tangentalizingly delicious

Monday June 5, 2006

Greg Knauss totally scooped me (be sure to read the successive posts in the series as well), but I swear this was a somewhat originally evolved idea, though influenced by others who may have discussed such things with Greg or at least read his site before discussing it with me.

Anyway, it doesn’t matter, because this is, I think, a good idea, and Greg doesn’t discuss a specific system, just the idea of using tags for security, and having someone as smart as Greg thinking something similar to what I do is something I can only take as a complement. He also doesn’t discuss negation, which is one of the strengths of this I think, but I’m possibly getting ahead of myself.

Anyway, a tag-based security system.

Fairly common place user/group security systems are, well, fairly common. You have an object of some sort, maybe it’s a network resource, maybe it’s a picture, maybe it’s a blog post, maybe it’s a movie file. Whatever, an object.

For whatever reason, you want to limit who and what can access this particular object, so you start defining how that can be done. In the user/group access model, you define groups. Maybe “Accounting Department” and “Information Technology” in a corporate type setting. “Friends” and “Family” are very common in private use type environments, and as Greg notes, they’re pretty much the current standard for social networks.

After defining these groups (or having them defined for you), you can then connect users to them. I hate making names up because I have a fairly obvious bias towards western and especially christian names. Not a bias of preference, just of ignorance. I don’t know many names from other cultures and religions, and besides you’ve all seen this sort of system before, so I’m just not going to bother. You have users, and you assign them to groups.

It’s sort of a burdensome system, and web interfaces add layers and layers of frustration to already poor interfaces. System Administrators must spend just insane amounts of time futzing with their permission systems, I know the few times I’ve had to dip into that world at one of the small companies I’ve worked for I want to murderdeathkill anyone near me.

Anyway, I don’t think this particular model entirely beats that. It might be a little bit easier because I intend to present things as almost entirely text-based but as a developer and someone who is extremely familiar with keyboards and has proven again and again that I have no concept of what regular people like in terms of interacting with computers, I expect there to be all sorts of flaws.

Basically, the point is just to tag users with the groups they’re members of. So, here’s a really simple example in an inconsistance syntax loosely based on set theory. “Users”, I guess, is some sort of magic keyword.

• Users = [Rob, Jen, MomDrimmie, MomMatz]
• Drimmie = [Rob, Jen, MomDrimmie]
• Matz = [Rob, Jen, MomMatz]
• Family = [Drimmie, Matz]

So, a fairly simple setup with four users and three groups.

Lets say, because this originated for me while in discussion of Vox, that I’m talking about a blogging software type system, or other CMS where I’m making a post and want to make it available to a specific subset of people.

If I’m talking about something relevant only to the Drimmie family, maybe pictures from my cousin’s son’s First Communion, or plans to take Grandpa to breakfast on Father’s Day, I can tag the post with simply “Drimmie” and then Rob, Jen and MomDrimmie will have access to the post.

Similarly, if I’m talking about a trip to Uncle Tom’s or getting together for Jim’s birthday, I tag it with “Matz” and again, Rob, Jen and MomMatz have access.

Now, lets say there’s a suprise baby shower for Jen that everyone should come to, but obviously we don’t want Jen to know about (note for Jen: At this point in time I’m not currently aware of any suprise showers, it is a hypothetical). I could tag the post as “Rob, MomDrimmie, MomMatz” to show that everyone but Jen can see it, or I can tag it with “Family !Jen”.

I’m using the exclamation point as a negation operator, which is a programming thing. It probably isn’t the best choice, maybe a minus sign (so, “Family -Jen” ) would be better, but the operator itself doesn’t matter a great deal for my purposes at this point.

For a 4user, 3-group system there’s not much power there, but with complex relationships that most people have it could be something.

I think the only real strength that I’m adding here is negation, which seems to be an important part of a social network. Let the role playing geeks read this post, but not the sport-o jocks. Let my pothead friends read this one, but not the straight-edge girl I want to impress or her friends. Let my family see this picture, but not “My wife’s crazy grandmother who gets jealous if she sees too many pictures of my kids with my family.”