Access Control Requirements from Ashok Malhotra on 2013-04-21 (public-ldp-wg@w3.org from April 2013)

From: Ashok Malhotra <ashok.malhotra@oracle.com>
Date: Sun, 21 Apr 2013 15:42:48 -0400
To: "public-ldp-wg@w3.org" <public-ldp-wg@w3.org>
Message-ID: <51744138.5050209@oracle.com>

I added some material based on our discussion last week and mail from
Serena and Henry. If we agree on the direction, what more should we add
to create the WG Note?

Access Control

Access Control is a mechanism to enable or deny permissions to entities - individuals, groups of individuals or organizations - to perform operations on resources. The entities have to be authenticated and identified and, perhaps, added to a group.

In the case of LDP the resources are LDP resources but the access control may operate at different granularities: RDF documents, named graphs or individual triples. The operations are read, update, create and delete.

For example, as discussed in http://www.w3.org/wiki/WebAccessControl access privileges can be requested as below:

@prefix acl: <http://www.w3.org/ns/auth/acl#> .

@prefix foaf: <http://xmlns.com/foaf/0.1/> .

[acl:accessTo <card>; acl:mode acl:Read; acl:agentClass foaf:Agent].

[acl:accessTo <card>; acl:mode acl:Read, acl:Write;acl:agent <card#i>].

This means that anyone may read card, and <card#i> can write it.

Typically, Access Control will be provided by the storage mechanism and not the LDP server itself. Thus, requests such as above will need to be mapped to the capabilities of the server.
The access control mechanism isn't in the purview of the LDP standard, so what can we say about
access control? What can we ask the server to provide?

1. How are entities authenticated? Can we require the use of WebID or OpenID for example?
Can we even recommend that one of these be used?

LOW BAR: The storage system provides its own mechanism for authenticating and identifying entities e.g username/password
HIGH BAR: Storage system accepts a URL which points to a set of credentials identifying entities. Authorization is orthogonal.

2. What is the granularity of access control?

LOW BAR: RDF resources
HIGH BAR: A regex that identifies individual triples

OTHER REQUIREMENTS ..

We can add these with a MAY or SHOULD when no countervailing security considerations apply.

3. If access is denied, some explanation of why it was denied. For example, "Could not verify one of user's principals" or "Network problem during authentication" or "User not authorized to update"

4. Ability to discover the access control policy as it applies to some set of resources.

--
All the best, Ashok

Received on Sunday, 21 April 2013 19:43:27 UTC