Negotiations of different kinds are used to trade goods and services. Within these, the creation of a signed agreement or contract that is binding for the agreeing parties helps also the gathering of evidence that can be used in case of disputes and for adjudication. Traditionally, contracts are established on paper agreements that are signed by all the involved parties and by a law enforcement entity that ensure its legality in a court of law. These contracts have evolved with the introduction of Information Technology (IT) where the negotiation of goods and services is mainly virtual and/or automatized. The consistency and processing time of the computers allow for negotiations to be more efficient than ever. 

Digitalized negotiations allow for auctioning systems providing a mechanism to efficiently match demand and supply in the exchange of goods and services. Such suctioning systems allow multiple users to iteratively or non-iteratively compete against one another to achieve allocative efficiency. Lately, digitalized auctions are implemented using Blockchain systems with the use of Smart Contracts to archieve decentralization. These are implemented as a digital script that may encode any set of rules written as code, with the validity of the code being enforced by the Blockchain's consensus mechanism. These Smart Contracts computations however tend to be expensive when executed and limited by the blocksize.  

This thesis studies the creation of digitized negotiation protocols and contract definition following the needs of traditional trading and auctioning systems. We investigate the use of Ricardian Contracts for flexible representation of rights and obligations of entities in the context of circular economy in both single and multi-attribute auctions. We analyze the implication of digitized agreements in the context of data sharing. Furthermore, we analyze how usage control policies can be represented into Ricardian Contracts in the context of intellectual property protection, compliance with regulations, and digital rights management.Finally, we analyze the properties that a system that supports the mentioned models should have and how to implement it in the context of distributed auctioning systems by contrasting available state-of-the-art. 

The main contributions of the thesis are: (1) The creation of a multi-attribute auctioning protocol for the circular economy which implements Ricardian Contracts for the representation of rights and obligations. (2) A method to negotiate obligations and access provisions with multi-level Ricardian contracts, and automatically enforce those provisions with access control. (3) A state-of-art analysis on distributed and decentralized auctioning systems where the key properties of auctioning systems are identified and are evaluated against the current implementations.

In the Industry 4.0 era, secure and efficient data sharing is vital for innovation and operational enhancement. Industry 4.0 envisions a highly connected ecosystem where machines, devices, and stakeholders collaborate in real time to optimize processes, enhance productivity, and create new value propositions. However, this surge in data-driven collaboration brings forth a critical challenge, ensuring the secure and controlled sharing of sensitive information. As organizations embrace the potential of Industry 4.0, the need for robust mechanisms to achieve key data security properties of data integrity, confidentiality, and availability, while enabling efficient data exchange becomes paramount. However, while the promise of Industry 4.0 presents promising opportunities, it also introduces a set of challenges intrinsic to data security solutions. These solutions, while promising in providing fine-grained data security, introduce complexities such as administrative overhead and substantial management efforts for the users. Striking a balance between robust security and operational ease is critical for enabling seamless data exchange within the evolving landscape of Industry 4.0.

This thesis explores the realm of Attribute-based approaches to achieve the desired secure data sharing, pivotal in the digitized Industry 4.0 environment.  An overarching objective is to achieve compatibility of these data-securing mechanisms with the Industry 4.0 paradigms through the usage of attribute-based approaches. This includes the exploration of the existing solutions within the state-of-the-art and its analysis in the context of usability and practicality for industrial adoption. 

Access control entails the establishment of policies and mechanisms to regulate who can access specific resources or information, under what conditions, and to what extent. The study will delve into various access control models and their applicability, with a particular emphasis on Attribute-Based Access Control. Moreover, through the creation of proofs-of-concepts implementations, we explore the usability of Attribute-based Access Control (ABAC) models and policy languages, applied to different aspects of the data-sharing process.  Manageability, user-friendliness, and fine-granularity of the access control were identified as key properties for the usability of data securing technologies in industry. Hence, discovering and addressing challenges for such properties is of special focus for this thesis. 

In addition, this thesis explores attribute-based encryption techniques, seeking to augment data security while minimizing additional operational complexities. Moreover, this thesis also explores the implications of third-party cloud services, popular in Industry 4.0 environments, as well as third-party stakeholder data sharing to motivate the need to ensure both in-transit and at-rest data security.

This thesis makes significant contributions in the domain of secure data sharing in Industry 4.0. First, it contextualizes access control within the broader data security landscape and explores state-of-the-art Attribute-Based Access Control policy languages. The research designs, evaluates, and automates ABAC models to address fine-granularity and manageability gaps, with a focus on user-friendliness for industrial adoption. Furthermore, it proposes and implements an automated management solution for integrating new data sources in Service-Oriented Architecture (SOA) industrial data-sharing applications, within the Eclipse Arrowhead Framework. This includes the innovative proposal of contractual automation of access control policies to enhance efficiency and security. 

Moreover, the research delves into the realm of attribute-based encryption approaches, conducting a state-of-the-art exploration and gap analysis, with a special focus on uncovering the adoption barriers associated with this technology.  Lastly, the thesis designs, implements, and evaluates an ABAC-Enabled ABE solution architecture, covering the discovered gaps, and offering an expressive and user-friendly approach to secure data sharing. These contributions collectively advance the field of data security and access control in the context of Industry 4.0 and similar evolving industrial landscapes

The research indicated that Attribute-based approaches hold promise for practical data protection at rest through access control mechanisms, especially within fine-grained policies. The study explores ABAC in a graph-based policy language, Next-generation Access Control (NGAC), showcasing its potential for reducing administrative workload related to policy management. Simplified policy creation and expression enhance the ease of model implementation. These insights extend to ABE, highlighting the value of delegating attribute management for reduced administrative complexity and improved expressiveness within ABE schemes. This approach allows for automation techniques developed for ABAC policy management to be translated into ABE schemes.