[Odrl-version2] RE: ODRL-Version2 Digest, Vol 12, Issue 3

Susanne Guth Susanne.Guth at gmx.net
Mon Jan 30 10:11:17 EST 2006 

Vicky,

thanks for your comprehensive comments. I would like to raise only one
issue: 

I also think, that solely prohibitions may cause problems. Not so much
because they conflict with permissions (some intelligent rule based DRM
software would have to handle it) but with the simple reason, that
prohibitions are hard to implement these days.

All access control software I know does not on the basis of prohibitions but
permissions. You can easily implement: the person p may read and edit the
file f. But it is not easy to unambigously implement: person p may do
everything but edit. 

If the only two possible rights are "read" and "edit" than the software
could conclude that p may read. But what if the access rights are extended
to "read", "edit", and "delete" ?

However, I think we need to offer prohibitions, because ODRL is working on a
higher level and we have concrete applications like the CC profile.

So long
Susanne

P.S. Next, I will try to read your paper.. but I really have a hard time
reading your stuff.. it doesn't have sw architectures, XML or Java code in
it ;)


> 
> (3) I'm concerned that your interpretation of permitting/prohibiting
> agreements is problematic.  To see why, suppose that Alice is a faculty
> member of Univ. of Cape Town and a citizen of South Africa.  The
> university
> writes two agreements, the first allows faculty members to "checkout" a
> library resource for 6 months and the second allows any citizen of South
> Africa to put in a request for a library resource (which is then reviewed
> and
> acting on accordingly).  The two agreements are in conflict, because the
> first forbids Alice to request a resource, since she is faculty and not
> explicitly permitted in the first agreement, and the second permits Alice
> to
> make the request, since she is a citizen of Cape Town.  In general, I
> suspect
> that conflicts are likely to arise unless, for each principal p, there is
> at
> most one agreement that permits (or denies) rights to p.  An obvious
> solution
> is to remove implicit assumptions from agreements; that is, a
> permitting/prohibiting agreement permits/forbids the actions specified
> (under
> the conditions given) and does not make any statements beyond that.   
> 


-- 
Susanne Guth
susanne at odrl.net
ODRL Initiative
http://odrl.net/

DSL-Aktion wegen großer Nachfrage bis 28.2.2006 verlängert:
GMX DSL-Flatrate 1 Jahr kostenlos* http://www.gmx.net/de/go/dsl

More information about the Odrl-version2 mailing list