Decentralization initiatives such as Solid and ActivityPub aim to give data owners more control over their data and to level the playing field by enabling small companies and individuals to gain access to data, thus stimulating innovation. However, these initiatives typically employ access control mechanisms that cannot verify compliance with usage conditions after access has been granted to others. In this paper, we extend the state of the art by proposing a resource governance conceptual framework, entitled ReGov, that facilitates usage control in decentralized web environments. We subsequently demonstrate how our framework can be instantiated by combining blockchain and trusted execution environments. Through blockchain technologies, we record policies expressing the usage conditions associated with resources and monitor their compliance. Our instantiation employs trusted execution environments to enforce said policies, inside data consumers' devices.} We evaluate the framework instantiation through a detailed analysis of requirements derived from a data market motivating scenario, as well as an assessment of the security, privacy, and affordability aspects of our proposal.

翻译：去中心化倡议（如Solid和ActivityPub）旨在让数据所有者更好地控制其数据，并通过使小型企业和个人能够访问数据来创造公平竞争环境，从而激发创新。然而，这些倡议通常采用的访问控制机制无法验证数据在授权给他人后是否符合使用条件。本文通过提出名为ReGov的资源治理概念框架，扩展了现有技术水平，该框架促进分散式网络环境中的使用控制。随后，我们展示了如何通过结合区块链和可信执行环境来实例化该框架。通过区块链技术，我们记录表达资源相关使用条件的策略并监控其合规性。我们的实例化方案在数据消费者设备内采用可信执行环境来强制实施所述策略。我们通过从数据市场激励场景中推导出的需求详细分析，以及对我们提案的安全性、隐私性和负担性评估，对框架实例化进行了评价。