Open ioggstream opened 1 year ago
netfl0
commented
1 year ago This is a excellent idea, please go ahead with modeling this. Let me know if you’ve got questions on our approach in OWL2DL. We model as classes and restrictions for relationships.
aamedina
commented
6 months ago There is a W3C working group note for a HTTP vocabulary in RDF (https://www.w3.org/TR/HTTP-in-RDF10/) which is used by the Thing Description Model which has become a recommendation: https://www.w3.org/TR/wot-thing-description11/#http-binding-assertions
Might be interesting to align here with OCSF https://schema.ocsf.io/1.3.0-dev/classes/http_activity
ioggstream
commented
6 months ago @aamedina interesting. Since it referst to RFC2616 it would be useful to review and ensure that https://www.w3.org/TR/HTTP-in-RDF10/ is consistent with RFC9110 though.
HTTP is about semantics and abstracts concepts from lower layers (e.g. https://datatracker.ietf.org/doc/html/rfc9110#connections)
Moreover there are some tricky concepts such as representation metadata, representation data, content, ... that should probably be part of a vocabulary.
Given that concepts such as HTTP Intermediaries (aka proxies) are important on the security side, it makes sense to create a new HTTP Vocabulary inspired by RFC9110.
aamedina
commented
6 months ago I agree--it would be really interesting to see the semantics modeled from RFC9110 as per your suggestion, my preference should you develop this further is to favor class alignment to the existing HTTP RDF vocabulary so that that "Things" (in the "Web of Things") can be modeled as digital artifacts as others will begin to use IRIs with the predicates from that vocabulary when specifying IoT affordances. If IoT platforms begin to support the Thing Description model (with interaction affordances being bound to HTTP actions), I would appreciate alignment to automatically apply d3fend based threat models to IoT architectures.
I Expect
Question
Feel free to let me know whether this is ok or not.