-
Notifications
You must be signed in to change notification settings - Fork 0
/
ComplianceReportModel.ttl
267 lines (227 loc) · 14.6 KB
/
ComplianceReportModel.ttl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
@prefix report: <http://example.com/report/temp/> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>.
@prefix skos: <http://www.w3.org/2004/02/skos/core#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#>.
@prefix odrl: <http://www.w3.org/ns/odrl/2/>.
# classes
report:PolicyReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Policy Compliance report" ;
skos:definition "The result of an ODRL Evaluation over an odrl:Policy, the state of the world and, in case of an access control scenario, an odrl:Request.".
report:RuleReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Rule Compliance report" ;
skos:definition "The result of an ODRL Evaluation over an odrl:Rule.".
report:PermissionReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Permission Compliance report" ;
rdfs:subClassOf report:RuleReport ;
rdfs:disjointWith report:ProhibitionReport, report:DutyReport;
skos:definition "The result of an ODRL Evaluation over an odrl:Permission, the state of the world and, in case of an access control scenario, an odrl:Permission from an odrl:Request.".
report:ProhibitionReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Prohibition Compliance report" ;
rdfs:subClassOf report:RuleReport ;
rdfs:disjointWith report:PermissionReport, report:DutyReport;
skos:definition "The result of an ODRL Evaluation over an odrl:Prohibition, the state of the world and, in case of an access control scenario, an odrl:Permission from an odrl:Request.".
report:DutyReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Duty Compliance report" ;
rdfs:subClassOf report:RuleReport ;
rdfs:disjointWith report:PermissionReport, report:ProhibitionReport ;
skos:definition "The evaluation report of an odrl:Duty.".
report:PremiseReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Premise Compliance report";
skos:definition "The generic compliance report for any kind of constraints that must be satisfied in order for a rule to become active.";
rdfs:comment "There are a number of different kind of constraints (also referred to as premises) that are satisfiable within ODRL: the normal constraints (odrl:Constraint and odrl:LogicalConstraint), property related constraints (asset, party, action), ... .".
report:ConstraintReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:subClassOf report:PremiseReport;
rdfs:disjointWith report:PartyReport, report:ActionReport, report:TargetReport;
rdfs:label "Constraint Compliance report" ;
skos:definition "The result of an ODRL Evaluation over an odrl:Constraint. Extra context may be used which is found in the closed world representation of the State of the World and an odrl:Request.".
# Future work: add the requestedTarget, ruleTarget and a status whether it MATCHES, is a SUBSET or there is NO MATCH
report:PartyReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Party Compliance Report" ;
rdfs:subClassOf report:PremiseReport;
rdfs:disjointWith report:ConstraintReport, report:ActionReport, report:TargetReport;
skos:definition "The result of an ODRL Evaluation over the party of an odrl:Rule. In the case of an access control scenario, the party of the odrl:Rule of an odrl:Request is also used in the evaluation. Extra context may be used which is found in the closed world representation of the State of the World and an odrl:Request." .
report:ActionReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Action Compliance Report" ;
rdfs:subClassOf report:PremiseReport;
rdfs:disjointWith report:ConstraintReport, report:PartyReport, report:TargetReport;
skos:definition "The result of an ODRL Evaluation over the action of an odrl:Rule. In the case of an access control scenario, the action of the odrl:Rule of an odrl:Request is also used in the evaluation. Extra context may be used which is found in the closed world representation of the State of the World and an odrl:Request." .
report:TargetReport a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Target Compliance Report" ;
rdfs:subClassOf report:PremiseReport;
rdfs:disjointWith report:ConstraintReport, report:PartyReport, report:ActionReport;
skos:definition "The result of an ODRL Evaluation over the target of an odrl:Rule. In the case of an access control scenario, the target of the odrl:Rule of an odrl:Request is also used in the evaluation. Extra context may be used which is found in the closed world representation of the State of the World and an odrl:Request." .
report:ActivationState a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Rule Activation State" ;
skos:definition "The state of an odrl:Rule. This state can either be active or inactive.";
rdfs:comment "The meaning of the activation state depends on the type of rule; that is it depends on the deontic state of the given rule.".
report:Active a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Active State" ;
rdfs:subClassOf report:ActivationState ;
rdfs:disjointWith report:Inactive ;
skos:definition "The odrl:Rule is in effect. All the refinements and constraints of the rule are satisfied." ;
rdfs:comment "In effect has a different meaning that depends on the type of rule. When the state is active for permission, this means that the rule action may be performed. When the state is active for prohibition, this means that the rule action may not be performed.When the state is active for a duty, this means that the rule action must be performed.".
report:Inactive a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Inactive State" ;
rdfs:subClassOf report:ActivationState ;
rdfs:disjointWith report:Active ;
skos:definition "The odrl:Rule is not in effect. Not all of the refinements and constraints of the rule are satisfied.";
rdfs:comment "In effect has a different meaning that depends on the type of rule. When the state is inactive for permission, this means that the rule action may not be performed. When the state is inactive for prohibition or duty, no statements can be made about the rule action performance state.".
report:AttemptState a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Attempted State" ;
skos:definition "The state of whether a request attempted to perform an action of a rule." .
report:Attempted a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Attempted State" ;
rdfs:subClassOf report:AttemptState ;
rdfs:disjointWith report:NotAttempted ;
skos:definition "There is a request that attempts to perform the action of the rule." .
report:NotAttempted a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Not Attempted State" ;
rdfs:subClassOf report:AttemptState ;
rdfs:disjointWith report:Attempted ;
skos:definition "There is no request that attempts to perform the action of the rule." .
report:PerformanceState a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Rule (action) performance State" ;
skos:definition "The state of the performance of odrl:Rule. This state can either be performed or not performed";
rdfs:comment "This class is particularly interesting in the monitoring scenario. When the performance state is added, we can reason over whether the rule was allowed to be performed at that time." .
report:Performed a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Performed State" ;
rdfs:subClassOf report:PerformanceState ;
rdfs:disjointWith report:Unperformed, report:Unknown ;
skos:definition "The action of an odrl:Rule is performed.".
report:Unperformed a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Unperformed State" ;
rdfs:subClassOf report:PerformanceState ;
rdfs:disjointWith report:Performed, report:Unknown ;
skos:definition "The action of an odrl:Rule is NOT performed AND can no longer be performed.".
report:Unknown a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Performance Unknown State" ;
rdfs:subClassOf report:PerformanceState ;
rdfs:disjointWith report:Performed, report:Unperformed ;
skos:definition "The explicit state for not knowing anything about the performance state of the action of an odrl:Rule." ;
rdfs:comment "This is particulary useful in the case it is known that currently the action is not performed, but that it is still possible for the action to be performed." .
report:DeonticState a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Deontic State" ;
rdfs:definition "The deontic state for an odrl:Rule." ;
rdfs:comment "This state can be derived from the combination of the activation state, perfomance state and the deontic concept of the rule.".
report:NonSet a rdfs:Class, skos:Concept;
rdfs:isDefinedBy report: ;
rdfs:label "Non-Set State";
rdfs:subClassOf report:DeonticState ;
rdfs:disjointWith report:Violated, report:Fulfilled ;
rdfs:definition "The performance state is unknown at the time of evaluation or the combination of activation state and performance state neither complies nor contradicts the deontic concept.".
report:Violated a rdfs:Class, skos:Concept;
rdfs:isDefinedBy report: ;
rdfs:label "Violated State";
rdfs:subClassOf report:DeonticState ;
rdfs:disjointWith report:NonSet, report:Fulfilled ;
rdfs:definition "The combination of activation state and performance state contradicts the deontic concept of the rule.".
report:Fulfilled a rdfs:Class, skos:Concept;
rdfs:isDefinedBy report: ;
rdfs:label "Fulfilled State";
rdfs:subClassOf report:DeonticState ;
rdfs:disjointWith report:NonSet, report:Violated ;
rdfs:definition "The combination of activation state and performance state complies with the deontic concept of the rule.".
report:SatisfactionState a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Premise Satisfaction State" ;
skos:definition "The state of a premise (any kind of constraint). This state can either be satisfied or unsatisfied.".
report:Satisfied a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Satisfied State" ;
rdfs:subClassOf report:SatisfactionState ;
rdfs:disjointWith report:Unsatisfied ;
skos:definition "The premise is satisfied.".
report:Unsatisfied a rdfs:Class, skos:Concept ;
rdfs:isDefinedBy report: ;
rdfs:label "Unsatisfied State" ;
rdfs:subClassOf report:SatisfactionState ;
rdfs:disjointWith report:Satisfied ;
skos:definition "The premise is not satisfied.".
# properties
report:policy a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Denotes for a policy report which policy is being evaluated.";
rdfs:domain report:PolicyReport ;
rdfs:range odrl:Set, odrl:Agreement, odrl:Offer .
report:policyRequest a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Denotes for a policy report which request (policy) is being evaluated against the given policy.";
rdfs:domain report:PolicyReport ;
rdfs:range odrl:Request .
report:ruleReport a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Relates the evaluation of one of the rules (the rule report) of a policy to its policy report.";
rdfs:domain report:PolicyReport ;
rdfs:range report:RuleReport .
report:conditionReport a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Relates a duty report to a permission report." ;
rdfs:comment "This allows the activation state to be calculated on the Deontic State of the duty report. When Violated, it is not allowed for the Permission Report to be Active.";
rdfs:domain report:PermissionReport ;
rdfs:range report:DutyReport .
report:premiseReport a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Relates the explanation and satisfaction state of one of the premises of a rule to its rule report. A second definition is in the case of complex constraints: it relates the explanation and satisfaction state of one of the premises of a complex constraint (e.g. logical constraint) to its premise report.";
rdfs:domain report:RuleReport, report:PremiseReport ;
rdfs:range report:PremiseReport .
report:rule a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Denotes for a rule report which rule of a policy is being evaluated.";
rdfs:domain report:RuleReport ;
rdfs:range odrl:Rule .
report:ruleRequest a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Denotes for a permission or prohibition report which access request rule is being evaluated against the policy rule.";
rdfs:domain report:PermissionReport, report:ProhibitionReport ;
rdfs:range odrl:Rule .
report:activationState a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Relates the activation state as a property to a rule report.";
rdfs:domain report:RuleReport ;
rdfs:range report:ActivationState .
report:attemptState a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Relates the attempted state as a property to a permission or prohibition report.";
rdfs:domain report:PermissionReport, report:ProhibitionReport ; # Not sure whether an obligation can also be attempted
rdfs:range report:AttemptState .
report:performanceState a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Relates the state of performance as a property to a rule report.";
rdfs:domain report:RuleReport ;
rdfs:range report:PerformanceState .
report:deonticState a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Relates the doentic state as a property to a prohibition or duty report.";
rdfs:domain report:RuleReport;
rdfs:range report:DeonticState .
report:constraint a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Denotes for a constraint report which constraint is being evaluated.";
rdfs:domain report:PremiseReport ;
rdfs:range odrl:Constraint .
report:satisfactionState a rdfs:Property, skos:Concept;
rdfs:isDefinedBy report: ;
skos:definition "Relates the satisfaction state as a property to a premise report.";
rdfs:domain report:PremiseReport ;
rdfs:range report:SatisfactionState .