Access Control for AtomPub
Alistair Miles <alimanfoo@googlemail.com> Wed, 19 January 2011 18:01 UTC
Return-Path: <owner-atom-syntax@mail.imc.org>
X-Original-To: ietfarch-atompub-archive@core3.amsl.com
Delivered-To: ietfarch-atompub-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D10F028C111 for <ietfarch-atompub-archive@core3.amsl.com>; Wed, 19 Jan 2011 10:01:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.896
X-Spam-Level:
X-Spam-Status: No, score=-0.896 tagged_above=-999 required=5 tests=[AWL=1.150, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZgMxVb7tVaFL for <ietfarch-atompub-archive@core3.amsl.com>; Wed, 19 Jan 2011 10:01:56 -0800 (PST)
Received: from hoffman.proper.com (Hoffman.Proper.COM [207.182.41.81]) by core3.amsl.com (Postfix) with ESMTP id 8A49528C127 for <atompub-archive@ietf.org>; Wed, 19 Jan 2011 10:01:56 -0800 (PST)
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0JHr5Ng008049 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 19 Jan 2011 10:53:06 -0700 (MST) (envelope-from owner-atom-syntax@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id p0JHr54q008047; Wed, 19 Jan 2011 10:53:05 -0700 (MST) (envelope-from owner-atom-syntax@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-atom-syntax@mail.imc.org using -f
Received: from mail-gy0-f171.google.com (mail-gy0-f171.google.com [209.85.160.171]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0JHr4P8008038 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=FAIL); Wed, 19 Jan 2011 10:53:05 -0700 (MST) (envelope-from alimanfoo@googlemail.com)
Received: by gyg13 with SMTP id 13so378600gyg.16 for <multiple recipients>; Wed, 19 Jan 2011 09:53:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:date:from:to:subject:message-id:mime-version :content-type:content-disposition:user-agent; bh=DCPYLyB6jyiYGnGr6vHNj1GyeLmUDA3T7D5YrADtqho=; b=KwyNzn/Iw83lo6dilsF2pSEKZWbmccDTXvStP/GpL1bSMgt63W6laqg3W18DX1NJx7 pZx7izDCoGE8wpFAZR/aTClZUshjyiN4TzPaqlX8MIXroQzKQVaHz/uIvp0qinztzzNi aycLWu64FNcq/8TnjjI3gfWm2UL/wemYhcRoo=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:mime-version:content-type :content-disposition:user-agent; b=niqeSM27D55zBwicf152f7GRj5+6rI7FoKAdUZRSy19JKIs+CeWVQhOweeuSlREMC+ t98rIDRpXmATxgmhS2BHV4JEAT+mKjaSw4r2HvOrwdq/Q5aCu8DjMtxgY7jO4jxdlkmh 1vF4BJg6/FtSRp0Oe29HLfMr4JH8zeENmKMpo=
Received: by 10.204.102.206 with SMTP id h14mr966993bko.45.1295459513629; Wed, 19 Jan 2011 09:51:53 -0800 (PST)
Received: from aliman-desktop (dhcp414.well.ox.ac.uk [129.67.46.1]) by mx.google.com with ESMTPS id v1sm3453002bkt.5.2011.01.19.09.51.52 (version=SSLv3 cipher=RC4-MD5); Wed, 19 Jan 2011 09:51:52 -0800 (PST)
Date: Wed, 19 Jan 2011 17:51:51 +0000
From: Alistair Miles <alimanfoo@googlemail.com>
To: atom-protocol@imc.org, atom-syntax@imc.org
Subject: Access Control for AtomPub
Message-ID: <20110119175151.GB5578@aliman-desktop>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-06-14)
Sender: owner-atom-syntax@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/atom-syntax/mail-archive/>
List-Unsubscribe: <mailto:atom-syntax-request@imc.org?body=unsubscribe>
List-ID: <atom-syntax.imc.org>
Hi all, Apologies for mailing both atom-* lists, I wasn't sure which was the right forum for this. With colleagues at the University of Oxford, I've been doing some work on access control for atompub-based data repositories. We have a vanilla atompub implementation called AtomBeat, which has a security plugin that supports fine-grained access control policies via access control lists. There's some documentation at: http://code.google.com/p/atombeat/wiki/TutorialAccessControl I guess I'm emailing because I'd be very interested to hear from anyone who's done any work on authorization and access control for systems based on atompub. This stuff isn't easy, and I'd really appreciate any insights or experience or links to discussions or existing implementation work. Other relevant work I'm aware of is the work on access control in CMIS [1] (which I need to study in more detail, haven't fully understood yet), the various bits of the GData APIs that support access control (e.g., calendar API [2]), and a discussion of feed access control and licensing on rss-public from 2006 [3] ... please let me know if I'm missing anything major. Cheers, Alistair [1] http://docs.oasis-open.org/cmis/CMIS/v1.0/os/cmis-spec-v1.0.html [2] http://code.google.com/apis/calendar/data/2.0/developers_guide_protocol.html#SharingACalendar [3] http://tech.groups.yahoo.com/group/rss-public/message/724 -- Alistair Miles Head of Epidemiological Informatics Centre for Genomics and Global Health <http://cggh.org> The Wellcome Trust Centre for Human Genetics Roosevelt Drive Oxford OX3 7BN United Kingdom Web: http://purl.org/net/aliman Email: alimanfoo@gmail.com Tel: +44 (0)1865 287669
- Access Control for AtomPub Alistair Miles
- Re: Access Control for AtomPub Paul Fremantle
- Re: Access Control for AtomPub Alistair Miles
- Re: Access Control for AtomPub Paul Fremantle