Abstract: In general, techniques for data access control are described, in which a policy engine implements and applies a declarative policy framework that can represent and reason about complex privacy policies. By using a common data model together with a formal shareability theory, this declarative policy framework enables the specification of expressive policies in a concise way without burdening the user with technical details of the underlying formalism of a data querying application or other knowledge representation scheme. The policy engine may be deployed as the policy decision point in a data access control system that also includes a policy enforcement point. The policy engine includes user interfaces for the creation, validation, and management of privacy policies. The policy engine may interface with systems that manage data requests and replies by coordinating policy engine decisions and access to databases.

Abstract: In general, the disclosure describes various aspects of techniques for explaining results provided by automated decision systems. A device comprising a memory and a computation engine executing one or more processor may be configured to perform the techniques. The memory may store an automated reasoning engine. The computation engine may execute the automated reasoning engine to obtain a query, obtain, from a knowledge base, and responsive to the query, a knowledge base entity representative of an explicit fact or a rule, and determine, based on the knowledge base entity, the query result that provides a decision to the query. The automated reasoning engine may also obtain provenance information that explains a history for the knowledge base entity, determine, based on the provenance information, an explanation that explains a difference between the query result and a previous query result provided with respect to the query, and output the explanation.

Abstract: In general, techniques for data access control are described, in which a policy engine implements and applies a declarative policy framework that can represent and reason about complex privacy policies. By using a common data model together with a formal shareability theory, this declarative policy framework enables the specification of expressive policies in a concise way without burdening the user with technical details of the underlying formalism of a data querying application or other knowledge representation scheme. The policy engine may be deployed as the policy decision point in a data access control system that also includes a policy enforcement point. The policy engine includes user interfaces for the creation, validation, and management of privacy policies. The policy engine may interface with systems that manage data requests and replies by coordinating policy engine decisions and access to databases.