Abstract
Access control, namely, secure authentication and authorisation as well as ensuring the confidentiality of the communication between clients and server is must-have.
This deliverable details the advancements related to task 3.4 for digital.me’s ontology based access control. The essential requirements (functional and non-functional) by considering technical agreements (e.g., usage of the Spring Framework, support of HTTP and OAuth) are listed and their fulfilment is addressed. The presented two-layer design of the access control allows for flexible decoupling of the ontology access control from environmental security attributes (securing communications, RBAC based authentication, authorisation, and secure business logic access).
Furthermore, this deliverable describes how trust and privacy were considered in the modelling of the ontology based access control (incl. meta-data modelling). In addition, the usage of the privacy preferences ontology (PPO) is presented. Finally additional configuration and API description for the current status are provided. Future improvements are also addressed.
About
-
Dissemination level: Confidential
-
Nature: Accompanying Report to Prototype
-
Workpackage: WP 3 Lifting, Semantic Representation and Processing of Personal Data