Xdi graph patterns
This presentation is the property of its rightful owner.
Sponsored Links
1 / 30

XDI Graph Patterns PowerPoint PPT Presentation


  • 45 Views
  • Uploaded on
  • Presentation posted in: General

This document contains XDI introductory materials plus illustrations of many standard XDI graph patterns: I-names, i -numbers, and synonyms: XDI statements used to assert multiple XRIs for the same logical resource

Download Presentation

XDI Graph Patterns

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Xdi graph patterns

This document contains XDI introductory materials plus illustrations of many standard XDI graph patterns:

I-names, i-numbers, and synonyms: XDI statements used to assert multiple XRIs for the same logical resource

Peer graphs and XDI discovery: statements used to describe and navigate the distributed global XDI graph

Social graphs: relationships between XDI authorities

Attribute singletons: contexts that contain a single literal value and can describe versioning of that value

Attribute collections: contexts that contain a set of attribute singletons

Entity singletons: contexts that represent a single entity

Entity collections: contexts that contain a set of entity singletons

Personas and roles: entities and relations that model contextual identity for individuals

Inner roots and outer roots: inner graphs within a local graph

Link contracts: contexts and relations used for XDI authorization

Policy expression: conditional logic for rules evaluation

Messages: XDI graphs used in the XDI protocol

Dictionaries: machine-readableXDI ontology definitions

XDI Graph Patterns

OASIS XDI TC SubmissionDrummond Reed, Markus Sabadello

2013-02-15


Xri context symbols

XRI context symbols

Global Context Symbols

Symbol

Context

Meaning

Examples

=

Globally unique identifiers controlled by natural persons

=drummond

=windley

Individual

Globally unique identifiers controlled by legal organizations (trademarks)

@neustar

@kynetx

@

Institutional

Globally unique identifiers controlled by the general public (generic nouns)

+photo

+email

+

Generic

$and

$or

$

Globally unique identifiers controlled by standard bodies (e.g., XDI grammar)

Specific

Local Context Symbols

Symbol

Context

Meaning

Examples

Locally unique identifiers that are assigned to a resource once and never reassigned (“i-numbers”)

!1234

!4c3f.87e2

!

Immutable

Locally unique identifiers that may be reassigned to different resources over time (“i-names”)

*susan

*back.forty

*

Mutable

Cross-References

Symbol

Meaning

Examples

()

An identifier assigned in one context being reused in another context

(http://example.com/)

@kynetx+customer(http://example.com/)


Xdi graph notation

XDI Graph Notation

Symbol

Usage

In RDF graph model?

Root context node: Represents the starting point of an XDI graph

Context node: Represents any entity or attribute within the graph

Literal node: Represents a leaf node containing data

Contextual arc: Uniquely identifies a context node

Relational arc: Non-uniquely links context nodes

Literal arc: Singleton arc that identifies a Literal node


Simple examples

Simple examples

local root

peer root

contextual

contextual

context

contextual

context

literal

literal

contextual

“value”

relational

context

contextual

literal

literal

“value”

context

contextual

literal

literal

“value”

context

()

(=bob)

(=bob)

$!($uri)

(=bob)$!($uri)

=bob

=bob

!

=alice

“http://xdi.example.com/bob”

=alice

+friend

$!(+tel)

=alice$!(+tel)

!

“+1-206-555-1212”

$!($t)

=alice$!(+tel)$!($t)

!

“2010-10-10T11:12:13Z”


Json serialization 1

JSON serialization (1)

{

"=alice/+friend": [

"=bob"

],

"(=bob)$!($uri)/!": [

”http://xdi.example.com/bob"

],

"=alice$!(+tel)/!": [

"+1-206-555-1212"

],

"=alice$!(+tel)$!($t)/! ": [

"2010-09-20T10:11:12Z"

]

}


Json serialization 2

JSON serialization (2)

{

"()/$is$ref": [

"(=!1111.2222.3333.4444)"

],

"=example/$ref": [

"=!1111.2222.3333.4444"

],

"=!1111.2222.3333.4444/$is+": [

"+person"

],

"=!1111.2222.3333.4444/+friend": [

"=example2",

"=example3*john.smith",

”=(mailto:[email protected])",

”=(http://example.com/friend)"

],

"=!1111.2222.3333.4444$!(+age)/!": [

33

],

"=!1111.2222.3333.4444$!(+vegetarian)/!": [

true

],

"=!1111.2222.3333.4444+favorite$!(+colors)/!": [

"red",

"blue",

"green"

],

"=!1111.2222.3333.4444+address$(+street)$(!1)/!": [

"123 Corliss Ave N"

],

"=!1111.2222.3333.4444+address$(+street)$(!2)/!": [

"Apt 42"

],

"=!1111.2222.3333.4444+address$!(+city)/!": [

"Seattle"

],

"=!1111.2222.3333.4444+address$!(+state)/!": [

"WA"

],

"=!1111.2222.3333.4444+address$!(+postal.code)/!": [

"98133"

]

}


Multiplicity

Multiplicity

Node

All nodes that provide context for the data

Leaf nodes that contain the raw data

Context

Literal

Nodes that are neither starting nor leaf nodes

Root

Subgraph

Starting nodes of the graph

Does not contain member singletons

Peer

Singleton

Local

Collection

Relative to current graph

Reference to an external graph

Contains zero or more member singletons

Outer

Inner

Entity

Attribute

Root of current graph

Graph-within-a-graph

Does not contain a literal node

Contains zero or one literal node


Multiplicity and dictionary syntax

Multiplicity and dictionary syntax

Concept

English syntax

XDI syntax

Class – singular

photo

+photo

photos

Class – plural (collection)

$(+photo)

the photo

Instance

$!(+photo)

a photo

Class definition

+(+photo)

color photoFlicker photo

Class specialization

+color+photo+(@flicker)+photo

Specialized class definition

a color photoa Flicker photo

+(+color)+(+photo)+(@flicker)+(+photo)

Syntax rule

Node type

Entity singleton

Default (no special syntax)

Attribute singleton

Begins with $!(

Collection

Begins with $(

Member entity singleton

Begins with $(!

Member attribute singleton

Begins with $!(!


I names i numbers and synonyms

I-names, i-numbers, and synonyms

Every non-root XDI node has exactly one canonical XDI address. A canonical equivalence relationship may be asserted between two XDI context nodes (i.e., that they represent the same logical resource and thus their XDI addresses are “synonyms”) using a $ref relational arc. (The inverse relation is $is$ref.) When navigating the graph, an XDI processor is required to redirect to the target node of a $ref relation before continuing.

The local root node address is ()

$is$ref

The “I am” statements, i.e., a way for the local root of this graph to assert its own XDI address(es)

(=!0999.a7b2.25fd.c609)

$ref

=abc

=abc

The XRI =abc, an i-name, is a synonym for the XRI =!0999.a7b2.25fd.c609, an i-number

=!0999.a7b2.25fd.c609

$ref

=!0999.a7b2.25fd.c609

*home

=!0999.a7b2.25fd.c609*home

*household

The top two i-names are synonyms for the bottom i-number

=!0999.a7b2.25fd.c609*household

$ref

$ref

!1

=!0999.a7b2.25fd.c609!1


Peer graphs and xdi discovery

Peer graphs and XDI discovery

The XDI global graph is a single logical graph of which subsets are distributed across any number of network locations (clients, servers, databases, etc.) Each subset, called a local graph, begins with a local root node, expressed as an empty XRI cross-reference, (). A local root node accessible on the network is called an XDI endpoint. A local graph may describe other peer XDI graphs by including XDI statements describing peer root nodes. This enables XDI clients to perform XDI discovery: navigation of the global graph by making XDI queries across a chain of local graphs to discover the URIs for other XDI endpoints.

$is$ref

The “I am” statements where the local root node describes its own identifier(s) using $ref and $is$ref relations

()

(=!0111.7af3.65d5.8cb7)

$ref

This $uri attribute collection is a property of the local root

$!(!1)

$($uri)

!

“http://xdi.example.com/(=!0111.7af3.65d5.8cb7)/”

$!(!2)

!

“http://xdi2.example.com/(=!0111.7af3.65d5.8cb7)/”

(@!0111.db4a.e317.7a12)

This local graph describes two peer roots each with a singleton URI attribute

$!($uri)

!

(=!0222.e3f2.76cb.904a)

“http://xdi.example.com/(@!0111.db4a.e317.7a12)/”

$!($uri)

!

“http://xdi.example.com/(=!0222.e3f2.76cb.904a)/”


Outer roots and inner roots

Outer roots and inner roots

The local root node of every XDI graph is also called its outer local root, which is unique. In addition, there can be inner local roots, which are used to form inner graphs within the current local graph. An inner graph can not itself be an XDI endpoint, but it is addressable within the XDI global graph via its outer local root.

The local root node address is ()

$is$ref

(=!0999.a7b2.25fd.c609)

$ref

=abc

=abc

The address of the inner local root is a cross-reference containing the address of a context node plus a relational arc.

+inner

(=abc/+inner)

(=abc/+inner)

=abc

(=abc/+inner)=abc

+friend

=xyz

(=abc/+inner)=xyz

(=abc/+inner)/()/=abc

(=abc/+inner)/()/=xyz

(=abc/+inner) =abc/+friend/ (=abc/+inner) =xyz

=abc/+inner/(()/()/=abc)

=abc/+inner/(()/()/=xyz)

=abc/+inner/(=abc/+friend/=xyz)


Social graphs

Social graphs

XDI graphs can express the relationships between XDI authorities in different contexts. This example illustrates the relationship between =abc(i-number =!1111) and =xyz (i-number =!2222) in a global context, a Facebook context, and a Seattle soccer context.

$is$ref

()

(=!1111)

Social graph expressed at the (=!1111) local graph, for which =abc is the authority

=abc

$ref

=!1111

=abc is best friends with =xyz

=xyz

$ref

=!2222

+best+friend

$ref

(http://facebook.com/)

=abc is friends with *bob in the Facebook context

*bob

$ref

!a726df

+friend

+seattle

=abc is a teammate of =xyz in a Seattle soccer context

+soccer

=xyz

$ref

=!2222

+teammate


Attribute singletons

Attribute singletons

An attribute singleton has a single literal arc to a literal node. It may also contain other contexts describing it (subproperties). An attribute singleton is always prefixed with $!. The diagram below illustrates a person's age, $!(+age), with two standard XDI subproperties: a timestamp $t and a versioning subgraph$v.

$is$ref

()

(=!1111)

=abc

$ref

=!1111

$!(+age)

Attribute singleton +age

!

$ref

“33”

Literal value

$!($t)

Timestamp subgraph

!

“2010-10-10T11:12:13Z”

$($v)

Versioning subgraph

$v

$!(!1)

$!(!2)

First version context

!

Second version context, which is also the current version

“32”

First version value

$!($t)

First version timestamp

!

“2010-09-09T10:11:12Z”


Attribute collections

Attribute collections

An attribute collection represents a set of attribute singletons of the same type and optionally ordinal contexts expressing their order. An collection is a cross-reference prefixed with $. Each The example shown below is a phone number with two instances, =abc$(+tel)$(!1) and =abc$(+te)l$(!2). Ordering of these instances is done with ordinal contexts – i-names in the form $*n, where n is a positive integer. Relational arcs describe the non-unique type of each instance, e.g., +home, +home+fax, and +work.

$is$ref

()

(=!1111)

+home+fax

=abc

+home

$ref

!

$!(!1)

“+1.206.555.1111”

=!1111

$ref

$*2

$(+tel)

Two ordinal contexts, =abc$(+te)l$*1 and =abc$(+tel)$*2, assert the order of the two phone number members

$*1

$ref

$!(!2)

+work

!

“+1.206.555.2222”

$!($t)

$!($t)

$($v)

$($v)

Version subgraph – reflects changes at this level only

Version subgraph – reflects changes to literal values only


Combining attribute singletons and attribute collections

Combining attribute singletons and attribute collections

Attribute singletons and attribute collections may be used together to express the full semantic richness of contextual data. This example illustrates how the XDI graph for a person =abc can express his/her default, work, home, and home fax telephone numbers.

$is$ref

()

(=!1111)

=abc

$!(+tel)

$ref

+work

$!(+tel)

=!1111

+home

$!(+tel)

+fax

$!(+tel)

$ref

$ref

$ref

$ref

+home+fax

+home

$(+tel)

!

$(!1)

“+1.206.555.1111”

$ref

$*2

$*1

$ref

$(!2)

+work

!

“+1.206.555.2222”


Entity singletons

Entity singletons

An entity singleton represents a single instance of an entity, like a single noun in the English language. Entity singletons are the default in XDI, i.e., they have no special multiplicity syntax. The example shown below is +passport. It contains three attribute singletons: a country string, a number string, and an expiration date.

$ref

()

(=!1111)

=abc

$ref

=!1111

+passport

$!(+country)

!

$!(+num)

“New Zealand”

!

$!(+expires)

“123456789”

!

“2010-10-01T00:00:00Z”

$!($t)

$!($t)

$($v)

$($v)

Version subgraph – reflects changes to the literal value only

Version subgraph – represents changes to this level only


Entity collections

Entity collections

An entity collection represents a set of entities of the same type. Each member is a subcontext identified with an i-number in the form $(!n), where n is an i-number. The example shown below is a set of passports. Two instances are shown, =abc+passport$(!1) and =abc+passport$(!2). (Ordering of these instances is not shown in this diagram, but uses the same ordinal context pattern as with attribute collections.)

$is$ref

()

(=!1111)

$!(+country)

=abc

!

$!(+num)

“Canada”

$ref

!

=!1111

$(!1)

“987654321”

$ref

+ca

!

$!(+expires)

“2005-01-01T00:00:00Z”

$(+passport)

$!(+country)

+nz

$ref

!

$(!2)

$!(+num)

“New Zealand”

!

“123456789”

!

$!(+expires)

“2010-10-01T00:00:00Z”

$!($t)

$!($t)

$!($t)

$($v)

$($v)

$($v)

Version subgraph – reflects changes to this level only

Version subgraph – reflects changes to the literal value only

Version subgraph – reflects changes to this level only


Personas and roles

Personas and roles

Personas are an example of using entity collections to model the identity of a person. In the example below, the person $(=!1111) has two personas, $(=!1111)$(!1) and $(=!1111)$(!2). @!4444 (aka @example.co) is a company in which the $(=!1111)$(!2) persona plays the role of president.

$ref

()

(=!1111)

$(!1)

$ref

$(=!1111)$(!1) and $(=!1111)$(!2)

are personas of =!1111 that enable =!1111 to control the sharing of portions of =!1111’s personal graph

$(=!1111)

*home

*work

$ref

=abc

$(!2)

=!1111

$ref

The ($) variable relation allows subgraphs to be included in other graphs – in this case, the $(=!1111)$(!2) persona includes =!1111$!(+age)

$!(+age)

($)

!

“33”

@example.co

$ref

+president

@!4444

+president is a role that the persona $(=!1111)$(!2) plays in the context of company @!4444


Link contracts 1

Link contracts (1)

A link contract is an context used for XDI authorization. A link contract is defined by a $do context. Shown below is the “bootstrap” link contract in a graph, called a root link contract: a $do child of the local root node. The $all relation pointing back to the root asserts that the assignee(s) of this contract have “root access”, i.e., permission to perform all XDI operations on the entire local graph.

$is$ref

()

(=!0999.a7b2.25fd.c609)

=abc

=!0999.a7b2.25fd.c609

$ref

$do

$all

$if

This root link contract uses the $all relation to allow performing all XDI operations on the local graph, if the policy expression is satisfied.

$if begins the policy expression branch of a link contract


Link contracts 2

Link contracts (2)

This diagram shows the addition of a link contract to the previous Personas and Roles diagram. This link contract, created by =!1111 to control access to the $(=!1111)$(!2) persona, is intended to provide $get (read) permission on that persona.

$ref

This link contract gives the assignee(s) permission to do an XDI $get operation on the $(=!1111)$(!2) persona, i.e., read anything in its subgraph

()

(=!1111)

$(!1)

$ref

$(=!1111)

*home

*work

$get

$ref

=abc

$(!2)

$do

=!1111

$ref

$!(+age)

($)

$if

!

“33”

@example.co

+president

$ref

@!4444

The $if subcontext of $do is used to assign policies to this link contract (see the next page)


Policy expression 1

Policy expression (1)

Policy expression is handled by the $if subgraph of a link contract. Policy expressions can use the boolean contexts $and, $or, and $not, which establish a boolean logic tree. Within this tree, the operators $true and $false, as well as conditions such as $equals, $greater, and $lesser are used to formulate how the policy can be satisfied.

$ref

(=!1111)

=!1111

$do

Link contract

$if

$if begins the policy expression branch of a link contract

$and branches group policies that must all evaluate to true

$and

$false

{conditions}

The inner graphs contain conditions for the policies (not shown here due to space limitations)

$($or)

$(!1)

$or branches group policies of which at least one must evaluate to true

$true

{conditions}

$(!2)

$false

$not

{conditions}

$not branches group policies that must evaluate to false

$true

{conditions}

$true

{conditions}


Policy expression 2

Policy expression (2)

The following policy expression evaluates to true, if a message is sent from a certain I-Number, and if a correct secret token is provided.

$ref

(=!1111)

=!1111

$do

Link contract

$if

(=!1111$do$if$and/$true)

$and

$true

($from)

$is

=!1111

($msg)$secret$!($token)

$secret$!($token)

$equals


Messages 1

Messages (1)

XDI messages are XDI graphs sent from a local XDI graph (the “from” graph) to one or more peer XDI graphs (the “to” graph(s)) to perform an XDI operation (e.g., $get, $add, $mod, $del, $copy, $move). Every message must reference the link contract authorizing the operation(s) it is requesting. Note that the $add relation records the source graph for auditing purposes.

$is$ref

“from” local graph (endpoint)

(=!1111)

(!3)

()

=!1111

“from” XDI authority (sender)

$($msg)

$add

Message collection

Message entity

$(!1234)

(=!2222)

$is()

$!($t)

Message timestamp

!

“2010-12-22T22:22:22Z”

“to” peer graph

Message envelope

Message operations

$(=!2222)

$do

$get

$(!1)

Every message must include a $do reference to the link contract authorizing the opera-tion(s) it is requesting. For example, this message references the =!2222$(!1)$do link contract for $get permission on the $(=!2222)$(!1) persona

$do

$do


Messages 2

Messages (2)

This is an example of an XDI message with a $add operation, which uses an inner graph for the statements to be added. Most of the message envelope as well as the link contract are left out in this example.

$is$ref

“from” local graph (endpoint)

(=!1111)

(!3)

()

=!1111

$($msg)

$add

$(!1234)

(=!1111$($msg)$(!1234)$do/$add)

Message envelope

Message operations

$do

$add

=!2222

The $add operation requests the statements underneath the inner local root to be added to the target graph.

$!(+name)

=!3333

!

“Alice”

+friend


Dictionaries 1

Dictionaries (1)

XDI graphs containing XDI ontology statements are called XDI dictionaries. They are machine-readable definitions of entities and attributes. Attribute types are defined by reference to the XDI literal type tree, which includes the datatypes defined in JSON, XML, and MIME. Entity types are built up from attribute types and other entity types.

$is$ref

()

(+)

The global + context is the root of the XDI literal type tree

+

$json

$number

All branches of the XDI literal type tree end in !

$xml

!

$mime

$is+

$ref+ statements define supertype relationships

+(+age)

$($xbnf)

XBNF (XDI BNF) is a version of ABNF in which every statement is XDI-addressable

$!(!1)

!

“{XBNF statement}”

$!(rule-name)

$!($t)

!

“{XBNF statement}”

Dictionary statements may be timestamped and versioned like any other XDI graph

!

“2010-09-09T10:11:12Z”


Dictionaries 2

Dictionaries (2)

An entity type is defined using definitions of attribute types and/or other entity types. Note that these “definitions in context” can override the global definition. For instance, in the example below, the definition +(+num) in the context of the definition of +(+passport) overrides the global definition of +(+num) by providing its own specific XBNF. All other properties of the global definition still apply.

$is$ref

()

(+)

+(+passport)

$!($*) is the attribute singleton for multiplicity – it takes a literal expression that defines the cardinality of a subcontext

+(+country)

$!($*)

!

+(+num)

“1”

Values correspond to cardinality notation in UML, e.g., “1” means exactly one

$!($*)

!

“1”

$($xbnf)

The XBNF for this definition of +num overrides the XBNF in the global definition

$!(!1)

!

“{XBNF statement}”

+(+expires)

$!(rule-name)

!

“{XBNF statement}”

$!($*)

!

“1”


Dictionaries 3

Dictionaries (3)

Relations for a context are defined using the dictionary context *. Multiplicity of a relation is defined the same way as multiplicity for a subcontext. Note that complex relations can be defined, e.g., +(+best+friend).

$is$ref

()

(+)

+(+person)

*

+(+mother)

$!($*)

+(+father)

!

“1”

$!($*)

+(+friend)

!

“1”

$!($*)

!

+(+best+friend)

“0-n”

$!($*)

!

“0-1”


Extra examples

Extra Examples


Device identity

Device identity

This pattern represents an approach to putting a device on the XDI graph. Since a device, such as a GPS transponder, may change ownership over time, the device is identified with a URI using the URN UUID schema. The XDI root node is identified using a cross-reference to this UUID. At any point in time, this cross-reference may be put in the context of a specific owner, such as =!2222. Data output by the device is in a subgraph in the context of the device identity. This subgraph is identified with an i-number which is cross-reference to the UUID.

$is$ref

()

(urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6)

$is$ref

(=!2222)

(urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6)

$!($uri)

+(@!1111)

!

“http://xdi.example.com/(uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6)/”

+gps

!(urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6)

$is+

+sensor

Sensor attributes

+accuracy

Accuracy attributes

+location

$(!1)

Location event instances


Event channels

Event channels

This pattern represents an approach to modeling event channels in an XDI network.

$is$ref

()

(=!1111)

$!($uri)

=!1111

!

“http://xdi.example.com/(=!1111)

+event

Event channel identifier (ECI) expressed as an i-number

$(+channel)

$(!a1b2-78d5)

$(+event)

$do

$add

Link contract for permissioningto send events to =!1111 on this channel


  • Login