[foaf-protocols] FOAF+ssl, access control.

Michael Hausenblas michael.hausenblas at deri.org
Thu Jan 14 10:18:30 CET 2010 

Michael,

>> P.S> I was trying to find the answers for above within the list and
>> Internet... Though I saw a peaces related to the topic, I failed to
>> find the answer.
> 
> No you are on the bleeding edge here. That is exactly the topic that we need
> to look into next. :-)

That's right. Two resources that might be of help to get started are [1]
(for a broader introduction) and [2] (re RDF policy-based ACL).

Cheers,
      Michael

[1] http://linkeddata.deri.ie/tr/2009-rw-wod
[2] http://dig.csail.mit.edu/2009/presbrey/UAP.pdf

-- 
Dr. Michael Hausenblas
LiDRC - Linked Data Research Centre
DERI - Digital Enterprise Research Institute
NUIG - National University of Ireland, Galway
Ireland, Europe
Tel. +353 91 495730
http://linkeddata.deri.ie/
http://sw-app.org/about.html



> From: Story Henry <henry.story at bblfish.net>
> Date: Thu, 14 Jan 2010 09:56:04 +0100
> To: Michael Andronov <ma5645 at gmail.com>
> Cc: <foaf-protocols at lists.foaf-project.org>
> Subject: Re: [foaf-protocols] FOAF+ssl, access control.
> 
> 
> On 14 Jan 2010, at 04:42, Michael Andronov wrote:
> 
>> Hi,
>> 
>> First, thanks a lot for all answers for my previous post about
>> "FOAF+ssl with Safari...".
>> My second newbie question(s) is about ACL(s)...
> 
> That is the part we have not yet good use cases, and the one we want to look
> at 
> next.
> 
>> 
>> My present foaf.rdf file is just an .n3 file, which I converted into
>> .rdf file, and put it on my Web server...
> 
> Same with mine :-)
> 
>> Basically, all information within this file is opened and available...
>> As next step, I was looking for the common solution to set the ACL(s)
>> to part of the file, based on user WebId, etc... but failed to fine
>> one.
> 
> Clearly the simplest way here, is to use content negotation on access control.
> This is what all web sites currently do. If you go to
> http://www.facebook.com/bblfish you will see one thing if you are my friend
> and another if you are not.
> 
>> 
>> (I have seen http://esw.w3.org/topic/WebAccessControl,  a few pages
>> with suggestions to encrypt part(s) of the file with keys of the
>> person(s) I would like to grand access... )
> 
> Encrypting parts of files seems to me the least likely one to be adopted soon,
> though it is an interesting place to play around with ideas.
> 
>> 
>> But is there any guidelines how to set the Web Server ( Apache?) with
>> ACL controls of the rdf file(s)?
> 
> I am not sure here. Simple content negoation would do what you do with
> your .n3 and .rdf files, except that you need to add a few more files like
> 
> card.public.html
> card.public.n3
> card.public.rdf
> card.friend.n3
> card.friend.html
> card.friends.rdf
> 
> And have one of those be selected depending on how the person who accessed the
> resource is authenticated.
> 
> I added the .html formats because that is always a good place to start with:
> assume your robot is a human being. Things are more obvious then.
> 
> One thing you want to tell your agent is that he can see more information if
> he logs in. That is what we need an ontology for: to tell a robot that certain
> resources are accessible to members of certain groups. But notice: we don't
> need this to be officially very solid until we really do want to start
> building such robots.
> 
> 
> 
>> Do I need to put some kind of database 2 rdf converter and to grand
>> access to each triple within my RDF file?
>> Is there 'de facto standard' how to do such thing in today environments?
> 
> If you want to generate those automatically, I think a SPARQL query is perhaps
> something you should look into. Or in cwm you can use N3 rules, and place
> certain types of facts into a :Private graph, and then only stream that out.
> 
>> 
>> Thanks a lot.
>> Michael.
>> 
>> P.S> I was trying to find the answers for above within the list and
>> Internet... Though I saw a peaces related to the topic, I failed to
>> find the answer.
>> Please, accept my appologies if the questions have been already
>> answered in details in earlier post(s).
> 
> No you are on the bleeding edge here. That is exactly the topic that we need
> to look into next. :-)
> 
> 
> 
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols

More information about the foaf-protocols mailing list