data-interoperability-panel icon indicating copy to clipboard operation
data-interoperability-panel copied to clipboard

Published 20 hours ago verified publisher icon solid

Integrity of `skos:preflabel` and `skos:prefdefinition`

Open tomhgmns opened this issue 2 years ago • 4 comments

We are currently implementing the interop spec into use.id, but are concerned about relying on skos:preflabel and skos:prefdefinition of the Access Need Groups to render the UI of the authz agent.

This is because a malicious party might create a mismatch between those two fields and the actual access requests.

For example, I could present the following access needs group:

  • skos:preflabel: "Read access to your shopping history"
  • In reality, my app asks permission to read the user's medical data

Has the panel considered this situation?

We are thinking to solve this issue by putting a human readable name at the shape tree itself...

tomhgmns avatar Sep 08 '22 11:09 tomhgmns

Yes this scenario was considered and has been solved already in the shape tree specification. The shape tree definition includes a similar description of what the data is. So regardless of what the access need description is, the data that is being requested is always present it based on the shapetree definition. On Sep 8, 2022, 7:38 AM -0400, Tom Haegemans @.***>, wrote:

We are currently implementing the interop spec into use.id, but are concerned about relying on skos:preflabel and skos:prefdefinition of the Access Need Groups to render the UI of the authz agent. This is because a malicious party might create a mismatch between those two fields and the actual access requests. For example, I could present the following access needs group:

• skos:preflabel: "Read access to your shopping history" • In reality, my app asks permission to read my medical data

Has the panel considered this situation? We are thinking to solve this issue by putting a human readable name at the shape tree itself... — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you are subscribed to this thread.Message ID: @.***>

justinwb avatar Sep 08 '22 11:09 justinwb

Thanks for the answer, Justin! We'll rely on the ShapeTree definition then!

tomhgmns avatar Sep 08 '22 12:09 tomhgmns

Great timing @tomhgmns I'm also implementing it and today should have all the code ready, that combines human-readable information from access need descriptions and shape tree descriptions. I plan to push that code down to sai-js as soon as it fits the need of the authorization agent.

elf-pavlik avatar Sep 08 '22 14:09 elf-pavlik

I'll look into adding what we have discussed here into the Security Considerations section.

elf-pavlik avatar Sep 28 '22 01:09 elf-pavlik