IT support for e-Rulemaking Giosupport Wiederhold for Comp.Science, EE, Medicine IT e-Rulemaking Law Civil and Environmental Eng. GioKincho Wiederhold _ Stanford CSD,EE, Medicine RegNet, RegBase @ Stanford University Tasks 1. Rule making 2. Rule retrieval and storage 3. Rule validation 4. Processing of rules All form a closed loop with the public 7/26/2016 ERulemaking Gio 1 Rule making Interaction with the public • Representation: text • Legacy input: text, footnotes & tables • Dissemination: text & multimedia • Feedback: text • Volume: Large • Formats: Varying 7/26/2016 ERulemaking Gio 2 Text Parsing and Structuring XML Structured Document 7/26/2016 ERulemaking Gio 3 Rule Storage & Retrieval Storing is easy, will be distributed at autonomous sites Rules Linkage is Essential – Within in the documents – Among documents from different sources • Linkages form arbitrary networks – Should be preprocessed • Textual storage is ordered • Relational DBs link at query time – Too hard for users • Volume: Modest • Format: Network Structured 7/26/2016 ERulemaking Gio 4 Stanford Regulation Assistance System 7/26/2016 ERulemaking Gio 5 Rule validation Support at multiple levels • Experts • Public • Formal processing to locate – Conflicts – Incompleteness Intent Ignorance • Volume: Modest • Format: various structures 7/26/2016 ERulemaking Gio 6 Automatic display of related Information 7/26/2016 ERulemaking Gio 7 Rule Processing Requires a formal representation – Processable Rules ECA, ... • If S1 & C then S2 else S3 – State tables (UML) – Decision Tables – Algebraic properties for composition Connect to models • Volume: eventually large • Format: Research topic, to be formal 7/26/2016 ERulemaking Gio 8 Linkage for Automation Rules processing services accessible to applications • Help to proposals and forms preparation Validation during the design process avoids rework Completeness checking Deadlock A:Step x precedes y - .B step y precedes x • Performance-oriented rather than prescriptive rules ADA compliance Pollution tradeoffs • Validation by Regulatory agencies Reduced pressure on officials 7/26/2016 ERulemaking Gio 9 Online Code Compliance Checking Virtual Simulation 7/26/2016 ERulemaking Gio 10 Privacy Protection Objective: • Prevent the release of private & proprietary data Setting: • Broad public access, inter-linked systems Cannot be achieved by Access Control alone Release Control: Also filter outgoing information • More costly: Release can & must inspect contents • More secure: Access control only checks metadata Use the tools that are right, not the one you happen to have 7/26/2016 ERulemaking Gio 11 Symmetric Solution www.2ST.com Symmetric checking both of access to data and the subsequent release of data • Access Control with authentication and authorization of collaborators upon entry • Content-based release filtering of data when exiting the secure perimeter 7/26/2016 ERulemaking Gio 12 Conclusion Regulations will stress Computer Science • Complexity rather than Volume • Multiple representations need transforms • Validation and processing require formality IT capabilities will continue to change: Do not get stuck in perfecting an early phase Concern: Automation should serve, not inhibit Flexibility 7/26/2016 ERulemaking Gio 13