Difference between revisions of "AccessControl"

From Linked Data Platform
Jump to: navigation, search
Line 12: Line 12:
 
Contributors, please include a brief description and example.
 
Contributors, please include a brief description and example.
  
== W3C(ish) WebAccessControl ==
+
 
 +
== Identity ==
 +
 
 +
=== WebID / FOAF+SSL ===
 +
 
 +
 
 +
== Access Control ==
 +
 
 +
 
 +
=== W3C(ish) WebAccessControl ===
  
 
* '''See [http://www.w3.org/wiki/WebAccessControl Web Access Control] on the W3C wiki'''
 
* '''See [http://www.w3.org/wiki/WebAccessControl Web Access Control] on the W3C wiki'''
Line 18: Line 27:
 
Grant Read|Write|Append|Control permissions for a principle identified by a URL to access another URL.
 
Grant Read|Write|Append|Control permissions for a principle identified by a URL to access another URL.
  
=== Examples ===
+
==== Examples ====
  
 
<pre><nowiki>
 
<pre><nowiki>

Revision as of 10:37, 2 November 2012

This page collects content for a future Note on Use Cases and Requirements for Access Control to be produced by the Linked Data Platform WG. The LDP Charter states:

The Working Group will not produce a Recommendation specifying solutions for access control and authentication for Linked Data. However the Working Group may identify, based on a set of real world use cases, requirements for authentication and authorization technologies for use with Linked Data.

Deliverable, Not Recommendation Track: Access Control: Working Group Note on Use Cases and Requirements for access control and authentication mechanisms needed for this work.

1 How to Contribute

Contributors, please include a brief description and example.


2 Identity

2.1 WebID / FOAF+SSL

3 Access Control

3.1 W3C(ish) WebAccessControl

Grant Read|Write|Append|Control permissions for a principle identified by a URL to access another URL.

3.1.1 Examples

[acl:accessTo <card.rdf>; acl:mode acl:Read, acl:agentClass foaf:Agent].
[acl:accessTo <card.rdf>; acl:mode acl:Read, acl:Write;  acl:agent <card#i>].

This means that anyone may read card.rdf, and <card#i> can write it.


[acl:accessTo <card.rdf>; acl:mode acl:Read, acl:agentClass foaf:Agent].
[acl:accessTo <card.rdf>; acl:mode acl:Write;  acl:agent <card#i>].

Because acl:agent has domain foaf:Agent the last line implies that <card#i> is a foaf:Agent.