Decentralized Web Browser for Android


#1

Hello all,

I’ve trying to get together an idea for a decentralized web browser for android phones and I’m considering using Solid to accomplish that task.
I’m trying to develop an architecture for it but I’m having a little bit of trouble grasping the idea of Web Access Control, more specifically, the personal user data should be stored on a web server or a more personal storage.
I would like to have some alternatives to my perspective, because I’m feeling a little bit stuck on this part.

Thanks everybody beforehand.


#2

Could you share a bit more on what your current perspective is to make it easier for us to give alternatives? :wink:

As a general note, I think of pods as a web-based file system (very similar to UNIX) where the ACLs describe access modes that agents have to resources, be that files or containers (e.g. folders). That’s at least what the current spec (WAC) says.

  • Agents can be people (via WebIDs), groups, applications, bots, or even the public - the latter means that everyone has certain access modes
  • Access modes are Read, Append, Write, which corresponds mostly to HTTP verbs, and Control
    • Read: GET
    • Append: POST
    • Write: POST, PUT, PATCH, DELETE
    • Control: With this mode you can change the ACL resource itself, meaning you decide who gets to read, write, append, and control
  • ACLs are hierarchical
    • When you set access control for a container, you can also state default access to children of the container
    • When the server checks whether or not you have access, it will check whether or not the resource has a ACL resource; if not, it will check the parenting container; and it will continue checking parents until it reaches the root of the pod
    • (WAC states that roots must have a ACL resource)

There’s also the notion of trusted apps, where users can state in their (public) profile that they trust (web) apps from a given domain. That domain will have access to all of the Pod when a user has authenticated themselves through that domain. But this is an interim solution, and I would not implement support for it, especially not in an Android app.

Sadly, AFAIK, there are not much support for Android apps on Solid :confused: But I hope you’re able to figure stuff out, and report it back here when you do :slight_smile: You might also want to check out solid/app-development on Gitter to chat with people about it. It is a bit more focused on web apps though, so you might also want to check solid/chat for broader audience.


#3

Thank you for the reply,

The idea is that the browser would be similar to an interface to a POD, and the data related to using the web and data related to the browser, including browsing history bookmarks, different types of settings would be saved and managed by the browser itself. I had a friend that told me to use Multi-Party Computation to add an extra level of security on the data but so far I’m thinking it would not be useful (to think about later).
Another thing I was considering but I was not quite sure about was if it would be possible to make the browser create it’s own webID.

I’m feeling a little bit lost with the idea, since I don’t references to build support upon, but I’m still running through ideas so that I can a more concrete one of what would be understandable.

Thank you very much for the clarification and I’ll check the sites that you recommended me.