- From: simon via GitHub <sysbot+gh@w3.org>
- Date: Mon, 26 Jun 2017 05:48:56 +0000
- To: public-poe-archives@w3.org
> I think the use case a processor is facing is: a specific user wants to taken an action on a specific asset, this needs to be evaluated. First the processor must find out if a partOf relationship is set between the specific user and the assignee W3C and if the specific asset has a partOf relationship with the target Dataset1. Such partOf relationships will be set in many cases outside a policy and this may cause practical problems.
what practical problems? if there's no indication about any partOf/memberOf/.. relation, then you simply can't compute any inferences.
For example:
```turtle
# :Alice requests the permission to odrl:play asset :PartA:
<http://example.com/request:01>
a odrl:Request;
odrl:permission [
a odrl:Permission ;
odrl:target :PartA ;
odrl:action odrl:play ;
odrl:assignee :Alice
] .
# :Alice is permitted to odrl:present :Dataset1
<http://example.com/policy:01>
a odrl:Policy;
odrl:permission [
a odrl:Permission ;
odrl:target :Dataset1 ;
odrl:action odrl:present;
odrl:assignee :Alice
] .
```
one way to evaluate such a request is to:
+ merge it with existing policies and check whether any conflicts arise; if that's the case -> **deny**
+ for each policy, check whether the set of (atomic) rules of the request is a subset of the set of (atomic) rules of the policy ; if that's the case -> **grant**
+ otherwise -> **unknown**
So if we don't know that `odrl:play` is actually a narrower term for `odrl:present` and that `:PartA` is actually a part of `:Dataset1`, the response to Alice's request would simply be **unknown** (or any other default).
--
GitHub Notification of comment by simonstey
Please view or discuss this issue at https://github.com/w3c/poe/issues/201#issuecomment-310969122 using your GitHub account
Received on Monday, 26 June 2017 05:49:02 UTC