Send in your ideas. Deadline February 1, 2025
logo
hex
Grant
Theme fund: NGI0 PET
Period: 2020-12 — 2022-10

Solid Control

Access Control mechanism for data and services within Solid

Solid-Control aims to enhance Tim Berners-Lee's Social Linked Data Project (Solid) with Attribute-Based Access Control. By extending the Linked Data Platform (LDP) with WebID based authentication and Access Control Lists (ACL), Solid has enabled the emergence of new forms of Hyper-Apps. These apps can follow data from server to server, authenticate when needed and write to the user's Personal Online Data storage (Pod), creating a decentralised social web.

With relation-based access control (friend of a friend, business network, etc.), Solid can be a full alternative to centralised social networks. We also want to allow authentication based on Verifiable Claims such as age. Solid-Control will work on developing the needed logic, verify protocols, write prototype implementations and contribute to the Solid Auth Community groups, which are developing specs for standardisation.

Why does this actually matter to end users?

In the 'real world', you instinctively know what information you should keep behind locked doors and what is safe to share. Your bank statements are stored in a folder somewhere in the attic instead of leaving them laying around on your kitchen table. You do not tell random people on the street what your phone number is, or where your children go to school. In the virtual world, this type of common sense can work differently. Users are quicker to trust service providers to keep their personal data safe from theft and prying eyes, and do not always see the dangers of storing passwords in an online text file, or sharing sensitive financial documents via email. The dangers are unmistakably there, but until someone close to you suffers the consequences of a hack or a privacy breach, the risks of online data storage are vague and its convenience is too tempting to pass up. People are accustomed to easy, accessible and convenient online tools and services. More private and secure open-source alternatives should not exclude users because of an overly technical setup or incompatibility with existing proprietary solutions.

Solid (or Social Linked Data) is a new approach to protecting personal data initiated by Tim Berners-Lee, the inventor of the world wide web and developed in collaboration with the Massachusetts Institute of Technology (MIT). The project aims to give users back full control over their personal data, which they can store in personal online data stores (or pods) and then give applications that run on the Solid platform access rights as they see fit. Users always retain ownership over their data, decide for themselves where it is stored and can change the permissions of any application that can access the data. Eventually the Solid ecosystem should offer decentralized and user-centric alternatives to centralized social media like Facebook, Twitter, LinkedIn etcetera.

Detailed management over who can access data in your Solid-pod is what this project is contributing to with relation-based access control and verifiable claims. A friend of a friend or a known and reputable business network would be able to access your information, but someone you do not know might not. And to make sure someone is old enough to access certain content, they can provide claims that verify they are of a certain age. All this can be done without a central point of authority (and failure), to allow for internet-scale user-centric authentication and data management.

Run by Cooperating Systems UG (haftungsbeschränkt)

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.