Security: Difference between revisions

From OnTrackNorthAmerica
No edit summary
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
==== How it Works ====
''Here is our security policy and procedures to date. If you have any comments or questions please use the Discussion Tab above.''


=== How it Works ===
* Security is controlled through namespaces and user groups. Namespaces are groups of pages and user groups are groups of people. These things get a bit more complex but for our purposes that's enough.
* Security is controlled through namespaces and user groups. Namespaces are groups of pages and user groups are groups of people. These things get a bit more complex but for our purposes that's enough.
Currently we have 3 important user groups
Currently we have 3 important user groups
Line 12: Line 13:
* We use "namespaces" as the way to group pages for a specific knowledge base such as OnTrackMississippi Stakeholders KB. In this example all pages able to be seen by OTM stakeholders will be  in a namespace OTMStakeholders.
* We use "namespaces" as the way to group pages for a specific knowledge base such as OnTrackMississippi Stakeholders KB. In this example all pages able to be seen by OTM stakeholders will be  in a namespace OTMStakeholders.


==== Why Security is Important ====
=== Why Security is Important ===
* We often are given information that has political or commercial implications for the person who supplied the information. This information has to be recorded in our internal KB in order for us to have a clear understanding of the problem and solution scenarios for subjects and goals.  
* We often are given information that has political or commercial implications for the person who supplied the information. This information has to be recorded in our internal KB in order for us to have a clear understanding of the problem and solution scenarios for subjects and goals.  
** But, in the stakeholder KBs this sensitive information is either not published or is handled diplomatically
** But, in the stakeholder KBs this sensitive information is either not published or is handled diplomatically
Line 18: Line 19:
* At some point we also may monetize certain non-proprietary information, information not told to us in confidence.
* At some point we also may monetize certain non-proprietary information, information not told to us in confidence.


==== Our Core Principles and Ethics====
=== Our Core Principles and Ethics ===
* Consult the OnTrackNorthAmerica [https://ontracknorthamerica.org/core-principles/ core principles and ethics of OTNA] for further inspiration
* Consult the OnTrackNorthAmerica [https://ontracknorthamerica.org/core-principles/ core principles and ethics of OTNA] for further inspiration

Latest revision as of 12:03, 2 April 2024

Here is our security policy and procedures to date. If you have any comments or questions please use the Discussion Tab above.

How it Works

  • Security is controlled through namespaces and user groups. Namespaces are groups of pages and user groups are groups of people. These things get a bit more complex but for our purposes that's enough.

Currently we have 3 important user groups

  • Highrest, Medrest, and Fac these stand for high restriction, medium restriction and facilitators.
  • Users marked as high restriction or Highrest will only be allowed to read pages in the Stakeholder KBs.
  • Users marked medium restriction or Medrest will be allowed to edit and create pages in the Stakeholder KBs.
  • People marked as Fac will be allowed read and write permissions in the the Internal KB as well as the Stakeholder KBs.
  • Pages with the prefix "Facilitators" in the title helps you know that text placed her will not be seen by Stakeholders
    • Facilitators have read/write/edit stakeholder pages because part of there job is to publish content to the Stakeholder pages.
  • We use "namespaces" as the way to group pages for a specific knowledge base such as OnTrackMississippi Stakeholders KB. In this example all pages able to be seen by OTM stakeholders will be in a namespace OTMStakeholders.

Why Security is Important

  • We often are given information that has political or commercial implications for the person who supplied the information. This information has to be recorded in our internal KB in order for us to have a clear understanding of the problem and solution scenarios for subjects and goals.
    • But, in the stakeholder KBs this sensitive information is either not published or is handled diplomatically
      • If you have questions on this, please seek the advice of your associated facilitators.
  • At some point we also may monetize certain non-proprietary information, information not told to us in confidence.

Our Core Principles and Ethics