WebAccessControl/Vocabulary

From W3C Wiki
Jump to: navigation, search


Discussion of the WAC vocabulary

WebAccessControl$$Vocabulary$wac-acl-vis.png

Questions regarding the current vocabulary:

  • should range of acl:mode be acl:Access rather than rdfs:Class?
  • what is the range of acl:defaultForNew?
  • should range of acl:accessToClass be something more specific than rdfs:Class, such as http://purl.org/dc/dcmitype/Dataset or void:Dataset or some POWDER stuff?
  • shouldn't there be a property between acl:Control and gen:[[InformationResource]] such as acl:controls?

Open issues/feature requests:

  • what about roles? do we need them/need to express them?
  • what about ownership? shall we flag who owns a resource or is this implicitly assumed by acl:Control?
  • what about dynamics? imagine a situation where you are allowed access for, say, a day. shall we explicitly state the time frame for which acl:the Authorisation is valid?
  • there is an implicit assumption that the foaf:members of a resource which is the object of an acl:agentClass have the same WebID as used in FOAF+SSL; this is not necessary the case, take for example the case where I'd like to gain access to a resource using my WebID http://sw-app.org/mic.xhtml#i and someone stated that all the members of DERI have access to it in her ACL. In the DERI group there will be a statement :DERI foaf:member <http://www.deri.ie/about/team/member/Michael_Hausenblas#me> and unless it is known that these two WebIDs refer to the same person, the system will not grant me access.

Related Work