This HTML5 document contains 31 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Subject Item

n2:VirtWTDStepByStepConfigGuide

rdf:type

sioct:Comment atom:Entry

dcterms:created

2017-06-13T06:07:23.774405

dcterms:modified

2017-06-13T06:07:23.774405

rdfs:label

VirtWTDStepByStepConfigGuide

foaf:maker

n14:this n20:this

dc:title

VirtWTDStepByStepConfigGuide

opl:isDescribedUsing

n16:rdf

sioc:has_creator

n9:this n12:this

sioc:attachment

n8:png

sioc:content

---++ Virtuoso <nop>WebID+TLS+Delegation Step by Step Configuration Guide <nop>WebID+TLS+Delegation provides <nop>WebID authentication delegation whereby a user accessing a Virtuoso resource delegates identity authentication to an actual software agent that interacts with the resource. In all cases the software agent is identified by a <nop>WebID. The semantics of this kind of delegated identity authentication is expressed through reciprocal relationship types <code>hasIdentityDelegate</code> and <code>onBehalfOf</code> represented by RDF statements stored in <nop>WebID profile documents of user(s) and software agents. ---+++How it works The process is as follows: 1 Delegate's credentials (X.509 certificate and private key) are used to complete the basic TLS-handshake 1 Following successful TLS-handshake the reciprocal relationships in the users profile documents are verified by using them to locate the public key that was used successfully in the TLS-handshake 1 Resource access is granted following successful evaluation of Attribute-based based ACLs (ABAC) associated with the <nop>WebID of a given user (e.g. if connecting through isql, the user is identified by the <nop>WebID provided as the value of the -W option used with ISQL or /delegate connection attribute. The primary benefit of <nop>WebID authentication delegation is that a single X.509 certificate can function as the identity card for a software agent used by many users, each of which is uniquely identified by their own <nop>WebIDs which are the targets of ABAC-based ACLs. The following notes detail how to configure and test <nop>WebID+TLS+Delegation. * [[VirtWTDServerSetup][Virtuoso Server WebID+TLS+Delegation Setup]] * [[VirtWTDSoftwareAgentDocCreation][Software Agent & WebID Profile Document Creation]] * [[VirtWTDVALACLCreation][WebID+TLS+Delegation VAL ACL Creation]] * [[VirtWTDACLTesting][WebID+TLS+Delegation ACL Testing]] ---+++Related * [[WebIDTLSDelegationWhatWhyHow][Virtuoso WebID+TLS+Delegation Usage Guide]] * [[ValWhatWhyHow][Virtuoso Authentication Layer (VAL) - What, Why and How]] * [[ValQuickStartGuide][Virtuoso Authentication Layer - ACL System QuickStart Guide]] * [[http://docs.openlinksw.com/virtuoso/odbcimplementation.html#secureodbcx509][Using X509 Certificates With ODBC Connection]]

sioc:id

8043c8c9dfccdd8d6191bb9cd7e4a655

sioc:link

n2:VirtWTDStepByStepConfigGuide

sioc:has_container

n4:ODS

n17:has_services

n18:item

atom:title

VirtWTDStepByStepConfigGuide

sioc:links_to

n2:ValWhatWhyHow n2:VirtWTDServerSetup n19:WebIDTLSDelegationWhatWhyHow n19:VirtWTDACLTesting n19:ValQuickStartGuide n19:VirtWTDSoftwareAgentDocCreation n19:VirtWTDVALACLCreation n21:secureodbcx509

atom:source

n4:ODS

atom:author

n20:this

atom:published

2017-06-13T06:07:23Z

atom:updated

2017-06-13T06:07:23Z

sioc:topic

n4:ODS