|
|
(49 intermediate revisions by 6 users not shown) |
Line 1: |
Line 1: |
− | ==Overview==
| + | {{#eclipseproject:technology.higgins|eclipse_custom_style.css}} |
− | The Higgins data model provides a common representation for identity, profile and relationship data to enable interoperability and data portability across heterogeneous sites and systems.
| + | [[Image:Higgins_logo_76Wx100H.jpg|right]] |
| | | |
− | The model can provide data portability, interoperability and unification for three kinds of identity data: ''identity'', ''profile'' and ''relationship.'' ''Identity'' information is related to identification, authentication, etc. ''Profile'' information can be preferences, interests, and associated objects like events and things, wishlists. ''Relationships'' are links to other [[Digital Subject]]s--they can be used to represent friends and other kinds of associations with other [[Digital Subject]]s. A key kind of relation introduced in the model is the a Higgins ''correlation''--a link between different representations of the same real world object (e.g. you) in different contexts.
| |
| | | |
− | See [[Data Model Background]] for more information about the motivations for and design goals behind the model.
| + | The [[Data Model]] provides a common representation for identity, profile and relationship data to enable interoperability and data portability across heterogeneous sites and systems. The model is described in these sections: |
| | | |
− | == Higgins Data Model Definition == | + | === Information Cards === |
| + | The Information Card (aka I-Card) metaphor includes the end-user concept of [[I-Card]]s and an [[Identity Selector]] to manage them |
| | | |
− | Rather than invent a new metamodel from scratch, the model is based on the W3C's Resource Description Framework (RDF) and Web Ontology Language (OWL 1.0). We used RDF and OWL to express a very abstract base ontology called higgins.owl (aka HOWL) that in turn describe the domain of identity information. The "Lexicon" project within the Identity Gang defined a set of identity domain concepts/terms that have been directly formalized in HOWL. These domain concepts include:
| + | === Tokens and Claims === |
− | # [[Context]]
| + | Higgins supports identity service concepts such as Claim, Digital Identity, Security Token and other objects used by Identity Providers, Relying Parties, Service Providers and Identity Selectors |
− | # [[ContextId]]
| + | |
− | # [[SubjectId]]
| + | |
− | # [[Digital Subject]]
| + | |
− | # [[Entity]]
| + | |
− | # [[Identity Attribute]]
| + | |
− | # [[Relation]]
| + | |
| | | |
− | Their semantics (with the exception of [[Entity]] which is not modeled) have been expressed in higgins.owl that is summarized in the [[Higgins Ontology]] page. The [[Higgins Ontology]] pages define the semantics of HOWL.
| + | === Context Data Model === |
| | | |
− | An overview presentation on the data model can be found here: [http://www.eclipse.org/higgins/images/Higgins_Data_Model.ppt Higgins Data Model Intro (PPT)]
| + | The [[Context Data Model 1.0]] describes a data model that can makes portable and interoperable data from heterogeneous data sources such as enterprise directories, databases, communications networks, and social networks |
| | | |
− | == Extending HOWL ==
| + | [[Category:Higgins Data Model]] |
− | HOWL is a base ontology. To be useful in real-world applications developers must develop specialized ontologies based on HOWL that describe a specific concrete domain.
| + | |
− | | + | |
− | For example, if a developer wanted to describe a CRM database, she would create an OWL ontology that would describe the data objects in the CRM database. This CRM database is called a [[Context]] in Higgins. If, for example, the database contained records about customers and those customers had full-names and email addresses, then the developer would define "Customer" as a sub-class of [[Digital Subject]] and "full-name" and "email" as kinds of [[Identity Attributes]].
| + | |
− | | + | |
− | Here are some HOWL-based Ontologies:
| + | |
− | * [[test-person Example Context Ontology]]
| + | |
− | * [[Person-with-address Example Context Ontology]]
| + | |
− | * [[Person-with-friend Example Context Ontology]]
| + | |
− | | + | |
− | == HOWL and IdAS ==
| + | |
− | | + | |
− | The [[Identity Attribute Service]] (IdAS) provides a Java API that exposes read/write-able data from a wide variety of external data sources in the common Higgins model. The IdAS API implements but does not define the semantics of the Higgins data model.
| + | |
− | | + | |
− | [[Context Provider]] plug-ins to IdAS are used to adapt external system, site, database or other data source to the IdAS API. These [[Context Provider]]s are responsible for data transformation between the Higgins model and their own internal data model. Higgins does not constrain the [[Context Provider|Context Provider's]] choice of data representation; it could be XML-based, object-oriented, relational, or anything else.
| + | |
− | | + | |
− | [[Context Provider]]s can be used to adapt data stores/sources such as:
| + | |
− | * Directories: LDAP stores like eDirectory, Active Directory, OpenLDAP, etc...
| + | |
− | * Relational databases used by enterprise apps to store identity/profile information.
| + | |
− | * Digital social networks (node-edge graphs): data behind Facebook, MySpace, LinkedIn, etc; or the graphs created by mining email traffic
| + | |
− | * Email/IM/collaboration client account data: email and IM client accounts, contact/buddy lists
| + | |
− | * Identity/profile data stored in website "silos": personal information stored sites like eBay, Amazon, Google Groups, Yahoo Groups
| + | |
− | | + | |
− | ==Open Issues==
| + | |
− | * [[Data Model Open Issues]]
| + | |
− | ** [[LDAP Issues and To-Dos]] --open issues specifically related to LDAP schema
| + | |
− | | + | |
− | == Scope ==
| + | |
− | The data model addresses "The need for interoperability" described here: [http://www.eclipse.org/higgins/goals.php Higgins Goals]. In addition, items #3 and #5 of the [http://www.eclipse.org/higgins/higgins-charter.php charter] state or imply the need for a robust identity and social networking data model:
| + | |
− | : '''Scope item 3.''' Provide an API and data model for the virtual integration and federation of identity and security information from a wide variety of sources.
| + | |
− | : '''Scope item 5.''' Provide a social relationship data integration framework that enables these relationships to be persistent and reusable across application boundaries.
| + | |
− | | + | |
− | == References ==
| + | |
− | ===RDF/OWL Related Resources===
| + | |
− | * OWL
| + | |
− | ** W3C OWL working group: http://www.w3.org/2007/OWL/wiki/OWL_Working_Group
| + | |
− | ** OWL 1.1 at Google Code: http://code.google.com/p/owl1-1/
| + | |
− | ** OWL 1.1 WD 8: http://www.w3.org/TR/owl11-syntax/
| + | |
− | * Intro to RDF/OWL: [[RDF-OWL Data Model]]
| + | |
− | * Semantic Web (RDF/OWL) Resources
| + | |
− | ** Toolkit: [http://www.wiwiss.fu-berlin.de/suhl/bizer/toolkits/ Developers Guide to Semantic Web Toolkits]
| + | |
− | ** Reference documents: [http://www.w3.org/2001/sw/WebOnt/#Current W3C Web Ontology Working Group]
| + | |
− | ** Tutorial: http://www.cs.man.ac.uk/~horrocks/ISWC2003/Tutorial/
| + | |
− | * Normalization to OWL/RDF
| + | |
− | ** [http://www.ldap.com/1/spec/schema/ont.shtml Schemat]
| + | |
− | ** Sebastian Dietzold, Generating RDF Models from LDAP Directories (PDF) , [http://www.semanticscripting.org/SFSW2006/ 2nd Workshop on Scripting for the Semantic Web] co-located with the [http://www.eswc2006.org/ 3rd European Semantic Web Conference], June 12, 2006
| + | |
− | | + | |
− | ===Misc Resources===
| + | |
− | * http://identityschemas.org
| + | |
− | * "D3.2: Models" FIDIS, October, 2005, ([http://www.fidis.net/fileadmin/fidis/deliverables/fidis-wp2-del2.3.models.pdf PDF] 74 pages). Summary: "The objective of this document is to present in a synthetic way different models of representation of a person ("person schema") that can be used in different application domains.
| + | |
− | * [http://www.nmi-edit.org/eduPerson/internet2-mace-dir-eduperson-200604.html eduPerson spex]
| + | |
− | | + | |
− | == Links ==
| + | |
− | * [http://eclipse.org/higgins Higgins Home]
| + | |
Higgins supports identity service concepts such as Claim, Digital Identity, Security Token and other objects used by Identity Providers, Relying Parties, Service Providers and Identity Selectors