Service providers (e.g., wireless, cellular, Internet, content, social network, etc.) and device manufacturers are continually challenged to deliver value and convenience to consumers by, for example, providing compelling network services and advancing the underlying technologies. One area of interest has been in developing methods to support generic data access via a data-centric architecture (such as the semantic web, the smart space, etc.). Typically, existing or conventional reactive authorization (e.g., authorization provided by a resource owner based on a request-by-request rather than on a pre-defined basis) relies upon service-specific protocols to access data. For example, multimedia communication sessions, such as voice and video calls over Internet Protocol (IP), generally use layers of protocols to access data. In a data-centric architecture, protocol operations are limited to the generic data manipulation such as get, update, delete, and query. Such a data-centric architecture provides a common framework for multiple protocols and systems to understand and process data content as well as to automate machine-to-machine communications. However, it is noted that the generic commands of existing service-specific protocols have limitations with respect to providing reactive authorization for a user to access data using only these generic commands with the existing service-specific protocols. Currently, a data store or database typically pre-defines its own data access policy.