A New year starts and this one will be the year of Google Wave. In this new post we talk about what we expect about Google Wave and everything related.
On this post we are going to talk about access control in wave. As we know, a wave has a list of participants. This list, is only a list of addresses that participate on a wavelet and what kind of privileges has each address. This is a short summary and the big idea each user has to have.
Wave access control is defined as:
which individual or robot has access to a specific account
what access an account has to an address
what access an address has to a wavelet
The first one, is very common, you have to “log-in” into your wave provider with an specific account. Each user or robot has to do it, in this point there is no differences between robot or individual. For the second one we have to talk more about how a wave is implemented. You have to imagine a graph where each edge in the graph grants access from one address to another address. Let’s take a look in this picture:
Wave Access, wave with different sections with different grant option to each user
In this picture you can see a representation of a wave. Is more o less a box with all the information. Each participant has access to different parts of the wave. Each access part is called edge and grants access to different users. This edges are stored in waves and are authorized by the wave provider that controls the domain of the addresses. This means that the wave provider control what part of the wave you can access. This can be powerful, because you can be working on a wave stored in a third party server, and 2 users from different wave server can establish personal comments, the third party server does not know anything about this comments. You can imagine this is the most powerful level of isolation, no data travelling into third party server, only the data is needed. This access edges can be exchanged between wave providers through the normal wave federation protocols.
In a wave we can find at least the canonical address, this is the entry point for an account into a wave with an specific provider. In this graph the canonical address is “WAVE”. This entry point is the most common, other entry points could be only a part of the wave (some wavelets). As well as a document in a computer, we can read only or read write a file. Wavelet can have different levels of access but is is still to be defined in the protocol. With wavelets there are operations, this operations are authorized at the source of each wave provider. If authorization spans multiple wave providers the operation needs to be sent and verified along the path of each of the involved wave providers.
In next posts we’ll enter in most detail, stay tuned!
This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.
Access Control in Wave
On this post we are going to talk about access control in wave. As we know, a wave has a list of participants. This list, is only a list of addresses that participate on a wavelet and what kind of privileges has each address. This is a short summary and the big idea each user has to have.
Wave access control is defined as:
The first one, is very common, you have to “log-in” into your wave provider with an specific account. Each user or robot has to do it, in this point there is no differences between robot or individual. For the second one we have to talk more about how a wave is implemented. You have to imagine a graph where each edge in the graph grants access from one address to another address. Let’s take a look in this picture:
Wave Access, wave with different sections with different grant option to each user
In this picture you can see a representation of a wave. Is more o less a box with all the information. Each participant has access to different parts of the wave. Each access part is called edge and grants access to different users. This edges are stored in waves and are authorized by the wave provider that controls the domain of the addresses. This means that the wave provider control what part of the wave you can access. This can be powerful, because you can be working on a wave stored in a third party server, and 2 users from different wave server can establish personal comments, the third party server does not know anything about this comments. You can imagine this is the most powerful level of isolation, no data travelling into third party server, only the data is needed. This access edges can be exchanged between wave providers through the normal wave federation protocols.
In a wave we can find at least the canonical address, this is the entry point for an account into a wave with an specific provider. In this graph the canonical address is “WAVE”. This entry point is the most common, other entry points could be only a part of the wave (some wavelets). As well as a document in a computer, we can read only or read write a file. Wavelet can have different levels of access but is is still to be defined in the protocol. With wavelets there are operations, this operations are authorized at the source of each wave provider. If authorization spans multiple wave providers the operation needs to be sent and verified along the path of each of the involved wave providers.
In next posts we’ll enter in most detail, stay tuned!
Tags: access control, Wave Federation
If you like what you see, please, support us:
Posts that may be of your interest: