Re: Beginning work on an official Web Access Control spec.

Andrei,

I would be interested. I have worked on ACL a lot recently, with a
goal to produce a transparent JAX-RS authorization filter for our
Graphity platform: http://graphity.org.

I have successfully implemented the filter using W3C ACL ontology and
plain SPARQL 1.1, but the code is unfortunately closed-source so far.
Single SPARQL query checks access for a specific foaf:Agent instance
(or foaf:Agent class in case of public access) and uses federation if
necessary. The main issues I've encountered were mostly related to
distributing ACL data across repositories and/or named graphs and
attaching them to user accounts.

Martynas
graphityhq.com

On Thu, Oct 17, 2013 at 3:05 PM, Andrei Sambra <andrei.sambra@gmail.com> wrote:
> Dear all,
>
> For those of you who know me, please skip this paragraph. For the others, I
> would first like to introduce myself. My name is Andrei Sambra and for the
> past three years I have been involved in different W3C groups, such as
> WebID, LDP and RWW (co-chair). As an advocate of Semantic Web technologies,
> especially those taking user privacy into consideration, I am currently
> working on two projects, MyProfile [1] (WebID provider / social network) and
> RWW.IO [2], the later including support for WebID, LDP and WAC [3]. RWW.IO
> is a Read/Write Web-based personal data store.
>
> Over the past few years, we have noticed that Linked Data is no longer a
> technology limited to the public space, finding its way into consumer
> applications. As a consequence, it becomes increasingly important to be able
> to protect access to private/sensitive resources. To this regard, the Web
> Access Control (WAC) ontology [3] has been put together by Tim Berners-Lee,
> offering the basic means to set up ACLs. Due to its nature (i.e. an
> ontology) however, it does not provide the formalism necessary to implement
> it in order to achieve interoperability, nor does it provide an organized
> space where it can be discussed and improved.
>
> The reason behind writing the email is that I would like to know how many
> people are interested in participating to the standardization process of a
> Web Access Control spec.
>
> The Read Write Web community group has so far been the host of inquiries
> regarding the WAC ontology. However, being a community group, it does not
> have access to W3C's teleconference system, nor to the issue tracking
> system. Depending on your interest in a WAC spec, and the preliminary
> discussions we might have, we may very well have to create a dedicated
> working group. For now however, I suggest we use the public RWW list
> (public-rww@w3.org) in order to coordinate the efforts on this subject.
>
> Please let me know how you stand on this subject and perhaps suggest a way
> to count who is interested in participating (doodle, something else maybe?).
>
> Best wishes,
> Andrei
>
> [1] https://my-profile.eu/
> [2] https://rww.io/
> [3] http://www.w3.org/wiki/WebAccessControl

Received on Thursday, 17 October 2013 19:26:08 UTC