Security Model
From WeAreOnWiki
One of our chief concerns at WeAreON is to guarantee the privacy of the user data. The WeAreON clients analyze the computers where they are running and can potentially submit a vast amount of information to our hosts. The aggregation of this data in our servers can be extremely useful for our users, but a potential security risk if it falls in the wrong hands. We will ensure that the data remains visible only to authorized persons.
Contents |
Data Ownership
When a WeAreON client is first installed, the private information it generates has no owner and cannot be seen by anyone (not even the person that just installed the software!). Users can claim ownership of the record entering their user name and password as described in the Win32 Service Application instructions. These sensitive details are stored in the local system using strong cryptography, and the validation of name and password with our hosts is always done using secure transmission methods, such as HTTPS.
Once this validation has happened, the data is permanently linked to the user account. Users are able to delete every trace of their presence in our hosts, removing the data records they own if they delete their account.
Our users own their data.
Private vs. Public
The default state of a data record is private, which makes it unavailable to any user except the owner or any other users that have granted read-only access. The owner of a record can also make it public, and let all users of the website (registered or not) view the details. This blanket permission is set in the Own Systems area of the website.
Individual User Grants
The owner of a data record can also share it with other users, granting them read-only access on an individual basis. The Own Systems page allows users to manage the permissions, granting or revoking access at will.
Data Visibility
The first column in the WeAreON Systems List shows the visibility rights that the current user has for every data record:
- Owner means that the current user owns the data record.
- Granted means that the record belongs to another user, who has granted read-only access to the person viewing the page.
- Public means that the owner of the data has decided to make it freely accessible to all users, registered or anonymous.
- Private means that either nobody has claimed ownership of the record yet or its owner does not want to make it visible to the person viewing the list.
