Copyright © 2004-2006 by Sebastian Ryszard Kruk with contributions from (under the Corrib.org project):
Digital Enterprise Research Institute, National University of Ireland, Galway, Ireland
Faculty of Electronics, Telecommunication and Informatics and Main Library Gdansk University of Technology, Poland
This work is licensed under a Creative Commons
License. This copyright applies to the FOAFRealm Ontology Specification
and accompanying documentation and does not apply to FOAFRealm data formats,
ontology terms, or technology. Regarding underlying technology, FOAFRealm
relies heavily on W3C's RDF
technology, an open Web standard
that can be freely used by anyone.
This visual layout and structure of the
specification was adapted from the FOAF
Vocabulary Specification by Dan Brickley and Libby Miller as well as SIOC Vocabulary Specification
by Uldis Bojars and John G. Breslin.
Proposed FOAFRealm (Friend-of-a-Friend Realm) system allows to take advantage of social networks and FOAF profiles in user profile management systems. However, the FOAF standard must be enriched with new concepts and properties that are described in this document. The enriched version is called FOAFRealm.
NOTE: This section describes the status of this document at the time of its publication. Other documents may supersede this document.
This specification is an evolving document. This document is generated by combining a machine-readable FOAFRealm ontology expressed in RDF/XML with a specification template and a set of per-term documents.
Authors welcome suggestions on the FOAFRealm ontology and this document. Please send comments to the FOAFRealm developers list; public archives are available. This document may be updated or added to based on implementation experience, but no commitment is made by the authors regarding future updates.
Social networking, instant messaging, Peer-to-Peer technologies have become standard internet applications; systems which use those technologies require authorizing and controling users'shared resources. Therefore, all developers will benefit of a universal solution that is easy to embed in an existing web-project.
FOAF is an idea of using RDF in order to describe user's profile and knows relationship within users'community. The knows relationship, however, can be easily adapted to other needs. Why not to use such a social network graph in order to control access to resources or give different weights of votes during negotiations? The main issues is how well we know another person in the network. It would make possible to describe how one can view ie. our photos by specifing the maximum length of the path between us and him or her. Our suggestions in negotiations would gain more points if they were approved by people we know less.
The FOAF's idea of describing graph of knows relations, where everyone specifies people who knows because no one else should be able to modify this information, some issues that must be solved. Firstly, security issues which are very important in the context of web applications. It seams that saying A :knows B is not enough and in the real world we would rather consider this relation in a more precise way like A knows-very-good B. Though it seams that the threshold values should be smoothed as much as it is possible. Moreover, the SHA1 value of password should be provided in order to keep users'emails confidential. The last but not the least is the trust issue - if the information is distributed how can we controll that no one else can ie. add additional knows relations and in that way violate the security constraints imposed by owner of the resource and gain access to it. In order to asure users of profiles'security, we propose extending the FOAF vocabulary with digital signatures. Moreover, privacy issues must be taken into consideration. Not everyone user, for instance, want to reveal email address.
An excellent source of FOAFRealm's information is the project website
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC 2119].
Namespace URIs of the general form "http://www.example.com/." represents some application-dependent or context-dependent URI as defined in RFC 2396 [RFC 2396].
The XML Namespace URI that MUST be used by implementations of this specification is:
An alphabetical index of FOAFRealm terms, by class (categories or types) and by property. All the terms are hyperlinked to their detailed description for quick reference.
Classes: |
Properties: | bio | friendshipLevel | hideEmail | knows_sig | password_sha1sum | rsa_key | rsa_key_pub |
To find out if a specified person is allowed to access given resource within defined roles, we have to find the closest distance between the interested people and the highest friendship's level. There are, however, two approaches depending on the goal:
Picture 2.4 presents possible solutions depending on a given goal. The shortest way between Person_A and Person_B is a direct connection, but the connection of the highest overall level of friendship is Person_A -> Person_C -> Person_D -> Person_B [47.6%]. If the minimal requirements are 2 connections and level of friendship above 25% the algorithm can end up with path Person_A -> Person_E -> Person_B [28.8%]. In many real situations, constraints on the distance can significantly speed-up the algorithm.
Another significant drawback of the FOAF is the lack of the authentication information. The <foaf:mbox> property can be successfully used as a login information although in some situations only the <foaf:mbox_sha1sum> is stored. SHA1 sum of <foaf:mbox> can be easily generated. The result is the value of <foaf:mbox_sha1sum> property. Similarly the password can be treated. The only information stored in model is <xfoaf:passowrd_sha1sum> value which is compared by org.apache.catalina. Realm implementation with SHA1 sum generated from password provided by the user.
Within the FOAF-Realm each friendship can be evaluated by two measures: distance and friendship level. But what if we have situation like presented on Picture 2.5 - Having friends from outside the FOAFRealm ontology? There is a lack of information about the level of the friendship relationships outside the FOAF-Realm model. Preparing the model implementation, have to decide either to loose the information about the level of friendship between Person_A and Person_D or to assume fixed friendship value (e.g. 50%).
This specification serves as the FOAFRealm "namespace document". As such it describes the FOAFRealm ontology and the terms (RDF classes and properties) that constitute it, so that Semantic Web applications can use those terms in a variety of RDF-compatible document formats and applications.
This document presents FOAFRealm as a Semantic Web vocabulary or Ontology. The FOAFRealm ontology is straightforward, pragmatic and designed to allow simultaneous deployment and extension, and is therefore intended for widescale use.
Revisions and extensions of the FOAFRealm are conducted through edits to the namespace document, which by convention is published in the Web at the namespace URI.
The properties and types defined here provide some basic concepts for use in the FOAFRealm descriptions. Other vocabularies (e.g. the Dublin Core metadata elements for simple bibliographic description, FOAF, the SSCF for collaborative filtering, etc.) can also be mixed in with FOAFRealm terms.
It is important to understand that the FOAFRealm ontology as specified in this document is not a standard in the sense of ISO Standardisation, or that associated with W3C Process.
FOAFRealm depends heavily on W3C's standards work, specifically on XML, XML Namespaces, RDF, and OWL. All FOAFRealm documents must be well-formed RDF/XML documents.
This specification contributes an ontology, "FOAFRealm", to the Semantic Web, specifying it using W3C's Resource Description Framework (RDF). As such, FOAFRealm adopts by reference both a syntax (using XML), a data model (RDF graphs) and a mathematically grounded definition for the rules that underpin the RDF design.
The credibility of the users'profile depends on several aspects. The social network's information security depends on the security of the knows relationship. Therefore, the applied ontology like FOAFRealm has to ensure the consistence and the security of the social network information.
In order to protect the foaf:knows list the standard FOAF metadata has been extended with DSA - ![[WWW]](./img/moin-www.png){kind=small}
Digital Signature Algorithm. As a result the FOAF ontology has been enriched with three properties:
the signature on the foaf:knows list.
user's public key.
user's private key.
The signature has to be computed each time the foaf:knows information is changed at one of the FOAFRealm nodes. The registration server is responsible for generating the signature out of the foaf:knows triples list since the private key cannot be revealed outside the registration server.
Each time a system that uses this ontology performs operation that requires foaf:knows information it should check the integrity against the signature attached to each list of foaf:knows triples originating from one of FOAFRealm instances. The public key should be kept at the registration server and provided on demand.
FOAFRealm introduces the following classes and properties.
Biography/Credentials - Describes some biography/resume/creadential of the person
| OWL Type: | InverseFunctionalProperty (uniquely identifying property) |
|---|---|
| Domain: | http://xmlns.com/foaf/0.1/Person |
| Range: | http://www.w3.org/TR/xmlschema-2#string |
Trust level of the friendship - Reifies the foaf:knows statement to define the trust level between people
| Domain: | xfoaf:KnowsStatement |
|---|---|
| Range: | http://www.w3.org/TR/xmlschema-2#float |
hide the email address - Identicates if the user required to hide his email address during the FOAF export
| Domain: | http://xmlns.com/foaf/0.1/Person |
|---|---|
| Range: | http://www.w3.org/TR/xmlschema-2/#boolean |
local signature - local signature (done with SHA1SUM and RSA keys) on the foaf:knows and foaf:knows reifications
| Domain: | http://xmlns.com/foaf/0.1/Person |
|---|---|
| Range: | http://www.w3.org/TR/xmlschema-2/#normalizedString |
password for the account in the FOAFRealm - The property stores SHA1 sum of the password that with the email address stands for credentials of the person loggin in to FOAFRealm enabled service
| Domain: | http://xmlns.com/foaf/0.1/Person |
|---|---|
| Range: | http://www.w3.org/TR/xmlschema-2/#normalizedString |
private RSA key - not exportable from home server, passphrase locked
| Domain: | http://xmlns.com/foaf/0.1/Person |
|---|---|
| Range: | http://www.w3.org/TR/xmlschema-2/#normalizedString |
public RSA key - exportable to and stored by other servers, together with foaf:seeAlso information
| Domain: | http://xmlns.com/foaf/0.1/Person |
|---|---|
| Range: | http://www.w3.org/TR/xmlschema-2/#normalizedString |
Classes and properties from other ontologies can be used together with FOAFRealm. During the FOAFRealm ontology design process some external classes and properties were identified that are suitable for reuse. Such concepts are not included inside FOAFRealm but are use directly together with terms from FOAFRealm to describe the information about on-line comunity.
This sections list the main external classes and properties that can be used with FOAFRealm in a meaningful way. This list is not and can not be exhaustive because many RDF ontologies can be used together.
The FOAFRealm uses this class and extend it with additional properties
Ontology namespaces referenced:
| foaf | http://xmlns.com/foaf/0.1/ | Friend of a Friend (FOAF) Vocabulary |