User:Infinity Linden/OGP Trust Model
Revision as of 11:00, 11 August 2008 by Infinity Linden (talk | contribs)
Introduction
Security Objectives
Stakeholders and their Interests
- End User
- This is the traditional user of the system. They may be a casual user of Second Life or a corporate user, come to the grid to collaborate on "work" projects. In either case, their interests include:
- credential integrity - "bad guys" shouldn't be able to steal their online identity
- inventory integrity - the system should protect against inventory theft, loss, or usability problems
- specie integrity - the system should protect against loss of Linden Dollars
- system security - use of the Second Life viewer should not place the user's system at greater risk to successful attack
- Content Creator
- These are users who derive an income stream from Second Life. In addition to interests of traditional End Users, Content Creators also have these interests:
- content integrity - content creators want to know that content they create cannot be illicitly duplicated, lost or stolen
- Corporate IT and ISP Operations
- These are the people who maintain networks connecting the client's machine to the network, and in the case of corporate IT operations. they likely manage the user's systems as well.
- 'network security - no system component (client software, agent domain software, region domain software, third party web service) should decrease the general availability, reliability or security of the network
- peer system security - no system component (client software, agent domain software, region domain software, third party web service) should increase the risk of successful attack
- Client Software
- Agent Domain Administrator
- Agent Domain Software / Systems
- Region Domain Administrator
- Region Domain Software / Systems
- Third Party Web Service Operators
- Client
- Agent Domain
- Region Domain
- Region Host
- Second Life User - let me use my object; don't take or copy my object without my permission; don't cause me to break my promises ; don't lose or delete my object; let me examine and modify my object
- Content Creator - preserve my restrictions; let me be paid for content; let me give content away ; let my content propagate widely (or don't) ; tag my objects with a universal and comprehensible ID linked to the real me; let me have some idea how many of my creations exist out there in the world;
- Agent Domain Operator - don't break asset perms; don't spoof me; don't access somebody else's inventory ; don't store unlawful stuff in me
- Region Domain Operator