- From: Mikael Pesonen <mikael.pesonen@lingsoft.fi>
- Date: Tue, 10 Sep 2019 13:24:51 +0300
- To: Dave Raggett <dsr@w3.org>
- Cc: semantic-web@w3.org
Very much agree on this, there are some standards but they are a bit scattered and not working optimally together. We are just designing the framework for building various kinds of apps. It has the components js/REACT web app -- middleware / proxy -- Apache Jena First app will have input forms and we are doing data validation using SHACL. Now that you mentioned, SHACL rules could be used also as a proxy, so that's an option too. There are just not too many examples of that. On 10/09/2019 13:11, Dave Raggett wrote: > Hi Mikael, > > I guess it depends on exactly what your requirements are. For instance, you might want to limit access to particular parts of the dataset, offering different views depending upon the security clearance of a given client. Another concern might be in respect to denial of service attacks through malicious choices of queries. > > Another way of thinking about this relates to contracts between the supplier and consumer of information services. The contract could specify the precise interfaces to be exposed to the consumer, along with terms and conditions for the use of this information. The Web of Things could be helpful as it allows the supplier to use JSON-LD to describe the interfaces in terms of objects with properties, actions and events, which are exposed locally to the client code running in the consumer’s machine. > > Graph shapes could be a useful component for specifying contracts, e.g. SHACL or ShEx, as they allow you to define validity constraints for data exchanged between the supplier and consumer. > > I would like to encourage more work on open standards for open markets for information services, including standards relating to smart contracts, service discovery, service management and automatic security updates for application software. > > Best regards, > Dave > >> On 6 Sep 2019, at 14:17, Mikael Pesonen <mikael.pesonen@lingsoft.fi> wrote: >> we are developing a public javascript / React application which manipulates RDF data on a triplestore (Jena). >> For security reasons it is not feasible to allow the application to make direct queries to the triplestore. >> >> What kind of strategies and implementations there are to tackle this? Some kind of middleware should be needed and Linked data Fragments is one standard that comes to mind. > Dave Raggett <dsr@w3.org> http://www.w3.org/People/Raggett > W3C Data Activity Lead & W3C champion for the Web of things > > > -- Lingsoft - 30 years of Leading Language Management www.lingsoft.fi Speech Applications - Language Management - Translation - Reader's and Writer's Tools - Text Tools - E-books and M-books Mikael Pesonen System Engineer e-mail: mikael.pesonen@lingsoft.fi Tel. +358 2 279 3300 Time zone: GMT+2 Helsinki Office Eteläranta 10 FI-00130 Helsinki FINLAND Turku Office Kauppiaskatu 5 A FI-20100 Turku FINLAND
Received on Tuesday, 10 September 2019 10:25:19 UTC