Software, technology, sysadmin war stories, and more. Feed
Thursday, July 25, 2013

Some half-baked thoughts on scoped sharing

Recent developments in the news have me thinking about information classification. There's the whole compartmentalized thing, top secret, and all kinds of other codewords and other labels which come up depending on the context. That's all well and good for government agencies and companies, but what about individuals and their personal data?

There's a term from the world of NTP which comes up when configuring time synchronization: stratum. The actual clock devices or receivers are thought of as "stratum 0", and the number only increments from there. Stratum 1 is a system connected to a stratum 0 device. Stratum 2 is a system which is synced to a stratum 1 system, and so on down the line.

It seems like some of this might apply to the notion of sharing online. I came up with a possible starting place for describing this.

"Level 0" in this scheme would be the data itself: something you know and keep in your head. You haven't stored it in any computer system as far as you know.

"Level 1" could then be that same data, but now it lives in your own personal computer. This is a client-only system like a laptop or maybe even a tablet if that's the way you roll. No other people have access to it.

"Level 2" extends this concept a little further. Now it's also on your own personal server which is also accessible by others. This might be a dedicated server somewhere in the world, a VPS, or maybe even some kind of server software running on your little bitty plastic consumer router box. The point is: you control the server.

"Level 3" then goes beyond that, and it's when you park the data on someone else's server. You don't have admin powers on it, and are just a user as far as they are concerned. There are access controls on this, so you can say that person X can see it and person Y can't, but you're ultimately trusting that the server's code is solid and it's managed competently... and ethically, for that matter.

At "level 4", you're still hosting it on someone else's server, but now there are no access restrictions, or nearly none. Anyone who wants to see it can get to it. This might happen if the security fails at level 3.

I'm not quite sure what happens after this. There might also be some other states which I forgot about, and these five numbered levels might need to be spread out to accommodate them. This is not meant to be an exhaustive list, but rather a suggestion to get people thinking about the notion.

There's one other state which occurred to me: "level null", or "nil", or your favorite "not-really-a-value" value. This is when you don't even have the data in the first place, so you can't store it anyway or give it away, for that matter.

In practical terms, level 0 might be an idea for a post I think of while out in the world and don't write down or type in anywhere. Level 1 could be when it transfers to a local plain text file. Level 2 could be when that idea gets fleshed out and turns into a real post online, since I run this server. It just goes on like this.

Sharing doesn't have to be all-or-nothing.