GUCON: A Generic Graph Pattern Based Policy Framework for Usage Control Enforcement.

Robust Usage Control (UC) mechanisms are necessary to protect sensitive data and resources, especially when these are distributed across multiple nodes or users. Existing solutions have limitations in expressing and enforcing usage control policies due to difficulties in capturing complex requirements and the lack of formal semantics necessary for automated compliance checking. To address these challenges, we propose GUCON, a generic policy framework that allows for the expression of and reasoning over granular UC policies. This is achieved by leveraging the expressiveness and semantics of graph pattern expressions, as well as the flexibility of deontic concepts. Additionally, GUCON incorporates algorithms for conflict detection, resolution, compliance and requirements checking, ensuring active policy enforcement. We demonstrate the effectiveness of our framework by proposing instantiations using SHACL, OWL and ODRL. We show how instantiations provide a bridge between abstract formalism and concrete implementations, thus allowing existing reasoners and implementations to be leveraged.