Open Digital Rights Language
(ODRL), called PARMA REL, that accounts for the characteristics of applications in pervasive environments.
In particular, the architecture supports the enforcement of audit-based and feature-based rights
models. While the architecture in this thesis has specific support for mobile environments, it has also
been designed to operate in a fixed network environment. A further contribution of this thesis is to
present a pervasive application rights enforcement framework which does not make any assumptions on
the target platform by basing the design on the dependency inversion and Hollywood principles. The
architecture is designed in a way that decouples functional and rights enforcement logic. It supports the
association of rights with application-level features by leveraging aspect-oriented software engineering
techniques to weave the enforcement as an orthogonal service into any existing J2ME, J2SE, or J2EE
application. This makes it possible to restrict access to certain modules at runtime. Developer support
is provided by tools to generate aspects based on the rights description and the target platform. Furthermore,
a MDA-oriented development process is introduced to cover the generation and weaving of rights
into the application in a non-intrusive manner.
Consequently, the rights models designed for pervasive computing environments combined with the
flexible enforcement architecture enable the enforcement of rights of applications in new, sophisticated
and standard-compliant ways. The enforcement architecture is evaluated with respect to the ability
to adapt to different platforms, to operate in resource-constrained environments, and to guard against
potential attacks. Also the execution and runtime overhead of the enforcement logic is evaluated and
the architecture is compared with existing enforcement architectures. The enforcement architecture is
implemented for two platforms, J2ME and J2SE