Tuesday, March 25, 2008

People and Permissions

One of the questions that we've been discussing recently is the question of who should be able to see what in a multi-computer environment (e.g. a home or small office).

We spent time thinking through a number of approaches:
  • each user could have private and public files (like the "shared folder" concept)
    • Pros - easy to mix private and public
    • Cons - Requires the user to organize their work in a specific way
  • different computers could encrypt files differently so that even the administrator could not access a user's files
    • Pros - One user can be completely private from the administrator
    • Cons - A user can be completely private from the administrator, accessing files remotely becomes difficult
  • there could be an "administrator" class and a "limited" class of users with administrator class being able to do everything and limited users only being able to see their files
    • Pros - This is familiar model. In a high-trust environment everyone can have administrator rights. In a privacy-conscious environment there can be one administrator and a series of limited users. For total privacy, each user should have their own account.
    • Cons - There's no way, other than separate accounts, for a limited user to protect their data from the administrator.
In the end, we decided to opt for the two classes of user because:
  1. It is simple to understand
  2. It covers several key situations well:
    • a small business owner and a number of staff
    • a family where someone takes care of the computer(s) and other family members are users
    • a small business with an IT person
  3. It is straightforward to implement all of the Athena Backup features in this context
You can look forward to seeing this feature released in the next month or two!

Andrew.

2 comments:

cara-blog said...

thanks for this info, kunjungi balik ya di download ebook gratis :)

Fadhilah. MPA said...

your blog is good. visit my blog too