Re: TAC + roles + resource access control = UAC

Hi,

UAC covers access control for triples, graphs and resources. The
ontology uses the "follow your nose" concept. That means access control
for resources can be based on triples which point to the resource. Just
have a look at the gallery example I mentioned in my first email. I
think shi3ld is designed only for graph access control.

UAC does not require an additional language. The access control model is
directly mapped into triples. In the future we need tools to manage
access control. I think it's easier to program tools which handle UAC
than SPARQL. In the last meeting we discussed the possibility of a
SPARQLFilter class. It's possible to create custom filters, but we
suggest to use the already defined filters because of the earlier
mentioned reason.

With triple access control there is no requirement to separated your
graphs for the access control. But that's up to you. If you don't like
the idea of triple access control just use the graph part.

Request for access [1] could be based on UAC. Think about the dialog
shown to a user. Making a complex SPARQL query readable is quite complex
from my point of view. But for that topic a different spec must created
afterwards.

We are still in the concept stage. The graph part for example is not yet
defined. If you think something else is missing, share your ideas on the
mailing list and/or join the next meeting.

[1] http://www.w3.org/community/rww/wiki/Scope#Request_for_Access

Am 04.09.2012 15:35, schrieb Niclas Hoyer:
> Hi,
> 
> I recently found the SHI3LD project from Wimmics [1], which is also
> targeting that issue. I've already implemented a prototype for this in
> Java [2].
> 
> Could someone point out the differences between the current draft and
> SHI3LD? I'm a bit confused in how these specifications could work together.
> 
> [1] http://wimmics.inria.fr/projects/shi3ld/
> [2] https://github.com/semfact/plate
> 
> Regards,
> Niclas
>

Received on Tuesday, 4 September 2012 22:25:59 UTC