Contextual Inputs for ODRL Evaluators

Note: Key publications that contributed to this work: Esteves et al., 2025, 'Capturing Requests and Context for ODRL-based Access and Usage Control'.

1. Introd­uction

The Open Digital Rights Language (ODRL) is a W3C standard for policy expression. It is composed by two Recommendations:

• A model [ODRL-model], and

• A vocabulary [odrl-vocab]

which can be used to represent rules over the usage of digital assets.

The Recommendations only standardised the representation of policies, leaving their enforcement out of scope. As such, a recent effort is being led by the W3C ODRL CG to create an ODRL formal semantics specification [odrl-formal-semantics], with the goal of specifying "the expected behaviour of an ODRL Evaluator, a piece of software that performs computations based on a set of policies, a request and a certain state of the world."

In this context, this specification provides a vocabulary to represent the necessary inputs of an Evaluator, which are not standardised in ODRL, i.e., the State of the World (SotW) and the Evaluation Request.

1.1. Terminology

ODRL Compliance Report

A vocabulary that is used to elaborate the result of an evaluation of an ODRL Policy, an Evaluation Request and the State of the World. It elaborates not only whether a rule from a policy is active, but also why.

ODRL Evaluator

A system that determines whether the Rules of an ODRL Policy expression have meet their intended action performance.

State of the World

Knowledge representing real-world information aiding the evaluation of ODRL Policies.

Evaluation Request

Formal description of a requested action by an assignee on a target asset, which can be enriched with further contextual information.

1.2. Namespaces

Commonly used namespace prefixes used in this specification:

@prefix dcterms: <http://purl.org/dc/terms/> .
@prefix dpv:     <https://w3id.org/dpv#> .
@prefix ex:      <http://example.org/> .
@prefix odrl:    <http://www.w3.org/ns/odrl/2/> .
@prefix rdf:     <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix report:  <https://w3id.org/force/compliance-report#> .
@prefix sotw:    <https://w3id.org/force/sotw#> .
@prefix xsd:     <http://www.w3.org/2001/XMLSchema#> .

2. Evaluation Request

An ODRL Evaluator requires an Evaluation Request as input. An Evaluation Request represents a formal description of a requested action. In cases where a request is not being made, e.g., during a policy monitoring scenario, an empty Evaluation Request should be provided as input to the ODRL Evaluator.

The Evaluation Request MUST contain the following properties:

• dcterms:issued: The time of the request.

• requestedAction: The action to be evaluated (e.g., odrl:use, odrl:read, odrl:modify).

• requestingParty: The party (e.g., person or organization) requesting the action.

• requestedTarget: The asset (e.g., file, document, data, service) on which the action is to be performed.

Additional contextual information can also be included in the Evaluation Request, e.g., a purpose for exercising the requested action. The context property MAY be used to associate an EvaluationRequest with ODRL constraints that include this additional contextual information.

For instance, if Alice, ex:alice, requests to translate the asset ex:document-1234 into French or Dutch, the EvaluationRequest in the example below must be presented to an ODRL evaluator to determine whether this request is permitted or not.

ex:request a sotw:EvaluationRequest ;
    dcterms:issued "2024-02-12T11:20:10.999Z"^^xsd:dateTime ;
    sotw:requestedAction odrl:translate ;
    sotw:requestingParty ex:alice ;
    sotw:requestedTarget ex:document-1234 ;
    sotw:context [
        a odrl:Constraint ;
        odrl:leftOperand odrl:language ;
        odrl:operator odrl:eq ;
        odrl:rightOperand "fr"
    ] .

3. State of the World

The ODRL Evaluator requires a formal representation of the state of the world. The state of the world specifies knowledge representing real-world information that aids the evaluation of ODRL Policies. For example, a certain state of the world may include the current date and time, the location of agents, or the history of performed actions.

This document aims to provide a formal representation for the state of the world concepts that are necessary to evaluate ODRL policies, without forcing the usage of existing vocabularies, e.g., country codes can be modelled using the ISO 3166 [iso3166] and UN M49 [un-m49] standards. RDF triples to represent the state of the world may be generated as observations from the world generated by third parties or by the ODRL Evaluator itself.

As such, in this document, we aim to provide a minimal set of information that needs to be represented in the state of the world and respective definitions, which will be formally represented in an RDF vocabulary:

• SotW: Knowledge representing real-world information aiding the evaluation of ODRL Policies;

• currentTime: Denotes the current time of the state of the world;

• currentLocation: Denotes the current location of an ODRL party;

• assetCollection: Denotes an asset that is part of an ODRL asset collection;

• partyCollection: Denotes a party that is part of a ODRL party collection;

• existingReport: Denotes existing reports from previously performed ODRL evaluations, i.e., to get history of attempted and performed actions;

• count: Denotes the amount of times a rule has been exercised;

• event: Denotes information about an event that has occurred, e.g., when it has occurred;

• accumulatedTime: Denotes an accumulated amount of time a rule has been exercised;

• recipient: Denotes information about a recipient of a rule that has been exercised;

• paidAmount: Denotes information about a performed financial payment;

Since we do not wish to force the usage of certain vocabularies or resources to represent certain state of the world concepts, in particular for the specification of locations, recipients and events, their range is kept open to use URIs and/or strings.

As an example, to evaluate a certain request, the ODRL evaluator requires information on the location of the requesting party, as well as on the recipient to which the asset is going to be transferred. The example below showcases how such SotW can be modelled, by using the ISO 3166 standard [iso3166] to represent the location and the DPV term [dpv] AcademicScientificOrganisation to specify which type of recipient the ex:recipient instance is.

ex:sotw a sotw:SotW ;
    sotw:currentLocation <https://www.iso.org/obp/ui/#iso:code:3166:BE> ;
    sotw:recipient ex:recipient .

ex:recipient a dpv:AcademicScientificOrganisation .

For time-related, or numeric-bound, terms, such as the current or accumulated time, and the count and paid amount terms, dateTime, duration, integer and decimal literals are expected to be used, though further information can be added if necessary through the usage of other vocabularies.

The example below demonstrates a SotW representation that contains a performed payment, where beyond the expected decimal value to represent the paid amount, DBpedia [dbpedia] is used to represent the currency in which the payment was made.

ex:sotw a sotw:SotW ;
    sotw:paidAmount ex:payment .

ex:payment rdf:value "5.0"^^xsd:decimal ;
    <https://dbpedia.org/ontology/currency> <http://dbpedia.org/resource/Euro> .

Moreover, to denote the memberships of party and asset collections, and as prescribed by the ODRL standard, the odrl:partOf property is used to assert that a certain party/asset is a member of a certain party/asset collection. Considering an example in which a policy states that “Only members of Team A are allowed to read file X”, to evaluate such a policy, the SotW needs to inform the ODRL evaluator on which team members belong to Team A. With the SotW represented below, Alice, ex:alice, is allowed to read file X since she belongs to Team A, ex:teamA.

ex:sotw a sotw:SotW ;
    sotw:partyCollection ex:alice .

ex:alice odrl:partOf ex:teamA .

To represent information related to attempted and/or performed actions, e.g., to understand whether a certain duty has been fulfilled or a prohibited action performed, we propose the usage of reports modelled with the compliance report vocabulary. This vocabulary is the state of the art resource for elaborating the output of an ODRL evaluation, since it contains the terms to describe the attempt and performance state of actions related to rules.

The example below presents an existing report in which a duty, ex:duty, which states that party A needs to compensate party B, was performed, as indicated by the report:Performed concept, and, since this duty is active, as indicated by the report:Active concept, it was fulfilled by party A. If such a duty is a precondition for the execution of a permissive rule, e.g. the compensation duty needs to be fulfilled so party A can have access to a resource X, such a report needs to be provided in the SotW to the ODRL evaluator so that it has a way to check whether the duty has actually been performed.

ex:sotw a sotw:SotW ;
    sotw:existingReport ex:report .

ex:report a report:PolicyReport ;
    dcterms:created "2024-02-12T11:20:10.999Z"^^xsd:dateTime ;
    report:policy ex:policy ;
    report:ruleReport ex:dutyReport .

ex:dutyReport a report:DutyReport ;
    report:rule ex:duty ;
    report:activationState report:Active ;
    report:performanceState report:Performed ;
    report:deonticState report:Fulfilled .

ex:duty a odrl:Duty ;
    odrl:action odrl:compensate ;
    odrl:assigner ex:partyB ;
    odrl:assignee ex:partyA .

4. Supporting Materials

• FORCE: https://w3id.org/force

• ODRL Compliance Report: https://w3id.org/force/compliance-report

  • repo: https://w3id.org/force/compliance-report/repo

• ODRL test suite: https://w3id.org/force/test-suite

  • repo: https://w3id.org/force/test-suite/repo

• GitHub repository for our ODRL Evaluator implementation: https://w3id.org/force/evaluator