1

This presentation is an HTML5 website

Press key to advance.

Having issues seeing the presentation? Read the disclaimer

1

Slides controls, press:

  • and to move around.
  • Ctrl/Command and + or - to zoom in and out if slides don’t fit.
  • T to change the theme.
  • H to toggle syntax highlight.
2

WebID enabled XMPP: bridging the social web in your IM and beyond

Benjamin Carrillo , Julia Anaya

FSW2011, Saturday, 4th June 2011 Berlin, Germany

3

Why XMPP and WebID

  • XMPP is a social, federated paradigm right in its core
    • Built-in goodies: real-time, contacts and group managing (roster), presence, conference rooms, video and voice calls (jingle), s2s routing protocol
    • Extensible: encryption, Publish/Subscribe, Microblogging over XMPP, Activity Streams over XMPP
    • Compared to HTTP: bi-directional, full-duplex communications, no NAT?
    • Still plugable into HTTP world: Web Sockets, BOSH...
  • Downside: a Jabber ID (JID), profile and roster by server
  • WebID is a distributed authentication protocol that allows users to manage their own identities and data privacy
  • We can either register an XMPP account to be associated with a WebID, or the XMPP server can provide a new WebID

4

SASL EXTERNAL using id-on-xmpp-addr

  • XMPP client-to-server authentication supports TLS and SASL with certificates, via SASL EXTERNAL, that is compatible WebID
  • Downside: certificates are verified by a Certification Authority, breaking trust distributedness in WebID

Alice depicted while trying to cut her ties with her former Identity Provider, the Jabberwocky

5

SASL EXTERNAL using id-on-xmpp-addr and WebID: registration

Implemented a demo web application for the registration process

6

SASL EXTERNAL WEBID proposal

7

Example use case: XMPP server WebID plugin?

  • Certificate creation by the XMPP server (instead of a Web application), usable also by browsers
  • HTTP WebId URI management for XMPP users
  • vCard to FOAF dynamic mapping
  • Roster-based ACLs using Semantic ontologies?
8

Example use case: Joining rules for MUCs

Possibility to define access control to certain services if they are sucessfully evaluated against the information provided by dereferencing the WebID URI obtained during SASL-WEBID authentication.

  • Example rule #1: grant access to multi user chat room to WebID users that belong to a certain mailing list / users of certain wiki (group defined in some predefine URI). Ontology-based rules are decentralized and portable.

  • Example rule #2: grant access to WebId user if he's known by three or more users already in the room.
9

Example use case: Privacy rules on distributed query forwarding

  • Experimental W3C SPARQL-XMPP binding: iq stanzas can transport SPARQL payloads.
  • Personal RDF stores exposed via XMPP transport (rdfbus, jqbus).
  • Apply ACLs to SPARQL queries using query decomposition.? Query forwarding using peer-selection algorithms.
10

Summary

  • XMPP can benefit from the privacy and identity management of WebID
  • interlinking to HTTP data
  • Web applications can use XMPP as a background protocol transparent to the user
11