Today morning, we started the main LOD2 plenary meeting in Vienna. The first half day session, the WebID special interest group discussed about WebID based single sign for the LOD2 stack and authorization. The challenge here is to provide a interoperable authorization layer which describe user, groups / roles and access to different parts of the stack as well as the managed knowledge bases. We agreed on the following short and long-time goals and activities.
WebID registration service
In order to allow users to try out WebID technology, we need to provide an open service for the registration of new WebIDs. Of course we want to work together with the WebID community group here and some member of the LOD2 consortium are already active in this group. Our goal here is to add a new stack package to our repository which allows for registration and management of minimal working WebID profiles including certificate creation. We will run a public service based on this component but users of the stack can decide to host their own service too. Since there are existing tools here we will try integrate rather than to develop.
Stack internal authorization policy
Since one of our integration goals is to provide provenance support for all activities done by users with the different tools from the stack, we need a policy on how to describe and share descriptions on users and user groups with roles access rights on the stack. Something similar is used already by OntoWiki so we decided to take this as a base and look for more requirements from the rest of the stack.