User talk:Jess Key: Difference between revisions
imported>Jess Key (→Security stuff: Here it is) |
imported>Jess Key |
||
| Line 67: | Line 67: | ||
As I remember, you have some graphics we could use for the security token, which is a lemma although I'll expand it shortly. [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 16:21, 7 May 2010 (UTC) | As I remember, you have some graphics we could use for the security token, which is a lemma although I'll expand it shortly. [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 16:21, 7 May 2010 (UTC) | ||
{{Image|Authenticator.JPG|right|200px|A Battle.net Authenticator.}} | {{Image|Authenticator.JPG|right|200px|A Battle.net Authenticator.}} | ||
: Thanks Howard. I think this is the image you were thinking of. It was currently for the article [[World of Warcraft#Security|World of Warcraft]] which has a section on the security aspect provided by its authenticator, however it will be applicable to a couple of other games too. --[[User:Chris Key|Chris Key]] 16:29, 7 May 2010 (UTC) | : Thanks Howard. I think this is the image you were thinking of. I would add it, but I have no idea what to put as a caption. It was currently for the article [[World of Warcraft#Security|World of Warcraft]] which has a section on the security aspect provided by its authenticator, however it will be applicable to a couple of other games too. --[[User:Chris Key|Chris Key]] 16:29, 7 May 2010 (UTC) | ||
Revision as of 11:31, 7 May 2010
Welcome!
Welcome to the Citizendium! We hope you will contribute boldly and well. Here are pointers for a quick start. You'll probably want to know how to get started as an author. Just look at CZ:Getting Started for other helpful "startup" links, and CZ:Home for the top menu of community pages. Be sure to stay abreast of events via the Citizendium-L (broadcast) mailing list (do join!) and the blog. Please also join the workgroup mailing list(s) that concern your particular interests. You can test out editing in the sandbox if you'd like. If you need help to get going, the forums is one option. That's also where we discuss policy and proposals. You can ask any constable for help, too. Me, for instance! Just put a note on their "talk" page. Again, welcome and have fun! Hayford Peirce 17:21, 18 March 2010 (UTC)
WoW
Hello Chris. I just wanted to say you made some nice edits to the WoW page. Thanks for jumping in! --Eric Clevinger 04:37, 23 March 2010 (UTC)
Speedydelete requests
Chris, you should read CZ:Article Deletion Policy#Procedures for deletion marking and deletion to do it right (otherwise, Hayford may ignore your requests). --Peter Schmitt 00:31, 26 April 2010 (UTC)
- Thanks Peter. I thought I was doing, but I'll make sure I re-read that page next time. --Chris Key 06:47, 26 April 2010 (UTC)
- If it is not clear: You put an "unprotected" template on a definition subpage, and you did not point to the talk page you wanted deleted. --Peter Schmitt 07:48, 26 April 2010 (UTC)
Notice: Limited avaliability during May
I currently have two assignments due in on the 7th May and one on each of the 14th, 21st and 27th. I also have to deliver two presentations during this time. Due to this, my time on CZ will be somewhat limited during May. --Chris Key 17:44, 29 April 2010 (UTC)
- In case you have any say on these or future assignments, I suggest taking a look at CZ:Eduzendium. In any case, good luck! --Daniel Mietchen 21:02, 29 April 2010 (UTC)
Citizendium access rights management
Let's use your talk page, since you started the thread on the forum. I will first summarize what I believe are the substantive issues you raise and then give you the chance to respond. I am basing my summary on the forum post you made today, i.e., post on CZ access rights management. Feel free to correct my interpretation of your positions or add to them if I have not summarized them completely. Once we have agreed on the statement of the problem, then we can discuss the approach you suggest.
- The MW software is fully flexible and capable of supporting any group/rights architecture suitable for CZ.
- The existing access rights architecture does not quite fit the roles and responsibilities associated with various CZ governance positions. For example, Constables need to perform certain operations on the wiki, some of which require Sysop privileges, some of which do not. Some rights granted to Constables by virtue of their position as Sysops on the wiki are not useful to them in the pursuit of their Constable role. Creating an architecture that more closely follows the governance structure increases the transparency of access rights management and use at CZ. Furthermore, it is useful to implement fine granularity access control structures that give users only the rights they need and no more. This improves the overall security posture of CZ.
- When CZers without extra permissions observe terms like "Bureaucrat", "Sysop" and "Constable", they may become confused and think, for example, that the Sysop role is identified with the Constable role. They become frustrated when they contact a Sysop, asking them to perform a Constable function and are told that a Sysop does not have the organizational right to preform this function (even if they can technically perform it).
- Since the technology used by CZ to develop and deliver its content is not monolithic (i.e., it is implemented by various software systems that do not interact with each other), we should clarify roles within these software systems by using group names similar, if not identical, to the roles defined within CZ.
Please correct any mistakes I have made in representing your position. Also, if you think I have missed important points or not quite presented them correctly, feel free to modify my description in any way you think is best. Dan Nessett 23:16, 4 May 2010 (UTC)
- Before I respond, Hayford has requested (in the forum thread) that we keep this discussion on the forums not on a talk page. If you wish to move this conversation there, feel free to delete it from here. --Chris Key 23:20, 4 May 2010 (UTC)
Security stuff
I'm coming along the security things you wanted for MMORPG (if I remember the right article). Might be some other video game variants.
- Identification, authentication and credentialing: Add brief definition or description
- Identification (information security): Add brief definition or description
Authentication (information security): Technologies and procedures used to confirm one's identification to a secure information system [e]
- Two-factor authentication: Add brief definition or description
- Security token: A pocket-sized device that generates a device-specific, time-variant authentication code, to be validated by an authentication server in combination with a user ID; the code is manually into a computer session by the user [e]
- Dongle: A hardware device that plugs into a common computer interface, such as a serial or USB port, which serves as an authenticator requiring no human involvement once connected; contains unique identifier but is usually not time-synchronized as is a security token; often used to enforce software licensing [e]
- Credentialing (information security): Mechanisms and processes used to grant privileges, in a secure information system, to an actor who has been identified and authenticated; ideally follows the Principle of Least Privilege [e]
As I remember, you have some graphics we could use for the security token, which is a lemma although I'll expand it shortly. Howard C. Berkowitz 16:21, 7 May 2010 (UTC)
- Thanks Howard. I think this is the image you were thinking of. I would add it, but I have no idea what to put as a caption. It was currently for the article World of Warcraft which has a section on the security aspect provided by its authenticator, however it will be applicable to a couple of other games too. --Chris Key 16:29, 7 May 2010 (UTC)