Rei – language to create policy specifications
Several days ago I stumbled upon Rei. It was said to be the best policy language out there. “Finally something”, I tought. I read the specification and it seems very powerful way to describe policies, altough, I haven’t understood it thoroughly. Nevertheless, I have been reading articles and specifications and Rei is more or less the thing I have been looking for. Or at least it seems that way.
Rei has developed by a group of people in the Department of Computer Science and Electrical Engineering (CSEE) of University of Maryland, Baltimore County (UMBC). It is based on OWL-Lite. The full specification can be found here.
There is an example policy made with Rei in the specification page. It describes a printing policy of faculty of computer science. Because my problem is concentrated around the databases and data the next thing is to find out how I describe policy of data usage of database in Rei. For example, I need to create policy that the system which requests data from service can use data A for calculations but it can not show or share it. The policy like that could be set, for instance, in situations where system wants to calculate average age of the customers in a service but service does not want that the privacy of its customers is in danger. Therefore, service denies the usage of data for sharing or showing but allows the usage when data is used only for calculations which does not violate privacy of customers.
In general, I need to study if it is possible to create policies which consist of unique data items in database by Rei. If it is possible then Rei is the answer to my research problem.