On 5/5/11 6:06 AM, Sebastian Schaffert wrote:
> + How is authentication and authorisation handled (like WebID [5] and WAC
[6])?
Since we are an applied research centre, we want to be standards-based as far
as possible. There are actually two separate issues you are suggesting here.
Authentication and authorisation. The authentication we are working on will be
based on OAuth2, and we already have an experimental implementation for that.
For authorisation we are planning to use access control lists in some form, but
this is not really thought through yet- The proposal in [6] looks promising for
access control lists.
Put differently, the question above is about this: are you aware of the
WebID protocol, and its fidelity re. RESTful interaction with Data Objects?
WebID provides a fine grained solution for ACL constrained interaction
with Data Objects via their URIs.
Links:
1. http://www.w3.org/wiki/WebID - WebID Wiki
2. http://bblfish.net/tmp/2011/04/26/ -- WebID Protocol & Browsers Paper
for upcoming W3C workshop on Identity in the Browser
--
Regards,
Kingsley Idehen
President& CEO
OpenLink Software
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca: kidehen
