The overall use case that motivates this position paper is a privacy-enabled identity management system using semantic web technologies. By this, we mean a system that uses a set of RDF-based languages to
* exchange instance data - often personal information - between clients and services
* express client-side preferences
* express contextual and assurance requirements
* express service-side policies
* express the agreements reached between clients and services
* express the obligations that arise from these agreements.
In discussing rule use cases and requirements, this position paper focuses on those requirements that are characteristic to the privacy-enabled identity management problem.
Both preferences and policies can be cast in rule-like semantics, as both deal with conditions about what is acceptable, and what is not. In general two categories of rules are of relevance: inference rules and reactive rules.
Specifically, we want to make a case for reactive rules in the context of privacy management. ECA reactive rules (Event-Condition-Action rules) are required to express access control policies, assurance policies and obligation policies. As a significant example we consider privacy obligations. Privacy obligations fit the reactive rule pattern: they define data lifecycle management practices including supported handling policies and under what conditions certain actions have to be taken.JRC.G.6-Sensors, radar technologies and cybersecurit