Not logged in : Login
(Sponging disallowed)

About: Using Language & Logic to Drive Access Controls     Goto   Sponge   NotDistinct   Permalink

An Entity of Type : schema:CreativeWork, within Data Space : associated with source document(s)
QRcode icon

Date Created
  • 2018-09-14T17:00:13+00:00
Date Modified
  • 2018-09-14 17:00:14Z(xsd:dateTime)
  • 2018-09-14T17:00:13+00:00
same as
has a SPARQL endpoint at
  • Using Language & Logic to Drive Access Controls
described by
has creator
  • Attribute-based Access Controls (ABAC) provide a more fine-grained mechanism for protecting resources (documents) on any network than the commonly used Role-based Access Controls (RBAC) alternative. In regards to HTTP-based networks, ABAC are successfully created and exploited by harnessing the power of a Semantic Web i.e., use of human- and machine-readable logic woven into the resources (courtesy of RDF language) that manifest as the aformentioned Web variant. You create and contribute to a Semantic Web by creating document content using RDF sentences that adhere to the following rules: 1. Identify everything (real or imagined) using a hyperlink (specifically, a HTTP URI) 2. Describe anything using RDF sentences where subjects and predicates are identified using hyperlinks while objects are identified using an HTTP URI or a Literal (typed or untyped). **Note:** Adding "#{some-indexical}" to an HTTP URL automagically turns a URL (a Document Location) into a URI where entity and entity description document a connected while also disambiguated i.e., the power of entity-name=>entity-description-document indirection is unleashed!! Leveraging the above, here are three documents situated in different locations on the Web that describe a group labeled the "RWWCrew" : * [RWWCrew Group Listing from one of my Solid Pods]( * [RWWCrew Group Listing from my Personal Data Space]([RWWCrew Group Listing from one of my Solid Pods]( * [RWWCrew Group Listing from my Personal Data Space (Plain Text File)]([RWWCrew Group Listing from one of my Solid Pods]( Now that I have the Group Descriptions in place, I can also describe an Attribute-based Access Control (a/k/a WebACL in this context) along the following lines: ``` # ACL resource for the public folder @prefix acl: <>. @prefix foaf: <>. @prefix rww-group-acl: <rww-crew-group.ttl#> . # The owner has all permissions <#owner> a acl:Authorization; acl:agent <>; acl:agent <>; acl:accessTo <./>; acl:defaultForNew <./>; acl:mode acl:Read, acl:Write, acl:Control. # The public has read permissions <#public> a acl:Authorization; acl:agentClass foaf:Agent; acl:accessTo <./>; acl:defaultForNew <./>; acl:mode acl:Read. <#group> a acl:Authorization; acl:agentGroup rww-group-acl:RWWCrew ; acl:accessTo <./>; acl:defaultForNew <./>; acl:mode acl:Read, acl:Write . ``` To finish this all off, I simply place the WebACL document content in a special file in the Data Space provided by Linked Data deployment platform (e.g., solid-sever or ODS-Briefcase or anything else that understands these fundamental principles).
is contains of
is of
is topic of
is url of
Faceted Search & Find service v1.17_git51 as of Jun 26 2020

Alternative Linked Data Documents: PivotViewer | ODE     Content Formats:       RDF       ODATA       Microdata      About   
This material is Open Knowledge   W3C Semantic Web Technology [RDF Data] Valid XHTML + RDFa
OpenLink Virtuoso version 08.03.3318 as of Jul 10 2020, on Linux (x86_64-generic-linux-glibc25), Single-Server Edition (378 GB total memory)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2020 OpenLink Software