RWW Access Control Use Cases and Recommendations

This is a working document used to collect use cases and requirements in order to provide Access Control to RWW-enabled applications (see LDP).

Scope and Motivation

The main purpose of this document is to identify how Access Control can be implemented in the scope of RWW applications, as well as for LDP.

-- add a longer and more accurate description here

Use Cases

MyProfile-LDP

MyProfile-LDP intends to provide users with personal data spaces (LDP endpoints of some sort), which are completely decentralized. Though it is currently in _very_ early development phase, it tries to implement the LDP specifications as best as possible. At this point there are several key facts that MyProfile-LDP must take into consideration.

1. The LDP endpoint/platform will allow users to "plug" their data spaces into external LDP-enabled services or user interfaces. By doing this, it basically allows external applications to read/write data directly into the user's data space. At this point, it becomes obvious that applications must be separated from each other, each having it's own space and unique URI. (i.e. https://example.com/username/ldp/apps/appname - just a fictional structure for now)

2. A very similar approach can be applied for other users. For example, we may decide to allow our friends to have a private "corner" on our LDP server. (i.e. https://example.com/username/ldp/users/friend1)

--- more will be added soon