- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Thu, 02 May 2013 21:19:53 -0400
- To: public-vocabs@w3.org
- Message-ID: <518310B9.30708@openlinksw.com>
On 5/2/13 6:22 PM, Marian, Radu wrote: > Kingsley, > > Thanks for pointing to the Web Access Control vocabulary. To cater to use cases on the Web the WAC needs to be resource centric: > "allowing different users and groups various forms of access to resources" > http://www.w3.org/wiki/WebAccessControl "Resource" is a terribly overloaded term. The "Web" in the Web Access Control vocabulary is simply about data being "webby" and accessible over a network using protocols such as HTTP. Webb structured data is just entity relationship model based structured data that leverages URIs as denotation mechanisms for entities and their relation based associations. > > The approach that we are taking is Task centric. (the context for Tasks - it is a Level 4 item type in a business taxonomy - standards such as eTOM - page 19 of http://www.oracle.com/us/products/applications/057009.pdf) A task is a thing i.e., it can be denoted using an identifier e.g., a URI. In addition, said entity has relations that association it with other entities. > > It would be nice if you can get access CloudAuthZ for more information on the model. Yes, so please provide me with a URL to a document that describes the model. Ideally, the model should be presented in entity relationship form. Bottom line, we are all aiming for the same thing, our perceived differences are artificial at best :-) Kingsley > > Regards, > Radu Marian, MSCS, SCEA, CISSP > Bank of America - Charlotte, NC > VP, Architect 2, Enterprise Security Architecture > Business phone number: (704) 628-6874 > an Enterprise without Ontology is like a country without a map. > > -----Original Message----- > From: Kingsley Idehen [mailto:kidehen@openlinksw.com] > Sent: Thursday, May 02, 2013 4:43 PM > To: public-vocabs@w3.org; Marian, Radu > Subject: Re: how to go about creating a new vocab? > > On 5/2/13 12:13 PM, Marian, Radu wrote: >> Alex, >> >> Thank you - I did see them both. They may satisfy basic Web and Social access control needs. >> >> However our goal is to standardize on an IAM vocabulary in Cloud/Enterprise. It should cover all IAM phases - Access Design, Request, Approval, Provisioning, Runtime, Review, Analytics, and Reconciliation. > The suggested vocabularies aren't Web specific per se. > > At all phases (as per your list above) there are resources being created (enterprise or Web accessible) to which access controls apply. Thus, you need to align identities and machine- and human-readable entity relationship semantics that manifest as resource access controls or data access policies.. >> Here is the latest model snapshot >> https://www.oasis-open.org/apps/org/workgroup/cloudauthz/download.php/ >> 49053/entitlement.ontology.png >> >> P.S. I am working on a write-up to describe this model. > BTW -- The PNG resource isn't accessible. Are you planning to mark this up using some machine readable notation etc? > > Here are some examples of the Web Access Control ontology in action: > > 1. http://kingsley.idehen.net/DAV/home/kidehen/Public/ -- although this folder has a cocktail of access controls that determine what identities can do what (via the HTML UI or raw HTTP ) > > 2. http://bit.ly/UXZEYV -- G+ note about multi-identifier and multi-authentication protocol approach to acls (note: this is all driven by the Web Access Control ontology) . > > Conclusion: > > There's a lot to gain from the Web Access Control vocabulary/ontology in its current form, as a building block. > > Kingsley >> Regards, >> Radu Marian, MSCS, SCEA, CISSP >> Bank of America - Charlotte, NC >> VP, Architect 2, Enterprise Security Architecture Business phone >> number: (704) 628-6874 an Enterprise without Ontology is like a >> country without a map. >> >> >> >> > -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Friday, 3 May 2013 01:20:18 UTC