eccauth: eLDS AUTH schema ontology

Classes

Access Condition
Account
Action
Authentication Principal
Client
Device
Graph
Group
Protocol
Session

Access Condition^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/AccessCondition

is defined by: https://vocab.eccenca.com/auth/

An access condition defines a set requirements which must be fulfilled by a session to get specified grants. The set of requirements is considered a conjunction.

is in domain of: is allowed^op, requires Attibute^op
is also defined as: named individual

Account^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Account

is defined by: https://vocab.eccenca.com/auth/

The class of concrete principals which can be authenticated.

has super-classes: Authentication Principal^c
is in domain of: login^dp, member of^op, password salt^dp, salted password SHA256^dp
is in range of: opened by^op, requires account^op

Action^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Action

is defined by: https://vocab.eccenca.com/auth/

An action defines an activity or function within eLDS.

is in range of: allowed action^op
is also defined as: named individual

Authentication Principal^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Principal

is defined by: https://vocab.eccenca.com/auth/

A principal can be any entity, such as an individual, a group etc.

has sub-classes: Account^c
is also defined as: named individual

Client^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Client

is defined by: https://vocab.eccenca.com/auth/

The eLDS client which can be used to establish a session.

is in range of: has Client^op, requires client^op
is also defined as: named individual

Device^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Device

is defined by: https://vocab.eccenca.com/auth/

A physical device which is used to establish a session.

is in range of: has Device^op, requires device^op
is also defined as: named individual

Graph^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Graph

is defined by: https://vocab.eccenca.com/auth/

A set of triples according to the RDF 1.1 specification.

is in range of: read graph^op, write graph^op
is also defined as: named individual

Group^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Group

is defined by: https://vocab.eccenca.com/auth/

A group represents a collection of accounts.

is in range of: member of^op, requires group^op
is also defined as: named individual

Protocol^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Protocol

is defined by: https://vocab.eccenca.com/auth/

A protocol which is used to establish a session.

is in range of: has protocol^op, requires protocol^op
is also defined as: named individual

Session^c back to ToC or Class ToC

IRI: https://vocab.eccenca.com/auth/Session

is defined by: https://vocab.eccenca.com/auth/

A session is a period of time where an account is successfully authenticated. It provides information about who is authenticated, how and when authentication was established.

is in domain of: creation time^op, expire time^op, has Attribute^op
is also defined as: named individual

Object Properties

allowed action^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/allowedAction

is defined by: https://vocab.eccenca.com/auth/

Grants permission to execute an action.

has super-properties: is allowed^op
has range: Action^c

creation time^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/creationTime

is defined by: https://vocab.eccenca.com/auth/

The time a session was created.

has super-properties: has Attribute^op
has domain: Session^c
is also defined as: data property

expire time^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/expireTime

is defined by: https://vocab.eccenca.com/auth/

The time a session expires.

has super-properties: has Attribute^op
has domain: Session^c
is also defined as: data property

grant allowed action pattern^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/grantAllowedActionPattern

is defined by: https://vocab.eccenca.com/auth/

Grants access conditions management for conditions granting action allowance for actions matching the defined pattern. The supported pattern syntax is defined by the interpreter.

has super-properties: is allowed^op
is also defined as: data property

grant read graph pattern^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/grantReadGraphPattern

is defined by: https://vocab.eccenca.com/auth/

Grants access conditions management for conditions granting read access on graphs matching the defined pattern. The supported pattern syntax is defined by the interpreter.

has super-properties: is allowed^op
is also defined as: data property

grant write graph pattern^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/grantWriteGraphPattern

is defined by: https://vocab.eccenca.com/auth/

Grants access conditions management for conditions granting write access on graphs matching the defined pattern. The supported pattern syntax is defined by the interpreter.

has super-properties: is allowed^op
is also defined as: data property

has Attribute^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/hasAttribute

is defined by: https://vocab.eccenca.com/auth/

Super property of all properties used to define session characteristics. This property should not be used directly, use appropriate sub-properties instead.

has sub-properties: creation time^op, expire time^op, has Client^op, has Device^op, has Endpoint ID^op, has protocol^op, opened by^op
has domain: Session^c

has Client^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/hasClient

is defined by: https://vocab.eccenca.com/auth/

The eLDS client used to establish a session.

has super-properties: has Attribute^op
has range: Client^c

has Device^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/hasDevice

is defined by: https://vocab.eccenca.com/auth/

The device used to establish a session.

has super-properties: has Attribute^op
has range: Device^c

has Endpoint ID^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/hasEndpointId

is defined by: https://vocab.eccenca.com/auth/

The endpoint the sessions applies for.

has super-properties: has Attribute^op
is also defined as: data property

has protocol^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/hasProtocol

is defined by: https://vocab.eccenca.com/auth/

The protocol used to establish a session, e.g. OAuth2.

has super-properties: has Attribute^op
has range: Protocol^c

is allowed^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/isAllowed

is defined by: https://vocab.eccenca.com/auth/

Super property of all properties used to define grants if the requirements of an access condition are met. This property should not be used directly, use appropriate sub-properties instead.

has sub-properties: allowed action^op, grant allowed action pattern^op, grant read graph pattern^op, grant write graph pattern^op, read graph^op, write graph^op
has domain: Access Condition^c

member of^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/memberOf

is defined by: https://vocab.eccenca.com/auth/

Indicates the membership of an account to a group.

has domain: Account^c
has range: Group^c

opened by^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/openedBy

is defined by: https://vocab.eccenca.com/auth/

The account which is the originator of a session.

has super-properties: has Attribute^op
has range: Account^c

read graph^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/readGraph

is defined by: https://vocab.eccenca.com/auth/

Grants read access to a graph.

has super-properties: is allowed^op
has range: Graph^c

requires account^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/requiresAccount

is defined by: https://vocab.eccenca.com/auth/

The account required for the access condition.

has super-properties: requires Attibute^op
has range: Account^c

requires Attibute^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/requiresAttribute

is defined by: https://vocab.eccenca.com/auth/

Super property of all properties used to define requirements of an access condition. This property should not be used directly, use appropriate sub-properties instead. The set of object values bound by sub-properties of this property must be met as conjunction in order to fulfill the requirements of an access condition.

has sub-properties: requires Endpoint ID^op, requires account^op, requires client^op, requires device^op, requires group^op, requires protocol^op
has domain: Access Condition^c

requires client^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/requiresClient

is defined by: https://vocab.eccenca.com/auth/

The allowed client to met the access condition.

has super-properties: requires Attibute^op
has range: Client^c

requires device^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/requiresDevice

is defined by: https://vocab.eccenca.com/auth/

The allowed device to met the access condition.

has super-properties: requires Attibute^op
has range: Device^c

requires Endpoint ID^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/requiresEndpointId

is defined by: https://vocab.eccenca.com/auth/

The endpoint needed to meet the access condition.

has super-properties: requires Attibute^op
is also defined as: data property

requires group^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/requiresGroup

is defined by: https://vocab.eccenca.com/auth/

The group the account must be member of to met the access condition.

has super-properties: requires Attibute^op
has range: Group^c

requires protocol^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/requiresProtocol

is defined by: https://vocab.eccenca.com/auth/

The allowed protocol to met the access condition.

has super-properties: requires Attibute^op
has range: Protocol^c

write graph^op back to ToC or Object Property ToC

IRI: https://vocab.eccenca.com/auth/writeGraph

is defined by: https://vocab.eccenca.com/auth/

Grants read/write access to a graph.

has super-properties: is allowed^op
has range: Graph^c

creation time^op back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/creationTime

is defined by: https://vocab.eccenca.com/auth/

The time a session was created.

has range: date time
is also defined as: object property

expire time^op back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/expireTime

is defined by: https://vocab.eccenca.com/auth/

The time a session expires.

has range: date time
is also defined as: object property

grant allowed action pattern^op back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/grantAllowedActionPattern

is defined by: https://vocab.eccenca.com/auth/

Grants access conditions management for conditions granting action allowance for actions matching the defined pattern. The supported pattern syntax is defined by the interpreter.

has range: string
is also defined as: object property

grant read graph pattern^op back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/grantReadGraphPattern

is defined by: https://vocab.eccenca.com/auth/

Grants access conditions management for conditions granting read access on graphs matching the defined pattern. The supported pattern syntax is defined by the interpreter.

has range: string
is also defined as: object property

grant write graph pattern^op back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/grantWriteGraphPattern

is defined by: https://vocab.eccenca.com/auth/

Grants access conditions management for conditions granting write access on graphs matching the defined pattern. The supported pattern syntax is defined by the interpreter.

has range: string
is also defined as: object property

has Endpoint ID^op back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/hasEndpointId

is defined by: https://vocab.eccenca.com/auth/

The endpoint the sessions applies for.

has range: string
is also defined as: object property

login^dp back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/login

is defined by: https://vocab.eccenca.com/auth/

The login name of the account (e.g. email address, username).

has domain: Account^c
has range: string

password salt^dp back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/password_salt

is defined by: https://vocab.eccenca.com/auth/

The salt appended to the password.

has domain: Account^c
has range: string

requires Endpoint ID^op back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/requiresEndpointId

is defined by: https://vocab.eccenca.com/auth/

The endpoint needed to meet the access condition.

has range: string
is also defined as: object property

salted password SHA256^dp back to ToC or Data Property ToC

IRI: https://vocab.eccenca.com/auth/salted_password_sha256sum

is defined by: https://vocab.eccenca.com/auth/

The salted password of the account as SHA 256 checksum.

has domain: Account^c
has range: string

This HTML document was obtained by processing the OWL ontology source code through LODE, Live OWL Documentation Environment, developed by Silvio Peroni.

eccauth: eLDS AUTH schema ontology

Abstract

Table of Content

Classes

Access Conditionc back to ToC or Class ToC

Accountc back to ToC or Class ToC

Actionc back to ToC or Class ToC

Authentication Principalc back to ToC or Class ToC

Clientc back to ToC or Class ToC

Devicec back to ToC or Class ToC

Graphc back to ToC or Class ToC

Groupc back to ToC or Class ToC

Protocolc back to ToC or Class ToC

Sessionc back to ToC or Class ToC

Object Properties

allowed actionop back to ToC or Object Property ToC

creation timeop back to ToC or Object Property ToC

expire timeop back to ToC or Object Property ToC

grant allowed action patternop back to ToC or Object Property ToC

grant read graph patternop back to ToC or Object Property ToC

grant write graph patternop back to ToC or Object Property ToC

has Attributeop back to ToC or Object Property ToC

has Clientop back to ToC or Object Property ToC

has Deviceop back to ToC or Object Property ToC

has Endpoint IDop back to ToC or Object Property ToC

has protocolop back to ToC or Object Property ToC

is allowedop back to ToC or Object Property ToC

member ofop back to ToC or Object Property ToC

opened byop back to ToC or Object Property ToC

read graphop back to ToC or Object Property ToC

requires accountop back to ToC or Object Property ToC

requires Attibuteop back to ToC or Object Property ToC

requires clientop back to ToC or Object Property ToC

requires deviceop back to ToC or Object Property ToC

requires Endpoint IDop back to ToC or Object Property ToC

requires groupop back to ToC or Object Property ToC

requires protocolop back to ToC or Object Property ToC

write graphop back to ToC or Object Property ToC

Data Properties

creation timeop back to ToC or Data Property ToC

expire timeop back to ToC or Data Property ToC

grant allowed action patternop back to ToC or Data Property ToC

grant read graph patternop back to ToC or Data Property ToC

grant write graph patternop back to ToC or Data Property ToC

has Endpoint IDop back to ToC or Data Property ToC

logindp back to ToC or Data Property ToC

password saltdp back to ToC or Data Property ToC

requires Endpoint IDop back to ToC or Data Property ToC

salted password SHA256dp back to ToC or Data Property ToC

Named Individuals

eccenca gmb hni back to ToC or Named Individual ToC

junbehauenni back to ToC or Named Individual ToC

mfrommholdni back to ToC or Named Individual ToC

strampni back to ToC or Named Individual ToC

Annotation Properties

licenseap back to ToC or Annotation Property ToC

nameap back to ToC or Annotation Property ToC

term statusap back to ToC or Annotation Property ToC

Namespace Declarations back to ToC