Access Control in Linked Data Using WebID

TL;DR

This paper evaluates the WebID technology for access control in Linked Data environments, demonstrating its practical application and security benefits in a real-world lifelong learning scenario.

Contribution

It provides a practical implementation and assessment of WebID for secure, granular access control in Linked Data, specifically in the context of lifelong learning and student mobility.

Findings

WebID enables secure authentication and access control in Linked Data.

The implemented PoC demonstrates WebID's usability in cross-domain data sharing.

WebID shows promise for enhancing security and trust in semantic web applications.

Abstract

Linked Data technologies become increasingly important in many domains. Key factors for their breakthrough are security and trust, especially when sensible or personal data are involved. Classical means for access control lack granularity when parts of the Linked Data graph must be protected. The WebID, combining semantic web concepts with methods from certificate based authentication and authorization, seems promising to fulfill all requirements concerning security and trust in the semantic web. In the context of the PerSemID project, we challenged the WebID technology in a practical scenario coming from the domain of lifelong learning and student mobility. In our use case of study enrollment, we use WebIDs for authentication and to grant access to parts of the triple stores of the different stakeholders. Cross domain triple store interactions are used to exchange data between the involved parties. Our fully implemented PoC exemplifies an application built on Linked Data and WebID and allows us to judge the usability and security of WebID technology in a real world scenario.