From Access Control to Usage Control with User-Managed Access

Download PDF

Wout Slabbinck, Ruben Dedecker, Beatriz Esteves

Published: 01 Apr 2025, Last Modified: 01 Apr 2025SoSy2025-PrivacyEveryoneRevisionsBibTeXCC BY 4.0
Keywords: Usage Control, Solid, user managed access
Abstract: Solid leverages Semantic Web technologies to enable interoperable storage, access and (re)use of resources within a decentralized global ecosystem [1 ]. Originating from before the dawn of modern access control —when Authorization header schemes were the most elaborate mechanism available for HTTP— the project came up with WAC [ 2] and ACP [ 3 ], languages for writing policy lists, with an algorithm for evaluating those. Around the same time —in the early 2000s— enough developers started bumping into the limits the HTTP Authorization header (as well as initial proprietary lock-in ’solutions’) to spark the creation of OAuth [ 4], today’s de facto standard for access control on the Web. However, just like authorization was an explicit non-goal in HTTP, OAuth did not provide authentication as a service. This was later remedied by the OpenID initiative, which constructed an identity layer on top of it in the form of OpenID Connect [5]. While the Solid project incorporated aspects of both OAuth and OIDC in their specifications, it has missed some key elements that make those standards so widely adopted. Both WAC and ACP lack a separation of concerns between resource servers and authorization servers, leading to a request-efficient but inflexible system. By synchronously evaluating access controls based on a resource request and accompanying authentication token over the policy documents stored in the resource hierarchy of the Solid pod, the ability to request and evaluate claims —outside webid, identity provider and client provided by the authentication token— is restricted. Access control management is tailored to the specific interface(s) (protection domain) of a single resource server, and therefore impractical to manage and audit over multiple servers. The choice of policy language, evaluation algorithm, and authentication options are tightly bound to the evolution of that specific resource server, to which authentication details are unnecessarily revealed. Moreover, they rely on a hierarchical resource structure, which assumes a read-write symmetry, and prevents full independence of data and application, leading to a proliferation of non-interoperable application-specific APIs on top of Solid. We implemented an open-source UMA prototype governing usage control to Solid servers through integration with the Community Solid Server (CSS): https://github.com/SolidLabResearch/user-managed-access/ .
Submission Number: 5