SPARQL and security (was: URIs and SPARQL endpoints)

Hi,

Thanks to all who responded!

Now my next problem:

Given the fact that the security aspects of SPARQL were hardly (if at all)
addressed I get the impression that this was because the SW supposedly has
nothing but public domain accessible information. That is of course not so.
So we were told that we should solve that through the HTTP or HTTPS security
provisions. Fine, if one is a security expert. I'm not, so I am looking for
some advice, in particular on what to read and what to do or avoid when
implementing SPARQL in an HTTPS environment, with LOTS of triple stores
accessible by one SPARQL query, often cascaded (after all the SW is aka
distributed data base).

Can anyone help us?

Regards,
Hans

-----Original Message-----
From: Frank Manola [mailto:fmanola@acm.org] 
Sent: Monday, June 19, 2006 16:45
To: Dan Brickley
Cc: Hans Teijgeler; SW-forum
Subject: Re: URIs and SPARQL endpoints

According to the Web Services addressing spec
(http://www.w3.org/TR/2005/WD-ws-addr-core-20050215/)

"A Web service endpoint is a (referenceable) entity, processor, or resource
to which Web service messages can be addressed. Endpoint references convey
the information needed to address a Web service endpoint."

An endpoint reference (as defined here) includes a URI (as an address for
the endpoint), parameters, and some other stuff.

Sure would be nice if these definitions were easier to find (and clearer;
hint to W3C spec writers).

--Frank



Dan Brickley wrote:
> * Hans Teijgeler <hans.teijgeler@quicknet.nl> [2006-06-19 10:24+0200]
>> Hi,
>>  
>> When trying to use SPARQL one stumbles upon the concept of 
>> "endpoint". When I checked in the (Candidate) Recommendation the word 
>> endpoint is not used at all. Yet, when you use Google you get many 
>> deliberations about endpoints, but nowhere a definition or 
>> standardization. How come? Where can I find reading material about 
>> (SPARQL) endpoints that doesn't assume that I already know what it is?
> 
> Interesting point. The word I think comes from the SOAP community, but 
> I looked in the SOAP specs and similarly found only casual mention of 
> it there. Hunting further, I find it in the "normative definitions" 
> section of the Web Services Description Requirements doc at 
> http://www.w3.org/TR/ws-desc-reqs/#normDefs
> 
> [[
> EndPoint (AKA Port)
> 
>     [Definition: An association between a fully-specified
>     InterfaceBinding and a network address, specified by a URI [IETF RFC
>     2396], that may be used to communicate with an instance of a Web
>     Service. An EndPoint indicates a specific location for accessing a
>     Web Service using a specific protocol and data format.] ]]
> 
> That last phrase is applicable; perhaps the entire definition even, 
> since the protocol uses WSDL.
>>  
>> I also have a direct question: what is the difference between a URI 
>> and an endpoint? Somewhere I read a discussion about this, but the 
>> participants in that discussion didn't seem to agree with each other, 
>> so it seems that I am not completely alone in my ignorance.
> 
> URIs are identifiers, basically names for things on the Web. 
> Endpoints, like many other things, can be named with URIs. There's a 
> lot more about URIs in http://www.w3.org/TR/webarch/
> 
> Hope this helps,
> 
> Dan
> 
> 
>> Can someone help me?
>>  
>> Regards,
>> Hans
>>  
>> ____________________
>> OntoConsult
>> Hans Teijgeler
>> ISO 15926 specialist
>> Netherlands
>> +31-72-509 2005
>> HYPERLINK "http://www.infowebml.ws/"www.InfowebML.ws
>> HYPERLINK 
>> "mailto:hans.teijgeler@quicknet.nl"hans.teijgeler@quicknet.nl
>>  
>>  
>>
>> --
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.1.394 / Virus Database: 268.9.0/368 - Release Date: 
>> 16-Jun-06
>>  
> 
> 

--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.9.0/368 - Release Date: 16-Jun-06
 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.9.2/370 - Release Date: 20-Jun-06
 

Received on Wednesday, 21 June 2006 13:34:46 UTC