W3C home > Mailing lists > Public > public-ldp@w3.org > January 2012

Re: Linked Data Platform Working Group Charter comment

From: <Ora.Lassila@nokia.com>
Date: Tue, 31 Jan 2012 13:43:09 +0000
To: <michael.hausenblas@deri.org>, <ryan.mcdonough@nokia.com>
CC: <martynas@graphity.org>, <ivan@w3.org>, <public-ldp@w3.org>
Message-ID: <CB4D59E4.9DF4%ora.lassila@nokia.com>
I agree with Ryan as well. This is an important topic and must be
addressed somehow so that we can move towards interoperable solutions.

	- Ora


On 2012-01-31 8:24 AM, "ext Michael Hausenblas"
<michael.hausenblas@deri.org> wrote:

>
>
>>  But rather than punt on
>> the issue completely, I would like propose we define the minimal set
>> of
>> requirements for auth/auth. From there, we can look at some of the
>> suggestions that have been raised on this list so far to see if they
>> are
>> capable of satisfying these requirements.
>
>+1
>
>Cheers,
>	Michael
>--
>Dr. Michael Hausenblas, Research Fellow
>LiDRC - Linked Data Research Centre
>DERI - Digital Enterprise Research Institute
>NUIG - National University of Ireland, Galway
>Ireland, Europe
>Tel. +353 91 495730
>http://linkeddata.deri.ie/

>http://sw-app.org/about.html

>
>On 31 Jan 2012, at 13:21, <ryan.mcdonough@nokia.com>
><ryan.mcdonough@nokia.com
> > wrote:
>
>> I don't think we wanted to boil the ocean here. The point was that if
>> you're enabling read/write linked data on the web, or private network,
>> identity and security are obvious requirements in my view. As Ora
>> pointed
>> out, these issues come up time and time again on the projects we've
>> been
>> working internally.
>>
>> At the very least, the LDP should offer some recommendations on how
>> to do
>> it. And I agree with you, let's not solve everyone's problems and
>> I'm not
>> suggesting the WG rolls our own solutions either. But rather than
>> punt on
>> the issue completely, I would like propose we define the minimal set
>> of
>> requirements for auth/auth. From there, we can look at some of the
>> suggestions that have been raised on this list so far to see if they
>> are
>> capable of satisfying these requirements.
>>
>> Ryan-
>>
>>
>> -- 
>> Ryan J. McDonough
>> Architect
>> Location & Commerce
>> NOKIA INC.
>>
>>
>>
>>
>>
>>
>> On 1/31/12 6:59 AM, "ext Michael Hausenblas"
>><michael.hausenblas@deri.org
>> >
>> wrote:
>>
>>>
>>> Ryan, All,
>>>
>>> I guess we all agree that WebID and WebACL and the likes are
>>> necessary
>>> building blocks to achieve a true read/write enabled, enterprise-
>>> ready, industrial strength solution. However, for the sake of the
>>> success of this WG I also agree that we should not try to boil the
>>> ocean and hence: focus, focus, focus.
>>>
>>> In this sense: -1 to incl. auth/auth topics ...
>>>
>>> Cheers,
>>> 	Michael
>>> --
>>> Dr. Michael Hausenblas, Research Fellow
>>> LiDRC - Linked Data Research Centre
>>> DERI - Digital Enterprise Research Institute
>>> NUIG - National University of Ireland, Galway
>>> Ireland, Europe
>>> Tel. +353 91 495730
>>> http://linkeddata.deri.ie/

>>> http://sw-app.org/about.html

>>>
>>> On 31 Jan 2012, at 11:56, <ryan.mcdonough@nokia.com>
>>> <ryan.mcdonough@nokia.com
>>>> wrote:
>>>
>>>> Back to the original question as to whether access control is in
>>>> scope or
>>>> not, I agree with Ora that we should not punt on this issue.
>>>> However, I'm
>>>> not sure that we need to attempt solve the problem this month ;)
>>>> Given all
>>>> of the ideas being offered, it would appear that Access control
>>>> mechanisms, WebACL, Web Identity might be in scope?
>>>>
>>>> Ryan-
>>>>
>>>> -- 
>>>> Ryan J. McDonough
>>>> Architect
>>>> Location & Commerce
>>>> NOKIA INC.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> From:  ext Martynas Jusevicius <martynas@graphity.org>
>>>> Date:  Wed, 18 Jan 2012 02:35:21 +0100
>>>> To:  Ora Lassila <ora.lassila@nokia.com>
>>>> Cc:  <ivan@w3.org>, <michael.hausenblas@deri.org>, <public-ldp@w3.org
>>>> >
>>>> Subject:  Re: Linked Data Platform Working Group Charter comment
>>>> Resent-From:  <public-ldp@w3.org>
>>>> Resent-Date:  Wed, 18 Jan 2012 15:49:49 +0000
>>>>
>>>>
>>>> Hey all,
>>>> how about Basic Access Control ontology http://www.w3.org/ns/auth/

>>>> acl ?
>>>>
>>>> We're using it successfully in a Linked Data context  -- in
>>>> combination
>>>> with foaf:Person and sioc:UserAccount, to express a number of users
>>>> and
>>>> user groups and their access rights to resources and classes of
>>>> resources.
>>>> As a result, both authentication and authorization is a matter of a
>>>> single
>>>> SPARQL query.
>>>>
>>>> It might be simplistic -- but it's a start?
>>>>
>>>> Martynas
>>>> graphity.org <http://graphity.org>
>>>>
>>>> On Tue, Jan 17, 2012 at 4:05 PM,  <Ora.Lassila@nokia.com> wrote:
>>>>
>>>> Ivan,
>>>>
>>>> Indeed. [Sigh] If I knew of an access control mechanism that is
>>>> mature and
>>>> proven in the Linked Data context I would have made a much stronger
>>>> statement in favor of addressing the issue. We do not want to engage
>>>> in
>>>> R&D work (we have made that mistake before ;-) but my great fear is
>>>> that
>>>> if we merely suggest that someone else will take care of this we may
>>>> be
>>>> signaling that this is not an issue of paramount importance.
>>>>
>>>> I don't have any magical answers or advice here, I am merely
>>>> expressing
>>>> concern... I guess I would like there at least to be some discussion
>>>> about
>>>> this. Saying that there is no solution and saying that something is
>>>> out of
>>>> scope should, after all, not be the same thing.
>>>>
>>>>       - Ora
>>>>
>>>>
>>>> On 2012-01-17 9:54 AM, "ext Ivan Herman" <ivan@w3.org> wrote:
>>>>
>>>>> Ora,
>>>>>
>>>>> I hear you. However (and that may show my complete ignorance...) is
>>>>> there
>>>>> any access control mechanism out there that has already proven
>>>>> itself in
>>>>> the area of Linked Data deployment that is in the maturity level of
>>>>> standardization? I am a bit concerned about chartering this group
>>>>> with an
>>>>> essentially R&D work while the other goals are much less so...
>>>>>
>>>>> Ivan
>>>>>
>>>>> On Jan 17, 2012, at 15:47 , <Ora.Lassila@nokia.com> wrote:
>>>>>
>>>>>> As much as I would like to have a "tight scope" for this WG, I
>>>>>> have to
>>>>>> observe that access control (or more like lack thereof) has often
>>>>>> been a
>>>>>> problem in Semantic Web/Linked Data projects I have been involved
>>>>>> in.
>>>>>> Particularly fine-grained access control of Semantic Web data.
>>>>>>
>>>>>> I fear that deeming access control strictly "out of scope" and
>>>>>> hoping
>>>>>> that
>>>>>> some (so far unspecified) liaison with other groups to solve this
>>>>>> problem
>>>>>> will only result in the issue not being seen as important enough.
>>>>>>
>>>>>> My $0.02.
>>>>>>
>>>>>>    - Ora
>>>>>>
>>>>>> --
>>>>>> Dr. Ora Lassila  ora.lassila@nokia.com  http://www.lassila.org

>>>>>> Principal Technologist, Nokia
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 2012-01-17 6:25 AM, "ext Michael Hausenblas"
>>>>>> <michael.hausenblas@deri.org> wrote:
>>>>>>
>>>>>>>
>>>>>>> All,
>>>>>>>
>>>>>>> I'd suggest to improve the following section and be more explicit
>>>>>>> regarding the bigger picture [1]:
>>>>>>>
>>>>>>> [[
>>>>>>> 2.3 Out of Scope
>>>>>>> Several possible standards that are out of scope for this group,
>>>>>>> such
>>>>>>> as those listed below:
>>>>>>>
>>>>>>>   € Access control mechanisms, WebACL, Web Identity
>>>>>>> ]]
>>>>>>>
>>>>>>> Mention that both authentication and authorisation are orthogonal
>>>>>>> issues and hence, in order to stay focused and to be successful,
>>>>>>> the
>>>>>>> WG will not focus on these issues (but liaison with the
>>>>>>> respective
>>>>>>> groups to ensure compatibility and openness).
>>>>>>>
>>>>>>> Thoughts?
>>>>>>>
>>>>>>> Cheers,
>>>>>>>   Michael
>>>>>>>
>>>>>>> [1] http://www.w3.org/wiki/WriteWebOfData

>>>>>>> --
>>>>>>> Dr. Michael Hausenblas, Research Fellow
>>>>>>> LiDRC - Linked Data Research Centre
>>>>>>> DERI - Digital Enterprise Research Institute
>>>>>>> NUIG - National University of Ireland, Galway
>>>>>>> Ireland, Europe
>>>>>>> Tel. +353 91 495730 <tel:%2B353%2091%20495730>
>>>>>>> http://linkeddata.deri.ie/

>>>>>>> http://sw-app.org/about.html

>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> ----
>>>>> Ivan Herman, W3C Semantic Web Activity Lead
>>>>> Home: http://www.w3.org/People/Ivan/

>>>>> mobile: +31-641044153 <tel:%2B31-641044153>
>>>>> FOAF: http://www.ivan-herman.net/foaf.rdf

>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>

Received on Tuesday, 31 January 2012 13:43:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 31 January 2012 13:43:42 GMT