|
|
| (45 intermediate revisions by 6 users not shown) |
| Line 1: |
Line 1: |
| − | ==Overview==
| + | {{#eclipseproject:technology.higgins|eclipse_custom_style.css}} |
| − | The Higgins data model provides a common representation for identity, profile and relationship data to enable interoperability and data portability across heterogeneous sites and systems.
| + | [[Image:Higgins_logo_76Wx100H.jpg|right]] |
| | | | |
| − | The model can provide data portability, interoperability and unification for three kinds of identity data about what we call [[Digital Subject]]s (e.g. people). These three kinds are ''identity'', ''profile'' and ''relationship.'' ''Identity'' information is related to identification, authentication, etc. ''Profile'' information can be preferences, interests, and associated objects like events and things, wishlists. ''Relationships'' are links to other [[Digital Subject]]s--they can be used to represent friends and other kinds of associations with other [[Digital Subject]]s. A key kind of relation introduced in the model is the a Higgins ''correlation''--a link between different representations of the same real world object (e.g. you) in different contexts.
| |
| | | | |
| − | The Higgins framework is has three layers: | + | The [[Data Model]] provides a common representation for identity, profile and relationship data to enable interoperability and data portability across heterogeneous sites and systems. The model is described in these sections: |
| − | * The lower layer manages remote or local data stores called [[Context]]s, the [[Digital Subject]]s within them, the [[Identity Attribute]]s on each [[Digital Subject]], and the links (called [[Relation]]s) between them. This is the "pure" data layer.
| + | |
| − | * The middle layer offers security and cryptographic services and messaging.
| + | |
| − | * The upper layer manages objects called [[I-Card]]s that present end-users with a visual metaphor for the [[Digital Identity | Digital Identities]] and their component [[Claim]]s.
| + | |
| | | | |
| − | The rest of this page describes the data model of the lower layer as implemented by the Higgins [[Identity Attribute Service]]. | + | === Information Cards === |
| − |
| + | The Information Card (aka I-Card) metaphor includes the end-user concept of [[I-Card]]s and an [[Identity Selector]] to manage them |
| − | See [[Data Model Background]] for more information about the motivations for and design goals behind the model.
| + | |
| | | | |
| − | == Higgins Data Model Definition == | + | === Tokens and Claims === |
| | + | Higgins supports identity service concepts such as Claim, Digital Identity, Security Token and other objects used by Identity Providers, Relying Parties, Service Providers and Identity Selectors |
| | | | |
| − | Rather than invent a new metamodel from scratch, the model is based on the W3C's Resource Description Framework (RDF) and Web Ontology Language (OWL 1.0). We used RDF and OWL to express a very abstract base ontology called higgins.owl (aka HOWL) that in turn describe the domain of identity information. The "Lexicon" project within the Identity Gang defined a set of identity domain concepts/terms that have been directly formalized in HOWL. These domain concepts include:
| + | === Context Data Model === |
| − | # [[Context]]
| + | |
| − | # [[ContextId]]
| + | |
| − | # [[Correlation]]
| + | |
| − | # [[SubjectId]]
| + | |
| − | # [[Digital Subject]]
| + | |
| − | # [[Entity]]
| + | |
| − | # [[Identity Attribute]]
| + | |
| − | # [[Relation]]
| + | |
| | | | |
| − | Their semantics (with the exception of [[Entity]] which is not modeled) have been expressed in higgins.owl that is summarized in the [[Higgins Ontology]] page. The [[Higgins Ontology]] pages define the semantics of HOWL.
| + | The [[Context Data Model 1.0]] describes a data model that can makes portable and interoperable data from heterogeneous data sources such as enterprise directories, databases, communications networks, and social networks |
| | | | |
| − | An overview presentation on the data model can be found here: [http://www.eclipse.org/higgins/images/Higgins_Data_Model.ppt Higgins Data Model Intro (PPT)]
| + | [[Category:Higgins Data Model]] |
| − | | + | |
| − | == Extending HOWL ==
| + | |
| − | HOWL is a base ontology. To be useful in real-world applications developers must develop specialized ontologies based on HOWL that describe a specific concrete domain.
| + | |
| − | | + | |
| − | For example, if a developer wanted to describe a CRM database, she would create an OWL ontology that would describe the data objects in the CRM database. This CRM database is called a [[Context]] in Higgins. If, for example, the database contained records about customers and those customers had full-names and email addresses, then the developer would define "Customer" as a sub-class of [[Digital Subject]] and "full-name" and "email" as kinds of [[Identity Attribute]]s.
| + | |
| − | | + | |
| − | Here are some HOWL-based Ontologies:
| + | |
| − | * [[test-person Example Context Ontology]]
| + | |
| − | * [[Person-with-address Example Context Ontology]]
| + | |
| − | * [[Person-with-friend Example Context Ontology]]
| + | |
| − | | + | |
| − | == HOWL and IdAS ==
| + | |
| − | | + | |
| − | The [[Identity Attribute Service]] (IdAS) provides a Java API that exposes read/write-able data from a wide variety of external data sources in the common Higgins model. The IdAS API implements but does not define the semantics of the Higgins data model.
| + | |
| − | | + | |
| − | [[Context Provider]] plug-ins to IdAS are used to adapt external system, site, database or other data source to the IdAS API. These [[Context Provider]]s are responsible for data transformation between the Higgins model and their own internal data model. Higgins does not constrain the [[Context Provider|Context Provider's]] choice of data representation; it could be XML-based, object-oriented, relational, or anything else.
| + | |
| − | | + | |
| − | [[Context Provider]]s can be used to adapt data stores/sources such as:
| + | |
| − | * Directories: LDAP stores like eDirectory, Active Directory, OpenLDAP, etc...
| + | |
| − | * Relational databases used by enterprise apps to store identity/profile information.
| + | |
| − | * Digital social networks (node-edge graphs): data behind Facebook, MySpace, LinkedIn, etc; or the graphs created by mining email traffic
| + | |
| − | * Email/IM/collaboration client account data: email and IM client accounts, contact/buddy lists
| + | |
| − | * Identity/profile data stored in website "silos": personal information stored sites like eBay, Amazon, Google Groups, Yahoo Groups
| + | |
| − | | + | |
| − | ==Open Issues==
| + | |
| − | * [[Data Model Open Issues]]
| + | |
| − | ** [[LDAP Issues and To-Dos]] --open issues specifically related to LDAP schema
| + | |
| − | | + | |
| − | == Scope ==
| + | |
| − | The data model addresses "The need for interoperability" described here: [http://www.eclipse.org/higgins/goals.php Higgins Goals]. In addition, items #3 and #5 of the [http://www.eclipse.org/higgins/higgins-charter.php charter] state or imply the need for a robust identity and social networking data model:
| + | |
| − | : '''Scope item 3.''' Provide an API and data model for the virtual integration and federation of identity and security information from a wide variety of sources.
| + | |
| − | : '''Scope item 5.''' Provide a social relationship data integration framework that enables these relationships to be persistent and reusable across application boundaries.
| + | |
| − | | + | |
| − | == References ==
| + | |
| − | ===RDF/OWL Related Resources===
| + | |
| − | * OWL
| + | |
| − | ** W3C OWL working group: http://www.w3.org/2007/OWL/wiki/OWL_Working_Group
| + | |
| − | ** OWL 1.1 at Google Code: http://code.google.com/p/owl1-1/
| + | |
| − | ** OWL 1.1 WD 8: http://www.w3.org/TR/owl11-syntax/
| + | |
| − | * Intro to RDF/OWL: [[RDF-OWL Data Model]]
| + | |
| − | * Semantic Web (RDF/OWL) Resources
| + | |
| − | ** Toolkit: [http://www.wiwiss.fu-berlin.de/suhl/bizer/toolkits/ Developers Guide to Semantic Web Toolkits]
| + | |
| − | ** Reference documents: [http://www.w3.org/2001/sw/WebOnt/#Current W3C Web Ontology Working Group]
| + | |
| − | ** Tutorial: http://www.cs.man.ac.uk/~horrocks/ISWC2003/Tutorial/
| + | |
| − | * Normalization to OWL/RDF
| + | |
| − | ** [http://www.ldap.com/1/spec/schema/ont.shtml Schemat]
| + | |
| − | ** Sebastian Dietzold, Generating RDF Models from LDAP Directories (PDF) , [http://www.semanticscripting.org/SFSW2006/ 2nd Workshop on Scripting for the Semantic Web] co-located with the [http://www.eswc2006.org/ 3rd European Semantic Web Conference], June 12, 2006
| + | |
| − | | + | |
| − | ===Misc Resources===
| + | |
| − | * http://identityschemas.org
| + | |
| − | * "D3.2: Models" FIDIS, October, 2005, ([http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp2-del2.3.models.pdf PDF] 74 pages). Summary: "The objective of this document is to present in a synthetic way different models of representation of a person ("person schema") that can be used in different application domains.
| + | |
| − | * [http://www.nmi-edit.org/eduPerson/internet2-mace-dir-eduperson-200604.html eduPerson spex]
| + | |
| − | | + | |
| − | == Links ==
| + | |
| − | * [http://eclipse.org/higgins Higgins Home]
| + | |
Higgins supports identity service concepts such as Claim, Digital Identity, Security Token and other objects used by Identity Providers, Relying Parties, Service Providers and Identity Selectors
