The document outlines the Lynx project, which aims to develop a legal knowledge graph for smart compliance services across multilingual Europe. It describes the architecture of the Lynx Services Platform, including the use of microservices, REST APIs, and OAuth2 for secure authorization, thereby facilitating the management of European legal and regulatory data. Additionally, it details the implementation of various components such as a workflow manager and a centralized access control system for managing services and compliance-related documents.

1. BUILDING THE LEGAL KNOWLEDGE GRAPH
FOR SMART COMPLIANCE SERVICES IN
MULTILINGUAL EUROPE
http://lynx-project.eu/
Lynx - Compliance made easy
Legal Knowledge Graph for Multilingual Compliance Services
Webinar: Lynx Services Platform (LySP) - Part 1: Overview
11/02/2021, 11.30am-12.30pm CET

2. Agenda
• Introduction & the Lynx project - 10’
Elena Montiel Ponsoda, Lynx project lead, Universidad Politécnica de Madrid
• Lynx Services Platform: The Architecture - 20’
Filippo Maganza (Software Developer at Alpenite) and Victor Mireles-Chavez (Senior Researcher at Semantic
Web Company)
• Lynx Services Platform: The Basic Services - 20’
Sotiris Karampatakis (Senior Researcher at Semantic Web Company) and Victor Mireles-Chavez (Senior
Researcher at Semantic Web Company)
• Questions & Answers - 10’

3. The Lynx project
ICT14-2016-2017 (IA) Innovation action
Pillar: Industrial Leadership
Work Programme Year: H2020-2016-2017
Work Programme Part: Information and Communication Technologies
TOPIC : Big Data PPP: cross-sectorial and cross-lingual data integration and
experimentation
Duration: 40 months
Starting date: 1st December 2017
Estimated Project Cost: €3,638,065.00
Requested EU Contribution: €2,959,247.52
Project Officer: Johan BODENKAMP/Pierre-Paul SONDAG

5. Our Aim

6. Our Mission
Smart services
to better manage
compliance
LKG of
European legal
and regulatory
open data
Multilingual and
multijurisdictional
data

7. Our Pilots
Contracts Analysis Labour Law Geothermal Energy
Compliance

8. Lynx architecture

9. Microservice architectural pattern
Scenario: development of a large software project with complex
requirements.
Microservice architectural pattern: breaking software into smaller
and loosely coupled parts (microservices), each of which can be
developed and managed by a small dedicated team.
How to divide the application? Two main rules:
• Bounded Context
• Single Responsibility Principle

10. Bounded context
Coupling of service components and their data as a single units
with minimal dependencies.
What if B changes ? And D, C?

11. Single Responsibility Principle
Each microservice should have only one reason to change, that
is a single tightly coupled group of people representing a single
narrowly defined business from which changes can originate
from
What if people from IR and NLP
request changes simultaneously?

12. Lynx services
interactions

13. REST architectural style
Requirement: an interoperable Web API.
REST architectural style defines a set of useful principles:
• Resources (pieces of information) must be uniquely
identifiable.
• Clients can manipulate resources through their
representations using the set of semantics specified by the
HTTP protocol (GET, POST, PUT, DELETE …)
• Each HTTP request must contain all of the information
necessary for the server to understand the request, hence
server sessions are not permitted

14. OpenAPI standard
A good documentation has often a fundamental importance for a
REST API.
OpenAPI 3 is a description format for REST APIs:
• it helps structuring and analysing the documentation
• it can be easily interpret by both humans and computers
• any document compliant with the format can be visualized and
tested using Swagger UI, hence a Web UI for the REST API is
provided out of the box together with the documentation.

15. REST API with OpenAPI
Lynx API doc: https://lynx-project.eu/doc/api/
Swagger UI: https://swagger.io/tools/swagger-ui/

16. API Gateway pattern
In order to create a Web API using a
microservice architecture it is often
useful to decouple the exposed Web
interface from the underlying
microservices.
API gateway pattern: a single
component acts as entry point of the
system and routes requests to
microservices accordingly to some
logic.

17. Microservice orchestration
Using a microservice architecture, we often have to deal with the
problem of managing business processes that stretch across
the boundary of individual microservices.
To address this problem Lynx uses the service orchestration
technique, which consists of a central brain that drives the
business processes, much like the conductor in an orchestra.
The Lynx component responsible of service orchestration is the
Workflow Manager. The fundamental business process it
orchestrates is the population workflow.

18. Enrichment interface
To simplify integration of services into business processes and
with the external world we designed a model for the REST API of
enrichment services:
• The Analysis API:
• POST method
• input: a RDF Lynx document and an enrichment model identifier
• output: the enriched RDF Lynx document
• The Model Listing API:
• GET method
• output: all the possible choices of models and their identifiers

19. OAuth2 protocol
Requirement: a secure way of managing the authorization given
by the resource owner to the client application.
In Lynx we have adopted the wide known OAuth 2.0 protocol,
which provides specific authorization flows for web applications
(Swagger UI), desktop applications (Postman) and third-party
services (Cuatrecasas and DNV GL).
As OAuth 2.0 Authorization server Lynx uses Keycloak, an open
source identity and access management solution.
https://www.keycloak.org/

20. Keycloak Authorization Services
Requirement: fine grained access control for REST resources.
Example: each collection should have its own access control
policies.
Lynx adopts a centralized access control system based on
Keycloak Authorization Services, a software module that is
provided out of the box with the Keycloak server distribution.

21. Keycloak
Authorization
Services

22. Summary of the Lynx architecture
principles
• Microservice architectural pattern
• REST architectural style
• API gateway pattern
• Services orchestration
• Enrichment interface
• OAuth2 protocol
• Keycloak Authorization Services

23. Legal Knowledge
Graph

24. Lynx ontology and SHACL shapes
Goal: model compliance related
documents in a Legal Knowledge
Graph (LKG).
An ontology based on NIF 2.1 has
been defined for Lynx.
In order to support validation, two
SHACL shapes:
● For the NIF 2.1 ontology
● For the Lynx ontology.

25. Legal Knowledge Graph
Document
Manager

26. NIF
ELI
SKOS
Legal Knowledge Graph
Document
Manager
Document
Annotation
Concept
Part
Concept

27. NIF
ELI
SKOS
Legal Knowledge Graph
Document
Manager
Document
Annotation
Concept
Part
Concept

28. Platform Services

29. Platform Services

30. Workflow Manager
• Implements an API to instantiate the workflows and to monitor
the instances.
• Based on Camunda technology.

31. Modeling workflows with BPMN
To model workflows Business Process Model and Notation 2.0
(BPMN 2.0) is used.
• BPMN is a standard for business process modeling which
uses a graphical notation.
• BPMN has been designed to provide a standard notation
readily understandable by all business stakeholders, including
software engineers and business managers.

32. Population workflow

33. Workflow Manager Internals

34. Document Manager

35. Authorization & Identity microservice
Implements an interface to manage:
• digital identities (client and user accounts)
• authorization rules (resources, policies and permissions)
• since authorization is centralized, resources needs to be
synchronized with other microservices, the synchronization is
operated by the API manager.
Acts as Authorization server of the OAuth2 protocol

36. source: https://developers.redhat.com/blog/2019/12/11/keycloak-core-concepts-of-open-source-identity-and-access-management/

37. DEMO
• Instantiate a workflow instance
• Check authorization
• Fail without token
• Get authorization token from Keycloak
• Success with token
• Check workflow status
• Check enriched document in the Document Manager

38. Lynx Webinar Series
• Webinar 1: Lynx overall introduction
When: 10.12.2020, 10.30am CET (1 hour)
Recording: https://youtube.com/playlist?list=PLxa__IZYjIaiGbl3a-PyK3DqNhhMdnnHv
• Webinar 2: 3 Business Cases on top of the Lynx Legal Knowledge Graph
When: 14.1.2021, 10.30am CET
Recording: https://youtube.com/playlist?list=PLxa__IZYjIaiDL2O22ureD_nLmtgRq9LB
• Webinar 3: The Lynx Services Platform (LySP) - Part 1: Overview
When: 11.02.2021, 11.30am CET
Recording: https://youtube.com/playlist?list=PLxa__IZYjIahhiSXoJbVyxv_iAliExH5e
• Webinar 4: The Lynx Services Platform (LySP) - Part 2: The Services
When: 18.02.2021, 10.30am CET
Registration: https://attendee.gotowebinar.com/register/6255506890391068941
• Final Event: Lynx - Compliance made easy
When: 17.03.2020; 09.30 - 12.00pm CET
Registration: https://attendee.gotowebinar.com/register/1747701631044349709

39. CONTACTS
CONSORTIUM
Please raise your
Questions now….
http://lynx-project.eu/
CONSORTIUM

40. CONTACTS
CONSORTIUM
Thanks
http://lynx-project.eu/
CONSORTIUM

41. Key Principles
1. Token-based OAuth2 protocol for authorization together with the
centralized access control and authorization rules management based
on Keycloak,
2. LynxDocument schema,
3. Containerized deployment in an orchestrated application platform,
4. Workflow manager based on Camunda,
5. LinkedDataPlatform-inspired document manager,
6. Common rules for the development of web APIs — REST + API
gateway patterns.

42. Legal Knowledge Graph