Usage control is a promising approach for access control in open, distributed, heterogeneous and network-connected computer environments. It encompasses and enhances traditional access control models, Trust Management (TM) and Digital Rights Management (DRM), and its main novelties are mutability of attributes and continuity of access decision evaluation. You can check more information in this repository.

The FIWARE Identity Manager Keyrock plays the role of PAP (Policy Administration Point) and PIP (Policy Information Point) in the Usage Control Architecture. It offers the possibility of defining data usage rules and the corresponding punishments for each application. These rules must be fulfilled by data consumers.