Granular Access Control

markjspivey · April 10, 2019, 10:08pm

What is an example best practice for managing granular (infra-document) Web Access Control to SOLID resources/files?

For instance, given my profile is one resource, if I want to make my name public, but my organization name private.

happybeing · April 11, 2019, 7:32am

I think the limit of granularity is a file, so you would put your organisation in a separate file (along with other restricted information) and link to that from your public profile.

aveltens · April 11, 2019, 7:44am

Exactly. This is called Extended Profile and the links should be owl:sameAs or rdfs:seeAlso.

markjspivey · April 11, 2019, 3:18pm

Ok thanks, and to generalize this case, would this mean you would need to create one file per triple in order to assign access control per triple, instead of one file but access control at fragment level?

aveltens · April 11, 2019, 3:38pm

At least NSS does only have access control at file level. I am not sure if this is required by the spec. Servers that do not rely on the file system might indeed have a triple based access control, imho.

markjspivey · April 11, 2019, 10:17pm

got it, thanks! I was also reviewing the PIXOLID thread on how it is set up and it looks like each photo is a separate file so I can see how that would work.

Topic		Replies	Views
File permisions Solid App Development FAQs	7	1259	March 7, 2019
Access Control Help	8	304	March 9, 2023
Using acl files to define access rights Solid App Development FAQs	8	1068	June 18, 2020
Decentralized Web Browser for Android Ideas for Solid Apps	2	863	December 18, 2019
Use acl files to limit applications that can access a resource (using acl:origin) Solid App Development FAQs	3	800	April 30, 2019

Granular Access Control

Related Topics