Access Control in Linked Data Using WebID
This work addresses security and trust issues for stakeholders handling sensitive or personal data in Linked Data domains, but it is incremental as it applies existing WebID technology to a specific practical scenario.
The paper tackled the problem of granular access control in Linked Data by applying WebID technology to a lifelong learning and student mobility scenario, resulting in a fully implemented proof-of-concept that demonstrated usability and security in a real-world study enrollment use case.
Linked Data technologies become increasingly important in many domains. Key factors for their breakthrough are security and trust, especially when sensible or personal data are involved. Classical means for access control lack granularity when parts of the Linked Data graph must be protected. The WebID, combining semantic web concepts with methods from certificate based authentication and authorization, seems promising to fulfill all requirements concerning security and trust in the semantic web. In the context of the PerSemID project, we challenged the WebID technology in a practical scenario coming from the domain of lifelong learning and student mobility. In our use case of study enrollment, we use WebIDs for authentication and to grant access to parts of the triple stores of the different stakeholders. Cross domain triple store interactions are used to exchange data between the involved parties. Our fully implemented PoC exemplifies an application built on Linked Data and WebID and allows us to judge the usability and security of WebID technology in a real world scenario.