A Logic for Reasoning about Digital Rights

1
A Logic for Reasoning about Digital Rights

• By
• Riccardo Pucella (riccardo_at_cs.cornell.edu)
• Vicky Weissman (vickyw_at_cs.cornell.edu)

2
Goals

• Determine if a property holds for a set of
  licenses.
• Determine if a clients behavior with respect to
  a set of licenses adheres to a specification.

3
Properties

• We want to determine if a property holds for a
  set of licenses.
• What properties? Depends on the application.
• Examples of properties
• Client could get the right to access the file.
• The licenses always require a payment.

4
Specifications

• Given a set of licenses and how the client might
  behave, does the client adhere to the specs.
• What specs? Depends on the app
• Examples
• Client never uses resource illegally.
• Client never has to pay two bills at the same
  time.

5
What is a license?

• A license says what a client needs to do to use a
  resource legitimately.
• Examples
• Simple the client must sign a waiver before
  downloading beta-version software.
• More complex the client must sign a lease and
  either pay 490 on the first day or 500 on the
  second day of each month to live in an apartment.

6
Why is the 2nd example complex?

• More actions.
• Client has options. Client could

to sign lease
t2 nothing (?)
t3 ?
t1 pay 490
t30 ?
sign lease
?
pay 500
?
?
7
To meet goals, use a logic

• A logic
• gives us a language in which to write properties
  and specifications precisely.
• allows us to prove that properties and
  specifications are met.
• allows us to develop automated tools to do
  verification.

8
Logic features

• Need to talk about
• licenses.
• what client might do (wrt a license).
• time temporal operators.
• permission and obligation.

9
Licenses

• Idea from Gunter, Weeks, Wright Models and
  languages for digital rights, 2001.
• Licenses are sets of traces.
• Each trace states an action sequence that the
  client could do to fulfill the license.
• Syntax a license has the form
• l a l1 l2 l l1 U l2 (l) where a
  is an action

10
Licenses

• Follow lead from Gunter, Weeks, Wright Models
  and languages for digital rights, 2001.
• Licenses are sets of traces.
• Each trace states an action sequence that the
  client could do to fulfill the license.
• Syntax a license has the form
• l a l1 l2 l l1 U l2 (l) where a
  is an action

11
Licenses

• Follow lead from Gunter, Weeks, Wright Models
  and languages for digital rights, 2001.
• Licenses are sets of traces.
• Each trace states an action sequence that the
  client could do to fulfill the license.
• Syntax a license has the form
• l a l1 l2 l l1 U l2 (l) where a
  is an action

12
Lease example
l a l1 l2 l l1 U l2 (l)

to sign lease
t2 nothing (?)
t3 ?
t1 pay 490
t30 ?
sign lease
?
pay 500
?
?

• l sign lease (l1 U l2)
• l1 pay 490 ? ? l2 ? pay 500 ? ?

Note Time is captured implicitly.
13
What a client can do
Client can do any action ? of the form ?

• (a,n)
• ??
• ?1 ? ?2
• (?)

• do action a wrt license named n
• do not do ?
• do ?1 and ?2 simultaneously
• allows progress on multiple licenses

14
Example
? (a,n) ?? ?1 ? ?2 (?)

• Client pays 490 for the lease, but doesnt make
  the car payment.
• (pays 490, lease) ? ?(pay, car)

15
Writing properties and specs.
A formula f has the form f

• nl
• ?
• P(?)
• O(?)

license l with name n is issued client does
action expression ? client permitted to do
? client obligated to do ?
?f