Re: Linked Data Platform Working Group Charter comment

I don't think we wanted to boil the ocean here. The point was that if
you're enabling read/write linked data on the web, or private network,
identity and security are obvious requirements in my view. As Ora pointed
out, these issues come up time and time again on the projects we've been
working internally.

At the very least, the LDP should offer some recommendations on how to do
it. And I agree with you, let's not solve everyone's problems and I'm not
suggesting the WG rolls our own solutions either. But rather than punt on
the issue completely, I would like propose we define the minimal set of
requirements for auth/auth. From there, we can look at some of the
suggestions that have been raised on this list so far to see if they are
capable of satisfying these requirements.

Ryan-


-- 
Ryan J. McDonough 
Architect
Location & Commerce
NOKIA INC. 






On 1/31/12 6:59 AM, "ext Michael Hausenblas" <michael.hausenblas@deri.org>
wrote:

>
>Ryan, All,
>
>I guess we all agree that WebID and WebACL and the likes are necessary
>building blocks to achieve a true read/write enabled, enterprise-
>ready, industrial strength solution. However, for the sake of the
>success of this WG I also agree that we should not try to boil the
>ocean and hence: focus, focus, focus.
>
>In this sense: -1 to incl. auth/auth topics ...
>
>Cheers,
> Michael
>--
>Dr. Michael Hausenblas, Research Fellow
>LiDRC - Linked Data Research Centre
>DERI - Digital Enterprise Research Institute
>NUIG - National University of Ireland, Galway
>Ireland, Europe
>Tel. +353 91 495730
>http://linkeddata.deri.ie/

>http://sw-app.org/about.html

>
>On 31 Jan 2012, at 11:56, <ryan.mcdonough@nokia.com>
><ryan.mcdonough@nokia.com
> > wrote:
>
>> Back to the original question as to whether access control is in
>> scope or
>> not, I agree with Ora that we should not punt on this issue.
>> However, I'm
>> not sure that we need to attempt solve the problem this month ;)
>> Given all
>> of the ideas being offered, it would appear that Access control
>> mechanisms, WebACL, Web Identity might be in scope?
>>
>> Ryan-
>>
>> -- 
>> Ryan J. McDonough
>> Architect
>> Location & Commerce
>> NOKIA INC.
>>
>>
>>
>>
>>
>>
>> From:  ext Martynas Jusevicius <martynas@graphity.org>
>> Date:  Wed, 18 Jan 2012 02:35:21 +0100
>> To:  Ora Lassila <ora.lassila@nokia.com>
>> Cc:  <ivan@w3.org>, <michael.hausenblas@deri.org>, <public-ldp@w3.org>
>> Subject:  Re: Linked Data Platform Working Group Charter comment
>> Resent-From:  <public-ldp@w3.org>
>> Resent-Date:  Wed, 18 Jan 2012 15:49:49 +0000
>>
>>
>> Hey all,
>> how about Basic Access Control ontology http://www.w3.org/ns/auth/

>> acl ?
>>
>> We're using it successfully in a Linked Data context  -- in
>> combination
>> with foaf:Person and sioc:UserAccount, to express a number of users
>> and
>> user groups and their access rights to resources and classes of
>> resources.
>> As a result, both authentication and authorization is a matter of a
>> single
>> SPARQL query.
>>
>> It might be simplistic -- but it's a start?
>>
>> Martynas
>> graphity.org <http://graphity.org>
>>
>> On Tue, Jan 17, 2012 at 4:05 PM,  <Ora.Lassila@nokia.com> wrote:
>>
>> Ivan,
>>
>> Indeed. [Sigh] If I knew of an access control mechanism that is
>> mature and
>> proven in the Linked Data context I would have made a much stronger
>> statement in favor of addressing the issue. We do not want to engage
>> in
>> R&D work (we have made that mistake before ;-) but my great fear is
>> that
>> if we merely suggest that someone else will take care of this we may
>> be
>> signaling that this is not an issue of paramount importance.
>>
>> I don't have any magical answers or advice here, I am merely
>> expressing
>> concern... I guess I would like there at least to be some discussion
>> about
>> this. Saying that there is no solution and saying that something is
>> out of
>> scope should, after all, not be the same thing.
>>
>>        - Ora
>>
>>
>> On 2012-01-17 9:54 AM, "ext Ivan Herman" <ivan@w3.org> wrote:
>>
>>> Ora,
>>>
>>> I hear you. However (and that may show my complete ignorance...) is
>>> there
>>> any access control mechanism out there that has already proven
>>> itself in
>>> the area of Linked Data deployment that is in the maturity level of
>>> standardization? I am a bit concerned about chartering this group
>>> with an
>>> essentially R&D work while the other goals are much less so...
>>>
>>> Ivan
>>>
>>> On Jan 17, 2012, at 15:47 , <Ora.Lassila@nokia.com> wrote:
>>>
>>>> As much as I would like to have a "tight scope" for this WG, I
>>>> have to
>>>> observe that access control (or more like lack thereof) has often
>>>> been a
>>>> problem in Semantic Web/Linked Data projects I have been involved
>>>> in.
>>>> Particularly fine-grained access control of Semantic Web data.
>>>>
>>>> I fear that deeming access control strictly "out of scope" and
>>>> hoping
>>>> that
>>>> some (so far unspecified) liaison with other groups to solve this
>>>> problem
>>>> will only result in the issue not being seen as important enough.
>>>>
>>>> My $0.02.
>>>>
>>>>     - Ora
>>>>
>>>> --
>>>> Dr. Ora Lassila  ora.lassila@nokia.com  http://www.lassila.org

>>>> Principal Technologist, Nokia
>>>>
>>>>
>>>>
>>>> On 2012-01-17 6:25 AM, "ext Michael Hausenblas"
>>>> <michael.hausenblas@deri.org> wrote:
>>>>
>>>>>
>>>>> All,
>>>>>
>>>>> I'd suggest to improve the following section and be more explicit
>>>>> regarding the bigger picture [1]:
>>>>>
>>>>> [[
>>>>> 2.3 Out of Scope
>>>>> Several possible standards that are out of scope for this group,
>>>>> such
>>>>> as those listed below:
>>>>>
>>>>>    € Access control mechanisms, WebACL, Web Identity
>>>>> ]]
>>>>>
>>>>> Mention that both authentication and authorisation are orthogonal
>>>>> issues and hence, in order to stay focused and to be successful,
>>>>> the
>>>>> WG will not focus on these issues (but liaison with the respective
>>>>> groups to ensure compatibility and openness).
>>>>>
>>>>> Thoughts?
>>>>>
>>>>> Cheers,
>>>>>    Michael
>>>>>
>>>>> [1] http://www.w3.org/wiki/WriteWebOfData

>>>>> --
>>>>> Dr. Michael Hausenblas, Research Fellow
>>>>> LiDRC - Linked Data Research Centre
>>>>> DERI - Digital Enterprise Research Institute
>>>>> NUIG - National University of Ireland, Galway
>>>>> Ireland, Europe
>>>>> Tel. +353 91 495730 <tel:%2B353%2091%20495730>
>>>>> http://linkeddata.deri.ie/

>>>>> http://sw-app.org/about.html

>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>> ----
>>> Ivan Herman, W3C Semantic Web Activity Lead
>>> Home: http://www.w3.org/People/Ivan/

>>> mobile: +31-641044153 <tel:%2B31-641044153>
>>> FOAF: http://www.ivan-herman.net/foaf.rdf

>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>

Received on Thursday, 2 February 2012 17:41:07 UTC