Helpfully @emmettownsend explained on gitter that he is thinking of these as bringing together different sets of agents by description. allOf restricts agents to those that fit all the descriptions, anyOf to those that fit one of the descriptions. Thinking semantically in terms of sets, the first maps to the intersection of agents fitting those description, the second to union of agents fitting those descriptions.
These two concepts are well defined and studied in OWL under Complex Classes (make sure to set check the Turtle view box at the top of that spec). So let us say we have the class of agents eu:Citizen and iso:Over18 then we can create the class of agents
Let us say this document is published in /groups/g1
To understand how
anyOf,allOfandnoneOfwork here is my first attempted formalization in OWL.At present there are no good examples of these being used in a distinct way. The missing use case for acp:allOf in the use case document would indeed make it difficult to show up the difference.
Helpfully @emmettownsend explained on gitter that he is thinking of these as bringing together different sets of agents by description.
allOfrestricts agents to those that fit all the descriptions,anyOfto those that fit one of the descriptions. Thinking semantically in terms of sets, the first maps to the intersection of agents fitting those description, the second to union of agents fitting those descriptions.These two concepts are well defined and studied in OWL under Complex Classes (make sure to set check the Turtle view box at the top of that spec). So let us say we have the class of agents
eu:Citizenandiso:Over18then we can create the class of agentsLet us say this document is published in
/groups/g1To model union of classes we use unionOf
And to model a class minus a group of
Trollswe can haveGiven this we see that we can perhaps also express these concepts using WAC. Following the initial analysis of the WAC/ACP diff for Access Control Resources, we could write our rules like this: