Ontology specifies the unambiguous concepts in a well-defined format for agents to process and un-derstand. We have ontology languages, such as RDF(S) and OWL, to provide a well-defined stan-dardized vocabulary to specify the concept and relationship of an ontology. Rule languages based on a (declarative) datalog rule, such as RuleML and RIF, can further enhance the expressive power of the ontology language to enforce information querying, updating, and communication related ac-tions [Boley et al., 2007].
6.1 Semantic REL as an O + R combination
Ontologies and rules based on logic foundations, i.e. description logic (DL) and logic program (LP) are primary knowledge representations. Ontologies based on DL are a subset of FOL that represents the shared knowledge domain of concepts and roles. On the other hand, rules based on datalog of LP are also a subset of FOL with the expressive power to overcome the limitations of ontology. Furthermore, reactive rules provide additional power, such as event acceptance and action trigger to enable data communication and updating operations [Berstel et al., 2007].
We propose a unifying semantic model of REL in license agreement and web protection policies for the verification of access rights permission in the DRM system (see Figure 2)
The benefits of using O + R combination as the semantic model of REL are shown as follows:
• More expressive power for the semantics representations from ontologies and rules.
• Standardized web-enabled ontology language and rule language are possibly available for agents to automatically process license agreements and policies without facing semantics ambiguity.
• A flexible and scalable reasoning engine are available from DL and LP for executing the privacy protection policies in the DRM system.
The important criteria for using an O + R combination as a semantic model of REL are shown as follows:
Figure 2: A unifying semantic model of REL from FOL, LP, RELs for license agreements and access control policies
• To use an O + R combination which has a decidable computation fragment. Otherwise, we might not be able to obtain an answer for every rights permission query.
• To decide what semantic expressions of REL are from ontologies and rules.
• To resolve the semantic assumption of difference between ontologies and rules. DL-based ontology is an open world assumption (OWA) but an LP-based rule is a closed world assumption (CWA).
This difference has side effects on the decision of protection policy when enforced.
• To have a bi-directional or a directional information flow from ontologies to rules. In a uni-directional case, concepts and properties in the ontology are used to specify unary and binary predicates in the rules. In a bi-directional case, reaction rules provide the updating of the facts, e.g. ABo§ for the ontology.
There are two types of O + R combinations [Eiter & Ianni, 2008]: homogeneous (tight) integration and heterogeneous (loose) integration. DLP [Grosof et al., 2003], SWRL [Horrocks et al., 2005], and OWL 2 RL [Grau et al., 2008] are a type of tight O + R integration. DLP is too restricted to use for ontology and in the license agreements and web policies. On the other hand, SWRL might have a fragment of undecidable computation on the decision of rights permission unless we request that all
of the rules satisfy the DL − Safe condition2. Another OWL 2 RL [Hitzler et al., 2010] is an emerging O + R combination, and thus needs further study.
AL-log [Donini et al., 1998] and DL-log are O + R heterogeneous combinations. AL-log has decid-able computation to answer a request of license or privacy rights. AL-log is based on Attribute Language with Complements (ALC) of the DL-based ontology for monotonic (positive) recursive DL − Safe dat-alog rules. The other is DL-log, which has a decidable computation from the decidable DL-based ontologies and non-monotonic, recursive DL − Safe datalog rules [Rosati, 2006]. In this study, we use a SWRL-based O + R combination with the satisfaction of DL − Safe conditions to avoid the undecidable computation of decisions for each request for license or privacy rights.
6.2 A unifying semantic model of REL
The future of online privacy will be closely linked to copyright enforcement in the DRM system [Feigenbaum et al., 2002]. In the past, personal information and digital traces could be easily collected and a dossier of the user’s preferences could be built by the DRM system. In order to avoid information disclosure without a user’s awareness and agreement, we propose a unifying semantic model of REL based on a SWRL-based O + R combination, where the features of privacy protection can be incorpo-rated into the DRM system (see [Cohen, 2003]). This unifying semantic model of REL is used to resolve the rights protection dilemma between privacy protection and content usage control in the DRM system (Figure 3). In this unifying semantic model, the abstract concepts for describing the enforcement of content usage rights under certain conditions with corresponding obligations are modeled as ontologies.
Furthermore, the criteria for privacy rights protection, such as purpose, action, data, datauser, and obligation are also considered and incorporated into the rule module of the DRM system. The access control web policies to enforce the digital usage rights and the protection web policies for a DRM user’s privacy rights are integrated together to avoid the possible right protection conflicts between these two systems.
Figure 3: A unifying semantic model of REL shown as a O + R combination in a license agreement and access control policies to avoid the possible conflicts of content usage and privacy protection rights in the DRM system
2All variables in each rule must appear in at least one of the datalog predicates, i.e., not predicates directly adopted from ontology for the rule’s pre-conditions (or body).
6.3 The compromise of rights protection
In the EPAL data model a 5-tuple, i.e., (user, data, purpose, right, obligation) is used as the set of attributes for privacy protection policies [Karjoth & Schunter, 2002]. The use of a 5-tuple indicates that a particular type of users ask for data achieving a purpose with a certain right(s) and obligation(s).
In a standalone semantics-enabled privacy protection system, web protection policies for privacy are en-forced as verifying the satisfaction of constraints for data user, data type, purpose, rights, and obligation in the ontologies and rules. When we consider enforcing privacy protection rights and content usage rights in the DRM system, we do not directly combine the privacy protection system and the DRM system because this would entail more research on the merging and aligning of ontologies and rules in the heterogeneous systems.
The easiest way to resolve a rights protection dilemma for privacy and content usage is to incorporate a user’s privacy rights in the DRM system (see Figure 3). In our unifying semantic model of REL, we allow a content user to specify privacy protection rights unambiguously in the semantics-enabled privacy protection web policies. A user’s privacy rights are ensured when the user asks for usage rights to digital content because a user’s profile and digital trace usage permission are modeled as a pre-condition of the rules, acting as an extra constraint of execution access control policies in the DRM system.
We extend our previous SWRL-based semantics-enabled DRM system to grant a content user pri-vacy and fair use rights in the DRM system [Hu, 2007] [Hu et al., 2008]. We first request that the content distributor fulfill fair use statutory rights of the copyright law, i.e., allowing a content user to reuse his or her copyrighted digital contents in certain unrestricted ways for the purposes of teaching and research. Then, we require the content distributor to abide by a content user’s opt-in and opt-out privacy rights. The data usage policy forces the distributor to comply with privacy protection laws on collecting, using, and disclosing of each user’s profile and digital trace.