From W3C Wiki
Discussion of the WAC vocabulary
Questions regarding the current vocabulary:
- should range of
- what is the range of
- should range of acl:accessToClass be something more specific than
rdfs:Class, such as http://purl.org/dc/dcmitype/Dataset or
void:Datasetor some POWDER stuff?
- shouldn't there be a property between
Open issues/feature requests:
- what about roles? do we need them/need to express them?
- what about ownership? shall we flag who owns a resource or is this implicitly assumed by
- what about dynamics? imagine a situation where you are allowed access for, say, a day. shall we explicitly state the time frame for which
acl:the Authorisationis valid?
- there is an implicit assumption that the
foaf:members of a resource which is the object of an
acl:agentClasshave the same WebID as used in FOAF+SSL; this is not necessary the case, take for example the case where I'd like to gain access to a resource using my WebID http://sw-app.org/mic.xhtml#i and someone stated that all the members of DERI have access to it in her ACL. In the DERI group there will be a statement
:DERI foaf:member <http://www.deri.ie/about/team/member/Michael_Hausenblas#me>and unless it is known that these two WebIDs refer to the same person, the system will not grant me access.
- Fausto Giunchiglia, R Zhang and B.Crispo, University of Trento, " Ontology Driven Access Control", DISI Technical Report. Uses DL, and (sub)properties (rather than (sub)classes as in WACL) for permissions. ( But see also an initial critique of that paper on the swig irc channel )