AccessControl4GoodRelations

From Wiki of the E-Business and Web Science Research Group
Jump to: navigation, search
gr_banner_small.png
GoodRelations is a standardized vocabulary for product, price, and company data that can be embedded into existing static and dynamic Web pages.

Project Main Page
Vocabulary
Documentation
Developer's Wiki
GoodRelations Cookbook

This recipe is a stub and will be completed shortly.

If we shall make it a priority for you, please e-mail to mheppATcomputerDOTorg.

Overview

On this page, we explain how you can restrict the access to GoodRelations data, e.g. in order to protect price information meant for special audiences only (reseller prices, student rebates, ...).

It is important to educate potential users that while GoodRelations data about your products should be placed on the Web, this does not imply that you cannot control who will be reading and using it.

In a nutshell, you can use the very same mechanisms for protecting your product and price information in GoodRelations that you would use for XML or PDF documents.

For example, you may require registration and a username / password combination prior to granting access to your price information.

You can also make part of your data freely accessible and protect other parts.

The cool thing about GoodRelations and Linked Data is that those users whom you allow to see protected data can easily collate and integrate the datasets. For example, one of your authorized retailers can use your public datasheets and your protected dealer price list to compute its public end user prices by adding a fixed margin.

There are at least three techniques for this:

  • HTTP Basic Authentication
  • HTTP Digest Authentication
  • WebID (formerly known as FOAF+SSL).

Target Audience

  • You should be familiar with the foundations of GoodRelations, e.g. by watching the following two videos:
  • It's helpful if you understand the basics of HTTP Access Control mechanisms, namely HTTP Authentication (Basic and Digest).

Scenario Description

Resources

Techniques

  • Access control in HTTP: Basic and digest access
  • HTTPS
  • SSL/TLS
  • OAuth
  • OpenID
  • WebID, formerly known as FOAF-SSL

Links & Materials