Access Control in Linked Data Using WebID

Abstract

Linked Data technologies become increasingly important in many domains. Key factors for their breakthrough are security and trust, especially when sensible or personal data are involved. Classical means for access control lack granularity when parts of the Linked Data graph must be protected. The WebID, combining semantic web concepts with methods from certificate based authentication and authorization, seems promising to fulfill all requirements concerning security and trust in the semantic web. In the context of the PerSemID project, we challenged the WebID technology in a practical scenario coming from the domain of lifelong learning and student mobility. In our use case of study enrollment, we use WebIDs for authentication and to grant access to parts of the triple stores of the different stakeholders. Cross domain triple store interactions are used to exchange data between the involved parties. Our fully implemented PoC exemplifies an application built on Linked Data and WebID and allows us to judge the usability and security of WebID technology in a real world scenario.