W3C DAP WG Activity

W3C Device API and Policy WG Activity

Kangchan [email protected], [email protected]

Twitter : Kangchan

Thanks to Dave Raggett, and Dowan Kim

Hypertext• 1965 coins the term

“Hypertext”– in "A File Structure for the

Complex, the Changing, and the Indeterminate". 20th National Conference, New York, Association for Computing Machinery

• Project Xanadu founded in 1981• Goal: a networked pay-per-document hypertext

database encompassing all written information

10th MobileWebApps Camp

CERN – birthplace of the Web

• 1980 Develops “Enquire” as a simple hypertext system whilst consulting for CERN

• 1989 Project proposal for World Wide Web

• 1994 Founds W3C to lead the Web to its full potential


Enquire> ENQUIREEnquire V 1.1Hello!Opening file (PSK-PCP)VAC-V1:ENQR...PSB Vacuum Control System (concept) < O>--- ------ ------- ------[ 1] described-by: Enquiry System

An experimental system for which this is a test.[ 2] includes: Vacuum History System

Records and displays slow changes in pressure.[ 3] includes: Vacuum equipment modules

Perform all the hardware interface[ 4] includes: Control and status applications programs

Provide operator interaction from the consoles.[ 5] described-by: Controle du System a Vide du Booster 11-2-80

Operational specification of the software[ 6] includes: PSB Pump Surveillance System PCP 228

Allows rapid monitoring of pressure changes

[number ]


Early Web Browser


Current Web Environments


Web of Things

• Rapidly diminishing incremental cost for networking all kinds of devices

• The challenge for how to integrate devices as part of distributed applications

• Changing the way we think of the Web– No longer just about viewing websites on

desktop browsers with big screens– Instead apply Web technologies to ease the

task of developing new kinds of applications across a very wide range of devices


Needs for (Mobile) Web

• Application like– Rich Client (DOM, Ajax, etc)– Stand-alone Execution (Off-line, Gears)– Local Storage, Quick Launch, etc.

• Needs Device Access– GPS, Camera, Contacts, Calendar– Call/Message, History, etc.

• Security & Privacy– Security & Policy Management– User Consent (One-shot, Session, Permanent)


Related Works

• Standardization Works – HTML5– WebApps WG

• Operators– OMTP BONDI, JIL, OneAPI, etc.

• Solution Providers– PhoneGap, Titanium, Rhodes, etc.

• Device Manufactures– Palm WebOS, Nokia Web Runtime, etc


W3C Ubiquitous Web Domain

Ubiquitous Web

Domain

Mobile Web

Initiative Activity

Mobile Web Best

Practice WG

Mobile Web

Initiative Test Suite

WG

Mobile Web For Soc

ial Development IG

Multimodal

Interaction Activity

Ubiquitous Web

Application Activity

Ubiquitous Web

Applications WG

Geolocation WG

Device API and

Policy WG

Voice Browser

Activity

Extensible Markup

Language


http://www.w3.org/2009/dap/

DAP : Goal• Origin

– In December 2008, Security for Access to Device APIs from the Web

• Goal– Declaration of APIs such as Contacts -

The mechanisms by which a widget or Web Application can declare a dependency (with possible security consequences) on an API

– API Patterns - What should be similar across many APIs, e.g. API design, error handling etc.

– Concrete APIs - Specific APIs that should be standardized

– Policy Description - An XML (or other) formalism describing a security policy for concrete APIs.


DAP : Participations

• Chair – Robin Berjon(Vodafone)– Frederick Hirsch(Nokia)

• Info– 44 group participants, – 43 participants from 19 organizations.

• ACCESS Co., AT&T, Deutsche Telekom AG , ETRI, France Telecom, Google, Intel Corporation, Mozilla Foundation, Nokia, OMTP Limited, Opera Software, Samsung Electronics, SK Telecom, Sony Ericsson Mobile Communications, Sun Microsystems, Telecom Italia SpA , Telefónica de España, Vodafone, W3C

– 1 Invited Experts


DAP : Scope• Scope

– creation of API specifications for a device's services that can be exposed to Widgets and Web Applications

• Devices : desktop computers, laptop computers, mobile internet devices (MIDs), cellular phones, etc.

– defining a framework for the expression of security policiesthat govern access of Web Applications and Widgets to security-critical APIs

• Before developing a new policy expression language, existing languages (such as XACML) should be reviewed for suitability;

• The resulting policy model must be consistent with the existing same origin policies (as documented in the HTML5 specification), in the sense that a deployment of the policy model in Web browsers must be possible;

• The work should not be specific to either mobile or desktop environments, but may take differences between the environments into account


DAP : (expected) Deliverables• Personal Information Management (PIM) API : Calendar API, Tasks API , Contacts API

• Camera API, Messaging API• System Information and Events API : e.g. battery level, network status, etc. • FileSystem API : basic operations (Create, Read, Update, Delete) and more complex

operations (e.g. mount, unmount) developed in coordination with the Web Applications Working Group File Upload specification

• Application Launcher API : discover, identify and launch the platform's native applications

• Application Configuration API : manage application settings and user preferences • User Interaction API : e.g. minimise/maximise functions, window size, alerting, etc. • Communication Log API : e.g. sent emails, SMS, MMS, call events. • Gallery API : manage the local media file storage • Security Policy Framework, to express security policies that govern access of Web

Applications and widgets to security-critical APIs, including work on – Identification of APIs – Identification of Web Applications and Widgets – Definition of a policy description language for security policies – Expression of security policies that govern access of Web Applications and Widgets to security-critical APIs

•Primers •Requirements and use case document for specifications

•These documents should also address non-mobile scenarios. •Non-normative group notes


DAP : Milestones

• 2009Q3 – The Working Group reviews and compares existing

starting points for the various deliverables, and establishes a detailed roadmap.

• 2009Q4-2010Q1 – Deliverables with assigned editors progress along

Recommendation track. • 2010Q2-2010Q3

– All deliverables are on Recommendation track. • 2011Q2

– All deliverables have reached Proposed Recommendation.


DAP : Current Status


DAP : API Example


Conclusion


DAP is still at an early stage …

Question/Discussion : [email protected] Twitter : Kangchan

Technology

W3C DAP WG Activity