{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T14:00:25Z","timestamp":1770818425393,"version":"3.50.1"},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030939748","type":"print"},{"value":"9783030939755","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,7,22]],"date-time":"2022-07-22T00:00:00Z","timestamp":1658448000000},"content-version":"vor","delay-in-days":202,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Data-driven business models are based on sharing and exchanging data. However, to establish a trustworthy and secure data exchange between different organizations, we have to tackle several challenges. Data sovereignty, for instance, is an essential prerequisite to empower data-driven business models across different organizations. The International Data Spaces provide solutions for data sovereignty to implement a secure and trustworthy data economy.<\/jats:p><jats:p>In this chapter, we focus on data usage control and data provenance as building blocks to solve data sovereignty challenges. We introduce concepts and technology for realizing usage control and describe the differences between usage control and access control as well as other related concepts such as digital rights management or user managed access. We present the implementation of data sovereignty in the International Data Spaces starting from the formalization of data usage restrictions as policies (i.e., the policy specification) to the technical compliance and adherence of the data usage restrictions (i.e., the policy enforcement). In doing so, we present the transformation of data usage restrictions to machine-readable policies that can be enforced by the systems. Different technologies, such as the MY DATA Control Technologies can be used to implement the enforcement of data sovereignty in a technical manner and discuss future expansion stages of implementing data sovereignty.<\/jats:p>","DOI":"10.1007\/978-3-030-93975-5_8","type":"book-chapter","created":{"date-parts":[[2022,7,21]],"date-time":"2022-07-21T15:03:20Z","timestamp":1658415800000},"page":"129-146","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Data Usage Control"],"prefix":"10.1007","author":[{"given":"Christian","family":"Jung","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"J\u00f6rg","family":"D\u00f6rr","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,7,22]]},"reference":[{"key":"8_CR1","volume-title":"Reference architecture model for the industrial data space 3.0","author":"B Otto","year":"2019","unstructured":"Otto, B., Lohmann, S., Auer, S., Brost, G., Cirullies, J., Eitel, A., Ernst, T., Haas, C., Huber, M., Jung, C., J\u00fcrjens, J., Lange, C., Mader, C., Menz, N., Nagel, R., Pettenpohl, H., Pullmann, J., Quix, C., Schon, J., \u2026 Wenzel, S. (2019). Reference architecture model for the industrial data space 3.0. Fraunhofer-Gesellschaft zur F\u00f6rderung der angewandten Forschung e.V. and Industrial Data Space e.V.."},{"key":"#cr-split#-8_CR2.1","unstructured":"European Parliament and the Council of the European Union. (2016). Regulation"},{"key":"#cr-split#-8_CR2.2","unstructured":"(EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC (General Data Protection Regulation). Br\u00fcssel. https:\/\/eur-lex.europa.eu\/eli\/reg\/2016\/679\/oj."},{"issue":"11","key":"8_CR3","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1109\/2.241422","volume":"26","author":"RS Sandhu","year":"1993","unstructured":"Sandhu, R. S. (1993). Lattice-based access control models. Computer, 26(11), 9\u201319.","journal-title":"Computer"},{"key":"8_CR4","doi-asserted-by":"publisher","first-page":"237","DOI":"10.1016\/S0065-2458(08)60206-5","volume":"46","author":"RS Sandhu","year":"1998","unstructured":"Sandhu, R. S. (1998). Role-based access control. Advances in Computers, 46, 237\u2013286. Elsevier.","journal-title":"Advances in Computers"},{"issue":"6","key":"8_CR5","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1109\/MC.2010.155","volume":"43","author":"DR Kuhn","year":"2010","unstructured":"Kuhn, D. R., Coyne, E. J., & Weil, T. R. (2010). Adding attributes to role based access control. Computer, 43(6), 79\u201381.","journal-title":"Computer"},{"key":"8_CR6","unstructured":"Parducci, B., Lockhart, H., & Rissanen, E. (2013, January 22). eXtensible Access Control Markup Language (XACML) Version 3.0. OASIS Standard [Online]. Available: https:\/\/docs.oasis-open.org\/xacml\/3.0\/xacml-3.0-core-spec-os-en.html. Last visited: 16 Aug 2019."},{"key":"8_CR7","unstructured":"MYDATA Control Technologies. (2021). MYDATA Control Technologies\u2014Developer documentation. Fraunhofer IESE. https:\/\/developer.mydata-control.de. Last visited: 13 Jan 2021."},{"issue":"9","key":"8_CR8","doi-asserted-by":"publisher","first-page":"60","DOI":"10.1109\/MC.2011.225","volume":"44","author":"MC Mont","year":"2011","unstructured":"Mont, M. C., & Pearson, S. (2011). Sticky policies: An approach for managing privacy across multiple parties. Computer, 44(9), 60\u201368.","journal-title":"Computer"},{"key":"8_CR9","unstructured":"Hardjono, T., Maler, E., Machulak, M., & Catalano, D. (2015). User-managed access (UMA) profile of OAuth 2.0. Version 1.0. https:\/\/docs.kantarainitiative.org\/uma\/rec-uma-core-v1_0.html. Last visited: 14 Apr 2021."},{"key":"8_CR10","unstructured":"Kantara Initiative. UMA implementations. https:\/\/kantarainitiative.org\/confluence\/display\/uma\/UMA+Implementations. Last visited: 14 Apr 2021."},{"key":"8_CR11","unstructured":"Mercer, N. (2018, February 28). Introducing Windows information protection. Microsoft [Online]. Available: https:\/\/techcommunity.microsoft.com\/t5\/Windows-Blog-Archive\/Introducing-Windows-Information-Protection\/ba-p\/166564. Last visited: 13 Jan 2021."},{"key":"8_CR12","unstructured":"International Data Spaces Association. (2018). Use Case overview: International data spaces: Our use cases make it happen! International Data Spaces Association. https:\/\/internationaldataspaces.org\/wp-content\/uploads\/dlm_uploads\/Use-Case-Brochure_2018.pdf."},{"key":"8_CR13","unstructured":"International Data Spaces Association. Use cases are IDS in action. https:\/\/internationaldataspaces.org\/make\/use-cases-overview\/. Last visited: 16 Apr 2021."},{"key":"8_CR14","doi-asserted-by":"crossref","unstructured":"Rudolph, M., Moucha, C., & Feth, D. (2016). A Framework for generating user-and domain-tailored security policy editors. In IEEE 24th international requirements engineering conference workshops, Beijing, China (pp. 56\u201361).","DOI":"10.1109\/REW.2016.024"},{"key":"8_CR15","unstructured":"Hosseinzadeh, A. (2020, October 13). Policy classes. Fraunhofer IESE. https:\/\/industrialdataspace.jiveon.com\/docs\/DOC-3412. Last visited: 13 Jan 2021."},{"key":"8_CR16","volume-title":"Usage control in the international data spaces","author":"A Eitel","year":"2021","unstructured":"Eitel, A., Jung, C., Brandst\u00e4dter, R., Hosseinzadeh, A., Bader, S., K\u00fchnle, C., Birnstill, P., Brost, G., Gall, M., Bruckner, F., Wei\u00dfenberg, N., & Korth, B. (2021). Usage control in the international data spaces. International Data Spaces Association. https:\/\/internationaldataspaces.org\/wp-content\/uploads\/IDSA-Position-Paper-Usage-Control-in-the-IDS-V3.0.pdf"},{"issue":"3","key":"8_CR17","doi-asserted-by":"publisher","first-page":"477","DOI":"10.1108\/JEIM-03-2018-0058","volume":"32","author":"J Zrenner","year":"2019","unstructured":"Zrenner, J., M\u00f6ller, F., Jung, C., Eitel, A., & Otto, B. (2019). Usage control architecture options for data sovereignty in business ecosystems. Journal of Enterprise Information Management, 32(3), 477\u2013495.","journal-title":"Journal of Enterprise Information Management"}],"container-title":["Designing Data Spaces"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-93975-5_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,21]],"date-time":"2022-07-21T15:24:35Z","timestamp":1658417075000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-93975-5_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030939748","9783030939755"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-93975-5_8","relation":{},"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"22 July 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}