Fine-Grained Access Control Lists

Types: no tags assigned

Incoming Links
Referenced by	Explore Tricia File and Directory Sharing Hybrid Wiki Collaboration Instant Productivity Gains Personal and Team Blogging Rich Collaboration Capabilities Social Networking Tricia - Hybrid Wikis for Enterprise Collaboration and Information Management Tricia Product Features Tricia System Architecture

Tags: contributors access control acl readers security editors access policies access rights

Tricia reconciles the security and collaboration needs of individuals, communities and enterprises:

Individuals want to freely organize all their content and share some of that content with other members of their social networks (colleagues, friends, project members, ...) within and outside of the enterprise. Privacy of personal content is essential.
Communities form dynamically to achieve a common project goal or to exchange information regarding a specific topic and to make some of this information available to other communities.
Enterprises want to avoid duplication of effort and redundant information storage. They have to protect their core information assets while being able to quickly publish quality-controlled content to a global audience or to specific target groups outside of the enterprise.

As suggested by this description, Tricia is based on the following simple but highly configurable access control policies implemented by fine-grained access control lists.

Each content item has a list of editors that are able to edit it and possibly additional readers that can only view and find it. A content item is a wiki page, a blog entry, or a file.
A reader or editor either is a person (Joe Doe) or a group of individuals (Joe Does Friends, Marketing Staff or Participants of the Product Launch Party 2008). The pseudo-groups Registered Users and Everybody include all authenticated users while the latter additionally includes anonymous visitors from the web.
Readers and editors can also be specified at the granularity of content spaces like blogs, wiki spaces or directories, because it can be tedious to change access rights for each content item. Individual items in a space can define additional editors or restrict the list of readers.
Each Tricia user can be member of arbitrary many groups describing the divisions, project teams, communities of practice and social networks he or she belongs to.
All searches and content operations are access controlled: If a user attempts to read or edit a content, Tricia checks if the contents reader or editor list contains the user itself or one of the groups the user belongs to. All search results (including tag clouds etc.) are filtered based on the current user's access rights.

At the enterprise level this access policy effectively avoids redundant information:

To publish a content to a wider audience, it is not necessary to move or copy the content to another space, but one simply adds individuals or groups to the set of readers.
To work collaboratively one adds individuals or groups to the set of editors of the shared content.

The privilege to create new user profiles, groups, blogs, or wikis can be limited to specific groups within the organization.

Next Steps

Tricia Product Features

Try Trica Now