- From: Dominik Tomaszuk <ddooss@wp.pl>
- Date: Fri, 31 Aug 2012 23:55:44 +0200
- To: bergi <bergi@axolotlfarm.org>
- CC: Read-Write-Web <public-rww@w3.org>, nathan <nathan@webr3.org>, Emmanuel Dreux <edreux@cloudiway.com>
On 31.08.2012 21:14, bergi wrote: > The RDFS/OWL is now available in RDF/XML and Turtle format. In what MIME do you serve it? I try curl -H "Accept: application/xml" -H "Content-Type: application/xml" -X GET "http://ns.bergnet.org/uac/0.1/" and I get HTML. I tried to > create a useful HTML document via XSPARQL without success. So I used > Protege/OWLDoc to generate a simple HTML documentation. > > http://ns.bergnet.org/uac/0.1/universal-access-control Cool! > > Last time no one proposed times for a Skype conference. So here two > proposals from my side: > > 2012-09-02 15:00-16:00 UTC, 17:00-18:00 Berlin > http://timeanddate.com/worldclock/fixedtime.html?month=09&day=02&year=2012&hour=15&min=00&sec=0&p1=0 +1 > > 2012-09-04 16:00-17:00 UTC, 18:00-19:00 Berlin > http://timeanddate.com/worldclock/fixedtime.html?month=09&day=04&year=2012&hour=16&min=00&sec=0&p1=0 -0.5 Cheers, Dominik > > > Am 16.08.2012 01:01, schrieb Dominik Tomaszuk: >> bergi, >> >> It will be great if you provide RDFS/OWL. My first impression is that >> it's quite complex. >> >> Maybe the person interested in this topic should get together on Skype? >> >> Cheers, >> Dominik >> >> >> On 15.08.2012 21:42, bergi wrote: >>> More and more people on the mailing list are talking about access >>> control. I'm already working on the ACL topic of the rww scope [1]. Even >>> if it's not yet feature complete, I wanted to show you my current >>> version. This work is based on the TripleAccessControl Ontology [2]. >>> Please have a look at the TAC Ontology documentation if you haven't done >>> this before. The main focus was my use case with a single/default graph, >>> but named graphs should also be covered in the final version. If you >>> also have already a concept please share your ideas. I will try to >>> integrated them. At the end we hopefully have an ontology that works for >>> must of us. This is important because I would like to use the uac:Role >>> class also for the Request for Access topic [3]. >>> >>> >>> Simple Example >>> >>> Here a simple example for my FOAF profile with nested roles for my WebID >>> keys and Pingback. The blank nodes _:group_anonymous and _:group_anybody >>> are used by the ResourceMe login modules for anonymous users and any >>> logged in user. >>> >>> # role for WebID keys: >>> _:RoleReadWebid a uac:Role; >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate cert:key; >>> ]; >>> uac:children [ >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate rdf:type; >>> uac:object cert:RSAPublicKey; >>> ], [ a uac:SimpleFilter; >>> uac:predicate cert:modulus; >>> ], [ a uac:SimpleFilter; >>> uac:predicate cert:exponent; >>> ]]]]. >>> >>> # role for Pingback: >>> _:RoleReadPingback a uac:Role; >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate pingback:to; >>> ]]. >>> >>> # role for FOAF profile: >>> _:RoleReadProfile a uac:Role; >>> uac:hasRole >>> _:RoleReadWebid, >>> _:RoleReadPingback; >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate rdf:type; >>> uac:object foaf:Person; >>> ], [ a uac:SimpleFilter; >>> uac:predicate foaf:name; >>> ], [ a uac:SimpleFilter; >>> uac:predicate foaf:firstName; >>> ], [ a uac:SimpleFilter; >>> uac:predicate foaf:lastName; >>> ], [ a uac:SimpleFilter; >>> uac:predicate foaf:nick; >>> ], [ a uac:SimpleFilter; >>> uac:predicate foaf:img; >>> ], [ a uac:SimpleFilter; >>> uac:predicate foaf:homepage; >>> ], [ a uac:SimpleFilter; >>> uac:predicate pingback:to; >>> ]]. >>> >>> # assign the roles to agents and subject >>> _:AuthzAllProfile a uac:Authorization; >>> uac:agent _:group_anonymous; >>> uac:agent _:group_anybody; >>> uac:subject<https://www.bergnet.org/people/bergi/card#me>; >>> uac:hasRole _:RoleReadProfile. >>> >>> >>> Write Blog Comment >>> >>> In some cases a filter value should be filled dynamically. For this use >>> case the uac:VariableFilter can be used. In this example the >>> uac:VariableFilter is used to avoid user spoofing in blog comments. The >>> agent variable is automatically filled with the authenticated user URL. >>> >>> _:RoleWriteBlogComment a uac:Role; >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate s:blogPosts; >>> ]; >>> uac:children [ >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Write; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate s:comment; >>> ]; >>> uac:children [ >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Write; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate rdf:type; >>> uac:object s:UserComments; >>> ], [ a uac:SimpleFilter; >>> uac:predicate s:commentTime; >>> ], [ a uac:SimpleFilter; >>> uac:predicate s:commentText; >>> ]; >>> ], [ a uac:TripleAuthorization; >>> uac:mode uac:Write; >>> uac:filter [ a uac:VariableFilter; >>> uac:predicate [ >>> uac:value s:creator; >>> ]; >>> uac:object [ >>> uac:variable "agent"; >>> ]; >>> ]; >>> uac:required "true"; >>> ]]]]]. >>> >>> _:AuthzAnybodyBlog a uac:Authorization; >>> uac:agent _:group_anybody; >>> uac:subject<https://www.bergnet.org/people/bergi/blog/#blog>; >>> uac:hasRole _:RoleWriteBlogComment. >>> >>> >>> Image Gallery >>> >>> This example shows how to reuse RDF data defined for a gallery. Based on >>> the s:contentURL property access to the linked pictures is granted. >>> >>> _:RoleReadGallery a uac:Role; >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate rdf:type; >>> uac:object s:ImageGallery; >>> ]; >>> ], [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate s:significantLink; >>> ]; >>> uac:children [ >>> uac:accessToTriple [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate rdf:type; >>> uac:object s:ImageObject; >>> ], [ a uac:SimpleFilter; >>> uac:predicate s:author; >>> ], [ a uac:SimpleFilter; >>> uac:predicate s:dateCreated; >>> ], [ a uac:SimpleFilter; >>> uac:predicate s:text; >>> ]; >>> ], [ a uac:TripleAuthorization; >>> uac:mode uac:Read; >>> uac:filter [ a uac:SimpleFilter; >>> uac:predicate s:contentURL; >>> ]; >>> uac:children [ >>> uac:accessToResource [ a uac:ResourceAuthorization; >>> uac:mode uac:Read; >>> ]]]]]. >>> >>> _:AuthzFriendsReadGallery a uac:Authorization; >>> uac:agent<https://www.bergnet.org/people/bergi/card#friends>; >>> uac:subject >>> <https://www.bergnet.org/people/bergi/gallery/2012-06-14/>, >>> <https://www.bergnet.org/people/bergi/gallery/2012-07-07/>; >>> uac:hasRole _:RoleReadGallery. >>> >>> >>> Why No Deny? >>> >>> There is no uac:denyAccessToTriple property because it would just cause >>> trouble. Think about foaf:group provided by a server which is temporary >>> not reachable. If you would deny access for this group you have a >>> problem. A concept of deny just will not work with distributed data. >>> >>> >>> Protecting Only Resources >>> >>> There are different opinions about the concept of filtering the content >>> of a resource. This concept should also work without triple filtering. I >>> was already thinking about merging the uac:accesstoTriple and >>> uac:accessToResource properties to a uac:access property. Beside the >>> uac:TripleAuthorization and uac:ResourceAuthorization class a >>> uac:TripleSet class could be defined, just to collect triples for a >>> uac:ResourceAuthorization child. >>> >>> >>> Prefixes >>> >>> Here are the prefix definitions, if you want to view the examples in >>> your favorite turtle editor: >>> >>> @prefix bio:<http://purl.org/vocab/bio/0.1/>. >>> @prefix cert:<http://www.w3.org/ns/auth/cert#>. >>> @prefix dct:<http://purl.org/dc/terms/>. >>> @prefix foaf:<http://xmlns.com/foaf/0.1/>. >>> @prefix like:<http://ontologi.es/like#>. >>> @prefix pingback:<http://purl.org/net/pingback/>. >>> @prefix s:<http://schema.org/>. >>> @prefix time:<http://www.w3.org/2006/time#>. >>> @prefix rdf:<http://www.w3.org/1999/02/22-rdf-syntax-ns#>. >>> @prefix uac:<http://ns.bergnet.org/uac/0.1/universal-access-control#>. >>> >>> >>> [1] http://www.w3.org/community/rww/wiki/Scope#ACL >>> [2] http://ns.bergnet.org/tac/0.1/triple-access-control >>> [3] http://www.w3.org/community/rww/wiki/Scope#Request_for_Access >>> >>> >>> >> >> > >
Received on Friday, 31 August 2012 21:56:12 UTC