@base <http://ns.inria.fr/s4ac/v2> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix sioc: <http://rdfs.org/sioc/ns#> .
@prefix ma: <http://www.w3.org/ns/ma-ont> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
@prefix ademe: <http://www.ademe.fr/2009/svic-schema.rdfs#> .
@prefix dc: <http://purl.org/dc/elements/1.1/> .
@prefix dcterms: <http://purl.org/dc/terms/> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
@prefix nicetag: <../nicetag/2010/09/09/voc> .
@prefix irw: <http://www.ontologydesignpatterns.org/ont/web/irw.owl#> .
@prefix isicil: <../isicil#> .
@prefix skos: <http://www.w3.org/2004/02/skos/core#> .
@prefix prissma: <../prissma/v2#> .
@prefix sp: <http://spinrdf.org/sp#> .
@prefix vann: <http://purl.org/vocab/vann/> .
@prefix cc: <http://creativecommons.org/ns#> .
@prefix vs: <http://www.w3.org/2003/06/sw-vocab-status/ns#> .

<http://dbpedia.org/resource/National_Institute_for_Research_in_Computer_Science_and_Control>
    a foaf:Organization .

<>
    cc:license <http://creativecommons.org/licenses/by/3.0/> ;
    dc:description "A vocabulary to describe the access policies which protect an RDF data store."@en ;
    dc:issued "2011-06-28"^^xsd:date ;
    dc:modified "2011-10-06"^^xsd:date ;
    dc:publisher <http://dbpedia.org/resource/National_Institute_for_Research_in_Computer_Science_and_Control> ;
    dc:title "Social Semantic SPARQL Security For Access Control (S4AC) Ontology"@en ;
    vann:preferredNamespacePrefix "s4ac" ;
    vann:preferredNamespaceUri "http://ns.inria.fr/s4ac/v2#" ;
    a owl:Ontology ;
    owl:versionInfo 0.2 ;
    foaf:page <v2/s4ac_v2.html> .

<#AccessCondition>
    a owl:Class ;
    rdfs:comment "The Access Condition (AC) allows the users to access specific resources. An AC is a SPARQL 1.1 ASK query. If a solution exists, the ASK query returns true, and the AC is said to be verified. If no solution exists, the ASK query returns false, and the AC is said not to be verified."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "AccessCondition"@en ;
    rdfs:subClassOf sioc:Item ;
    vs:term_status "stable" .

<#AccessConditionSet>
    a owl:Class ;
    rdfs:comment """An Access Condition Set (ACS) represents a set of Access Conditions which can be either Conjunctive or Disjunctive.
		"""@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "AccessConditionSet"@en ;
    rdfs:subClassOf sioc:Container ;
    vs:term_status "stable" .

<#AccessEvaluationContext>
    a owl:Class ;
    rdfs:comment "An Access Evaluation Context (AEC) is a list L of predetermined bound variables names of the form (var1, val1) for which a SPARQL 1.1 Binding Clause constrains the ASK query evaluation (i.e., the evaluation of the Access Conditions) when verifying the Access Conditions."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "AccessEvaluationContext"@en ;
    owl:isEquivalentTo prissma:Context ;
    vs:term_status "stable" .

<#AccessPolicy>
    a owl:Class ;
    rdfs:comment "An Access Policy (AP) is a composed by an Access Condition Set, a Subject, an Access Evaluation Context, an Access Privilege, and a URI of the resource to which it is applied. "@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "AccessPolicy"@en ;
    vs:term_status "stable" .

<#AccessPrivilege>
    a owl:Class ;
    rdfs:comment "This class represents the kind of access privileges which is granted to the user (Create, Read, Update, Delete)."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "AccessPrivilege"@en ;
    rdfs:subClassOf sioc:Item ;
    vs:term_status "stable" .

<#ConjunctiveAccessConditionSet>
    a owl:Class ;
    rdfs:comment """A Conjunctive ACS (CACS) is a logical conjunction of Access Conditions, and it is said to be verified if and only if every Access Condition it contains is verified.
		"""@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "ConjontiveAccessConditionSet"@en ;
    rdfs:subClassOf <#AccessConditionSet> ;
    owl:disjointWith <#DisjunctiveAccessConditionSet> ;
    vs:term_status "stable" .

<#Create>
    a owl:Class ;
    rdfs:comment "This class represents a create access on the resource. This class is equivalent to acl:Append."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "Create"@en ;
    rdfs:subClassOf <#AccessPrivilege> ;
    owl:equivalentClass <http://www.w3.org/ns/auth/acl#Append> ;
    vs:term_status "stable" ;
    skos:related sp:Create, sp:InsertData, sp:Load .

<#Delete>
    a owl:Class ;
    rdfs:comment "This class represents a delete access on the resource."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "Delete"@en ;
    rdfs:subClassOf <#AccessPrivilege> ;
    vs:term_status "stable" ;
    skos:related sp:Clear, sp:DeleteData, sp:DeleteWhere, sp:Drop .

<#DisjunctiveAccessConditionSet>
    a owl:Class ;
    rdfs:comment """A Disjunctive ACS (DACS) is a logical disjunction of Access Conditions, and it is said to be verified if and only if at least one Access Condition it contains is verified.
		"""@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "DisjontiveAccessConditionSet"@en ;
    rdfs:subClassOf <#AccessConditionSet> ;
    owl:disjointWith <#ConjunctiveAccessConditionSet> ;
    vs:term_status "stable" .

<#Read>
    a owl:Class ;
    rdfs:comment "This class represents a read access on the resource. This class is equivalent to acl:Read."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "Read"@en ;
    rdfs:subClassOf <#AccessPrivilege> ;
    owl:equivalentClass <http://www.w3.org/ns/auth/acl#Read> ;
    vs:term_status "stable" ;
    skos:related sp:Ask, sp:Construct, sp:Describe, sp:Select .

<#Update>
    a owl:Class ;
    rdfs:comment "This class represents an update access on the resource."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "Update"@en ;
    rdfs:subClassOf <#AccessPrivilege> ;
    vs:term_status "stable" ;
    skos:related sp:Modify .

<#Value>
    a owl:Class ;
    rdfs:comment "This class is used to describe the value assigned to the variables used in the Access Conditions."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "Value"@en ;
    vs:term_status "stable" .

<#Variable>
    a owl:Class ;
    rdfs:comment "This class is used to describe the variables used in the Access Conditions."@en ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "Variable"@en ;
    vs:term_status "stable" .

<#appliesTo>
    a owl:ObjectProperty ;
    rdfs:comment "This property associates the Access Policy to the URI of the resource to which the policy is applied."@en ;
    rdfs:domain <#AccessPolicy> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "appliesTo"@en ;
    vs:term_status "stable" .

<#hasAccessCondition>
    a owl:ObjectProperty ;
    rdfs:comment "This property adds an Access Condition to an Access Condition Set."@en ;
    rdfs:domain <#AccessConditionSet> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasAccessCondition"@en ;
    rdfs:range <#AccessCondition> ;
    owl:inverseOf <#isAccessConditionOf> ;
    vs:term_status "stable" .

<#hasAccessConditionSet>
    a owl:ObjectProperty ;
    rdfs:comment "This property defines whether the Access Condition Set (ACS) of an Access Policy is a Conjunctive ACS, or a Disjunctive ACS."@en ;
    rdfs:domain <#AccessPolicy> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasAccessConditionSet"@en ;
    rdfs:range <#AccessConditionSet> ;
    vs:term_status "stable" .

<#hasAccessEvaluationContext>
    a owl:ObjectProperty ;
    rdfs:comment "This property associates an Access Policy with an Access Evaluation Context."@en ;
    rdfs:domain <#AccessPolicy> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasAccessEvaluationContext"@en ;
    rdfs:range <#AccessEvaluationContext> ;
    vs:term_status "stable" .

<#hasAccessPrivilege>
    a owl:ObjectProperty ;
    rdfs:comment "This property associates the Access Privileges to the Access Policies."@en ;
    rdfs:domain <#AccessPolicy> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasAccessPrivilege"@en ;
    rdfs:range <#AccessPrivilege> ;
    vs:term_status "stable" .

<#hasDescription>
    a owl:ObjectProperty ;
    rdfs:comment "This property associates a description of the variable used in the Access Condition Set to explain their use in the definition of the policies. "@en ;
    rdfs:domain <#Variable> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasDescription"@en ;
    rdfs:range rdfs:Literal ;
    vs:term_status "stable" .

<#hasName>
    a owl:ObjectProperty ;
    rdfs:comment "This property assigns a name to an Access Condition."@en ;
    rdfs:domain <#AccessCondition> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasName"@en ;
    rdfs:range rdfs:Literal ;
    vs:term_status "stable" .

<#hasQueryAsk>
    a owl:ObjectProperty ;
    rdfs:comment "This property defines the SPARQL 1.1 ASK queries which represent the Access Conditions."@en ;
    rdfs:domain <#AccessCondition> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasQueryAsk"@en ;
    rdfs:range rdfs:Literal ;
    vs:term_status "stable" .

<#hasValue>
    a owl:ObjectProperty ;
    rdfs:comment "This property associates a value to the variable used in the Access Conditions."@en ;
    rdfs:domain <#Variable> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasValue"@en ;
    rdfs:range <#Value> ;
    vs:term_status "stable" .

<#hasVarName>
    a owl:ObjectProperty ;
    rdfs:comment "This property associates a name to the variable used in the Access Conditions."@en ;
    rdfs:domain <#Variable> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasVarName"@en ;
    rdfs:range rdfs:Literal ;
    vs:term_status "stable" .

<#hasVariable>
    a owl:ObjectProperty ;
    rdfs:comment "The property associates the variables and the Access Condition Set where they are used."@en ;
    rdfs:domain <#AccessConditionSet> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "hasVariable"@en ;
    rdfs:range <#Variable> ;
    vs:term_status "stable" .

<#isAccessConditionOf>
    a owl:ObjectProperty ;
    rdfs:comment "This property says that an Access Condition is part of an Access Condition Set."@en ;
    rdfs:domain <#AccessCondition> ;
    rdfs:isDefinedBy <#> ;
    rdfs:label "isAccessConditionOf"@en ;
    rdfs:range <#AccessConditionSet> ;
    owl:inverseOf <#hasAccessCondition> ;
    vs:term_status "stable" .