[Noisebridge-discuss] Ring-based trust/security model

Gopiballava Flaherty gopiballava at gmail.com
Thu Feb 16 02:41:50 UTC 2012


Some sort of guest pass scheme sounds like a good idea to me. Something to make it very clear to newbies that they are there at the discretion of NB. 

Thanks,

gopi at iPhone


On Feb 15, 2012, at 18:26, Jonathan Toomim <jtoomim at jtoomim.org> wrote:

> TL;DR: Let's use a trust ring security model, with levels for Members, Friends, Guests, and Everyone Else. Most privileges are reserved for Guests and above. People who demonstrate hack fu become Friends, and get a key and 24/7 unsupervised access. Guests need to have a Member or Friend sponsor them while they're there; complaints about a Guest's behavior or odor can be passed on to their sponsor, who will likely be more approachable than the Guest. 
> 
> On 2/15/2012 4:51 PM, Jonathan Toomim wrote:
>> 
>> I think we need to redesign and make more explicit the security model we use when dealing with users of NB. I think a ring-based model would be better for us, since a capability-based model would be too complicated and difficult to track. It also seems to be what we are implicitly using right now. 
>> 
>> http://en.wikipedia.org/wiki/Ring_(computer_security)
>> 
>> Currently, it seems we have these rings:
>> 
>> Ring levels:
>> 0:    Members
>> 1:    Non-members with keys
>> 2:    Everyone else
>> 3:    https://noisebridge.net/wiki/85.5        (asked to leave once)
>> 4:    https://noisebridge.net/wiki/86
>> 
>> The requirements for entry into these rings are:
>> 0:    Paying money; https://www.noisebridge.net/wiki/Membership
>> 1:    Being deemed a hacker, and/or being around at the right time
>> 2:    [default]
>> 3:    Being lame
>> 4:    Being evil
>> 
>> Currently, the privileges contained within each ring appear to be as follows:
>> 0:    Member shelves; participating in consensus decisions
>> 1:    Not needing to use the buzzer
>> 2:    Using the space 24/7; using the kitchen; using the refrigerator; reserving use of the kitchen; using the bathrooms; attending classes; conducting classes or meetings in the classrooms; hanging out in the classrooms and not conducting classes; hacking; not hacking; hanging around in the library; discussing the politics of homelessness; using the computers to play Runescape; using the NES to play Wizards and Warriors; buzzing people in; inviting people in; using the laser cutter; using the 3D printers...
>> 3.    Coming to Tuesday member meetings to discuss their status
>> 4.    [empty set]
>> 
>> I don't know about you, but I think that this model is about as secure as Windows XP. Sure, we can keep patching Internet Explorer's security holes as we find them, but as long as we give so many privileges to our regular applications we're gonna have problems. I think we can do better.
>> 
>> Here is what I propose:
>> 
>> Ring levels:
>> 0:    Members
>> 1:    Friends of NB
>> 2:    Guests of NB
>> 3.    Class attendees
>> 4.    General public
>> 5.    Tempban
>> 6.    Permaban
>> 
>> Requirements for being in each ring:
>> 0:    Paying money; https://www.noisebridge.net/wiki/Membership
>> 1:    Vouched for by 1 Member as being sane and competent in hack fu
>> 2:    Sponsored by a Friend for up to 4 hours, or a Member; must wear a label with the sponsor's name and expiration time
>> 3:    Being in the right place at the right time
>> 4:    [default]
>> 5:    Being deemed a jerk by 1 Member or 3 Friends, or being deemed dangerous by anyone
>> 6:    Being deemed dangerous by 1 Member, or being deemed undesirable by a consensus meeting
>> 
>> Privileges within each ring:
>> 0:    Member shelves; consensus decisions; beFriending; unFriending; sponsoring guest-lectures and classes run by non-Friends; unlimited sponsorship of Guests while present; right to arbitrarily boot anyone in ring 1 or above (unless opposed by another Member); right to arbitrarily tempban anyone in ring 2 or above
>> 1:    Key/access code; unsupervised 24/7 access to the space; unsupervised use of expensive tools (e.g. laser cutter); running classes; reserving the kitchen or classrooms; right to create "do not hack" labels (e.g. in refrigerator); booting or tempbanning of ring 2 and above with 2 other supporting Friends; sponsorship of 1 Guest at a time for no more than 4 consecutive hours per Guest; unilaterally booting one's own Guest; buzzing people in (but must check that person's status before letting them roam around the space)
>> 2:    Access to space while a sponsor is present; supervised use of expensive tools; unsupervised use of everything else (including kitchen and computers)
>> 3:    Attending classes; using the bathrooms; limited kitchen access (no cooking or refrigerator access)
>> 4:    Same rights as Guest during Open Hacking hours (e.g. M-F 0900-1700, plus one night a week); otherwise, must be actively supervised by a Member or Friend
>> 5:    Coming to Tuesday meetings to discuss their status
>> 6:    [empty set]
>> 
>> This would put most non-hackers in ring 2 or above. Sponsorship is intended to be casually given; being someone's sponsor is acknowledging responsibility to mediate any disputes that might arise. For example, if Friend Fred sponsored skeezy Guest Scooter, and good Guest Gwen didn't like Scooter, she could take a look at Scooter's nametag, see that he was sponsored by Fred, and talk to Fred about Scooter's status and behavior. Fred then has the option of either mediating the dispute and trying to get Scooter's skeeziness under control, explicitly booting Scooter, ignoring Gwen's complaint, or simply revoking his Guest sponsorship and letting him either find another sponsor or leave.
>> 
>> For becoming a Friend, the "competent in hack fu" requirement was chosen over "interested in learning hack fu" because it's easier       to verify actual hack fu than simple interest, and true interest usually results in at least some degree of competence if it is sustained (unless the person is just dumb, but I suspect we won't want dumb Friends anyway).
>> 
>>     -------
>> 
>> Whatcha think? I don't know if I'll be able to make it to the Thursday discussion group (might be returning to LA before then), so one of you might have to adopt the advocacy of this plan if you like it.
>> 
>> Jonathan
>> 
>> 
>> _______________________________________________
>> Noisebridge-discuss mailing list
>> Noisebridge-discuss at lists.noisebridge.net
>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20120215/ae24f775/attachment-0003.html>


More information about the Noisebridge-discuss mailing list