Re: Linking non-open data from Chris Bizer on 2008-04-17 (public-lod@w3.org from April 2008)

From: Chris Bizer <chris@bizer.de>
Date: Thu, 17 Apr 2008 13:25:43 +0200
To: "Matthias Samwald" <samwald@gmx.at>, <public-lod@w3.org>
Cc: "Tassilo Pellegrini" <t.pellegrini@semantic-web.at>, "Andreas Blumauer $Semantic Web Company$" <a.blumauer@semantic-web.at>
Message-ID: <002f01c8a07d$c8e4e7a0$c4e84d57@named4gc1asnuj>

Hi Matthias,

> I hope this is not too off-topic for a mailing list entitled 'linking open 
> data'...

Not at all. As LOD is getting more traction, we for sure have to start 
dealing with these things at some point.

>
> A question that will surely arise in many places when more people get to 
> know about the linked data initiative and the growing infrastructure of 
> linked open data is: how can these principles be applied to organizational 
> data that might not / only partially be open to the public web?

I think applying the Linked Data principles within a corporate intranet does 
not pose any specific requirements. It is just that the data is not 
accessable from the outside.

> People will soon try to develop practices for selectively protecting parts 
> of their linked data with fine-grained access rights. Could simple HTTP 
> authentication be useful for linked data?

As Linked Data heavily relies on HTTP anyway, I think HTTP authentication 
should be the first choise and people having these requirements shoud check 
if they can go with HTTP auth.

> How does authentication work for SPARQL endpoints containing several named 
> graphs?

Of course you can always make things as difficult as you like. But I guess 
for many use cases an all-or-nothing aproach is good enough, which would 
allow HTTP authentication to be used again.

> Can we use RDF vocabularies to represent access rights? Should such 
> vocabularies be standardized?

Sure, but I think all work in this area should be based on clearly motivated 
real-world use cases and collecting these use cases should be the first step 
before starting to define vocabularies.

> Is there any ongoing work on defining such practices (or even 'best 
> practices')?

There is lots of work on using RDF, OWL and different rules languages to 
represent access control proicies. See for instance Rei, KAoS and Protune or 
the SemWeb policy workshop at 
http://www.l3s.de/~olmedilla/events/2006/SWPW06/ , for older work also 
http://www4.wiwiss.fu-berlin.de/bizer/SWTSGuide/

But I guess a lot of this will be a bit over-the-top for the common linked 
data use cases.

Cheers

Chris


>
> Cheers,
> Matthias Samwald
> Semantic Web Company, Austria // DERI Galway, Ireland
> http://www.semantic-web.at/
> http://www.deri.ie/
>


--
Chris Bizer
Freie Universität Berlin
+49 30 838 54057
chris@bizer.de
www.bizer.de

Received on Thursday, 17 April 2008 11:26:14 UTC