Difference between revisions of "AccessControl"

From Linked Data Platform
Jump to: navigation, search
(Access Control)
Line 16: Line 16:
  
 
=== WebID / FOAF+SSL ===
 
=== WebID / FOAF+SSL ===
 
+
* [http://www.w3.org/wiki/Foaf+ssl Foaf+ssl wiki page]
  
 
== Access Control ==
 
== Access Control ==
Line 23: Line 23:
 
=== W3C(ish) WebAccessControl ===
 
=== W3C(ish) WebAccessControl ===
  
* '''See [http://www.w3.org/wiki/WebAccessControl Web Access Control] on the W3C wiki'''
+
* [http://www.w3.org/wiki/WebAccessControl Web Access Control wiki page]
  
 
Grant Read|Write|Append|Control permissions for a principle identified by a URL to access another URL.
 
Grant Read|Write|Append|Control permissions for a principle identified by a URL to access another URL.
Line 45: Line 45:
  
  
=== SAML ===
+
=== SAML (non-RDF) ===

Revision as of 10:42, 2 November 2012

This page collects content for a future Note on Use Cases and Requirements for Access Control to be produced by the Linked Data Platform WG. The LDP Charter states:

The Working Group will not produce a Recommendation specifying solutions for access control and authentication for Linked Data. However the Working Group may identify, based on a set of real world use cases, requirements for authentication and authorization technologies for use with Linked Data.

Deliverable, Not Recommendation Track: Access Control: Working Group Note on Use Cases and Requirements for access control and authentication mechanisms needed for this work.

1 How to Contribute

Contributors, please include a brief description and example.


2 Identity

2.1 WebID / FOAF+SSL

3 Access Control

3.1 W3C(ish) WebAccessControl

Grant Read|Write|Append|Control permissions for a principle identified by a URL to access another URL.

3.1.1 Examples

[acl:accessTo <card.rdf>; acl:mode acl:Read, acl:agentClass foaf:Agent].
[acl:accessTo <card.rdf>; acl:mode acl:Read, acl:Write;  acl:agent <card#i>].

This means that anyone may read card.rdf, and <card#i> can write it.


[acl:accessTo <card.rdf>; acl:mode acl:Read, acl:agentClass foaf:Agent].
[acl:accessTo <card.rdf>; acl:mode acl:Write;  acl:agent <card#i>].

Because acl:agent has domain foaf:Agent the last line implies that <card#i> is a foaf:Agent.


3.2 SAML (non-RDF)