Decentralized Consent Orchestration: A Framework for Auditable, Revocable, and Forward-Compatible Data Sharing in Solid
Keywords: Solid, Consent Management, Data Privacy, Access Control, Decentralized Web
Abstract: The Solid ecosystem provides a foundation for decentralized data storage and selective sharing, yet managing consent for data access remains challenging due to the complexities of evolving regulations, interoperability across applications, and varying user control requirements. I present Decentralized Consent Orchestration (DCO), a framework for managing, auditing, and revoking consent in Solid environments. DCO extends the current Solid authorization mechanisms with a semantic consent layer that provides fine-grained control over personal data sharing while maintaining regulatory compliance and user autonomy. The framework introduces three key components: 1) a consent vocabulary that bridges legal requirements with technical implementation, 2) a consent receipt infrastructure for auditable data transactions, and 3) a revocation propagation mechanism that ensures consent changes are respected throughout the ecosystem. Evaluation through a prototype implementation and user studies shows that DCO enables more compliant, transparent, and user-friendly data sharing, while reducing implementation complexity for developers integrating with Solid. This work contributes to making Solid a viable infrastructure for personal data spaces that align with emerging regulations like the GDPR, DGA, and EUDI wallet framework.
Submission Number: 4
Loading