- From: Marian, Radu <radu.marian@baml.com>
- Date: Thu, 02 May 2013 22:22:42 +0000
- To: Kingsley Idehen <kidehen@openlinksw.com>, "public-vocabs@w3.org" <public-vocabs@w3.org>
Kingsley, Thanks for pointing to the Web Access Control vocabulary. To cater to use cases on the Web the WAC needs to be resource centric: "allowing different users and groups various forms of access to resources" http://www.w3.org/wiki/WebAccessControl The approach that we are taking is Task centric. (the context for Tasks - it is a Level 4 item type in a business taxonomy - standards such as eTOM - page 19 of http://www.oracle.com/us/products/applications/057009.pdf) It would be nice if you can get access CloudAuthZ for more information on the model. Regards, Radu Marian, MSCS, SCEA, CISSP Bank of America - Charlotte, NC VP, Architect 2, Enterprise Security Architecture Business phone number: (704) 628-6874 an Enterprise without Ontology is like a country without a map. -----Original Message----- From: Kingsley Idehen [mailto:kidehen@openlinksw.com] Sent: Thursday, May 02, 2013 4:43 PM To: public-vocabs@w3.org; Marian, Radu Subject: Re: how to go about creating a new vocab? On 5/2/13 12:13 PM, Marian, Radu wrote: > Alex, > > Thank you - I did see them both. They may satisfy basic Web and Social access control needs. > > However our goal is to standardize on an IAM vocabulary in Cloud/Enterprise. It should cover all IAM phases - Access Design, Request, Approval, Provisioning, Runtime, Review, Analytics, and Reconciliation. The suggested vocabularies aren't Web specific per se. At all phases (as per your list above) there are resources being created (enterprise or Web accessible) to which access controls apply. Thus, you need to align identities and machine- and human-readable entity relationship semantics that manifest as resource access controls or data access policies.. > > Here is the latest model snapshot > https://www.oasis-open.org/apps/org/workgroup/cloudauthz/download.php/ > 49053/entitlement.ontology.png > > P.S. I am working on a write-up to describe this model. BTW -- The PNG resource isn't accessible. Are you planning to mark this up using some machine readable notation etc? Here are some examples of the Web Access Control ontology in action: 1. http://kingsley.idehen.net/DAV/home/kidehen/Public/ -- although this folder has a cocktail of access controls that determine what identities can do what (via the HTML UI or raw HTTP ) 2. http://bit.ly/UXZEYV -- G+ note about multi-identifier and multi-authentication protocol approach to acls (note: this is all driven by the Web Access Control ontology) . Conclusion: There's a lot to gain from the Web Access Control vocabulary/ontology in its current form, as a building block. Kingsley > > Regards, > Radu Marian, MSCS, SCEA, CISSP > Bank of America - Charlotte, NC > VP, Architect 2, Enterprise Security Architecture Business phone > number: (704) 628-6874 an Enterprise without Ontology is like a > country without a map. > > > > -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen ---------------------------------------------------------------------- This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.
Received on Thursday, 2 May 2013 22:23:13 UTC