Abstract
The Solid (Social Linked Data) technology family was developed to provide the foundation for Data Sovereignty in the context of web applications. The advantage of this innovative approach is the opportunity to dynamically bind an identity to a Solid application and a user-specific Solid data store (Solid Pod). These three basic components can be combined dynamically, allowing users to share their data with an application while retaining full control of the data in self-managed Solid Pods. This paper presents a prototype of a web-based user interface to grant access to data in a Solid Pod. To enable a dynamic binding into Solid-driven environments, we made the implementation available as a Solid application – AuthApp – with a specific focus on allowing users to configure the data access granting efficiently. To comply with data protection regulations, in particular Europe’s GDPR, we extended the standard to include the validation of the purpose of data sharing. Unlike previous work, we also make full use of robust technologies to avoid the need to copy or store data outside the personal context, meaning all data remains under the user’s control and so does the AuthApp.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
PREFIX interop: <http://www.w3.org/ns/solid/interop#>.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
Editor’s Draft, 7 November 2023, https://solid.github.io/data-interoperability-panel/specification/.
- 10.
- 11.
currently: Version 1.0.0, Editor’s Draft, 2023-11-06.
- 12.
- 13.
- 14.
Editor’s Draft, 7 November 2023.
- 15.
- 16.
- 17.
@prefix pod : <https://sme.solid.aifb.kit.edu/> .
- 18.
Note, that we used the same text labels as specified in the INTEROP specification.
References
Shape trees specification. https://shapetrees.org/TR/specification/
Solid WebID profile. https://solid.github.io/webid-profile/
Linked data platform 1.0 (2015). https://www.w3.org/TR/2015/REC-ldp-20150226/
Abid, A., Cheikhrouhou, S., Kallel, S., Jmaiel, M.: Novidchain: blockchain-based privacy-preserving platform for COVID-19 test/vaccine certificates. Softw. Pract. Experience 52(4), 841–867 (2022)
Bailly, H., Papanna, A., Brennan, R.: Prototyping an end-user user interface for the solid application interoperability specification under GDPR. In: Pesquita, C., et al. The Semantic Web, ESWC 2023, LNCS, vol. 13870, pp. 557–573. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-33455-9_33
Berners-Lee, T., Story, H., Capadisli, S.: Web access control. Version 1.0.0, Editor’s Draft, 2023-11-06 (2023). https://solid.github.io/web-access-control-spec/
Braun, C.HJ., Käfer, T.: Self-verifying web resource representations using solid, rdf-star and signed URIs. In: Groth, P., et al. (eds.) The Semantic Web: ESWC 2022 Satellite Events, ESWC 2022, LNCS, vol. 13384, pp. 138–142. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-11609-4_26
Braun, C.HJ., Käfer, T.: Web push notifications from solid pods. In: Di Noia, T., Ko, IY., Schedl, M., Ardito, C. (eds.) Web Engineering, ICWE 2022, LNCS, vol. 13362, pp. 487–490. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-09917-5_41
Capadisli, S., Guy, A., Lange, C., Auer, S., Sambra, A., Berners-Lee, T.: Linked data notifications: a resource-centric communication protocol. In: Blomqvist, E., Maynard, D., Gangemi, A., Hoekstra, R., Hitzler, P., Hartig, O. (eds.) The Semantic Web, ESWC 2017, LNCS, vol. 10249, pp 537–553. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58068-5_33
Dedecker, R., et al.: What’s in a Pod?–a knowledge graph interpretation for the solid ecosystem. In: 6th Workshop on Storing, Querying and Benchmarking Knowledge Graphs (QuWeDa) at ISWC 2022, pp. 81–96 (2022)
Justin Bingham, Eric PrudH́ommeaux, E.P.: Solid application interoperability. W3C Editor’s Draft. November 2023. https://solid.github.io/data-interoperability-panel/specification
Mansour, E., et al.: A demonstration of the solid platform for social web applications. In: Proceedings of the 25th International Conference Companion on World Wide Web, pp. 223–226. WWW ’16 Companion (2016). https://doi.org/10.1145/2872518.2890529
Ramachandran, M., Chowdhury, N., Third, A., Domingue, J., Quick, K., Bachler, M.: Towards complete decentralised verification of data with confidentiality: different ways to connect solid pods and blockchain. In: Companion Proceedings of the Web Conference 2020, pp. 645–649. WWW ’20, Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3366424.3385759
Sambra, A.V., et al.: Solid: a platform for decentralized social applications based on linked data. MIT CSAIL & Qatar Computing Research Institute, Technical Report (2016)
Seneviratne, O., van der Hiel, A., Kagal, L.: Tim berners-lee’s research at the decentralized information group at MIT, p. 201-213. ACM, 1 edn. (2023)
Shore, M., Zeadally, S., Keshariya, A.: Zero trust: the what, how, why, and when. Computer 54(11), 26–35 (2021). https://doi.org/10.1109/MC.2021.3090018
Stafford, V.: Zero trust architecture. NIST special publication 800, 207 (2020). https://doi.org/10.6028/NIST.SP.800-207
The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 (General Data Protection Regulation) GDPR. https://gdpr-info.eu/
Verborgh, R.: Re-decentralizing the Web, For Good This Time, pp. 215-230. ACM, 1 edn. (2023). https://doi.org/10.1145/3591366.3591385
Wang, X., Braun, C.H.J., Both, A., Käfer, T.: Using schema.org and solid for linked data-based machine-to-machine sales contract conclusion. In: Companion Proceedings of the Web Conference 2022, pp. 269–272. WWW ’22, Association for Computing Machinery (2022). https://doi.org/10.1145/3487553.3524268
Werbrouck, J., Pauwels, P., Beetz, J., van Berlo, L.: Towards a decentralised common data environment using linked building data and the Solid ecosystem. In: Advances in ICT in Design, Construction and Management in Architecture, Engineering, Construction and Operations (AECO) : Proceedings of the 36th CIB W78 2019 Conference, pp. 113–123 (2019)
Acknowledgments
This work has been supported in part by the German ministry BMBF under grant 16DTM107B (MANDAT).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Both, A. et al. (2024). AuthApp – Portable, Reusable Solid App for GDPR-Compliant Access Granting. In: Stefanidis, K., Systä, K., Matera, M., Heil, S., Kondylakis, H., Quintarelli, E. (eds) Web Engineering. ICWE 2024. Lecture Notes in Computer Science, vol 14629. Springer, Cham. https://doi.org/10.1007/978-3-031-62362-2_14
Download citation
DOI: https://doi.org/10.1007/978-3-031-62362-2_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-62361-5
Online ISBN: 978-3-031-62362-2
eBook Packages: Computer ScienceComputer Science (R0)