Google’s Ingenious Wave Security Model
Here’s a very interesting article by Jason kolb http://jasonkolb.com
Reading through the Google Wave specs this weekend, I realized that Google has really accomplished something wonderful with the security model baked into the Wave protocol. (Not the CLIENT, specifically, but the extensions Google made to the XMPP PROTOCOL.)
Usually security is done one way, in just about every application on earth: you create the thing you want to secure, whether it’s a file, or an email, or a piece of content, or a financial transaction, then you find a security button somewhere that usually looks like a big lock or something:
You click that button, and from there you can select the users who you want to have access to your thing. This is all fairly standard, and there are very few deviations from this. Entire companies have been founded to make this process a little less painful.
I don’t think I’ve ever looked at an application’s security model for the first time and thought “wow, that’s really easy”, which is the way EVERY feature SHOULD be.
Until now, that is.
Reading through the Wave protocol specs I realized that they kind of changed the workflow for applying security to things. Instead of setting security as a separate operation, the security for a Wave is constructed as the wave is being used.
Security in a normal application is very disconnected from the act of using the thing you’re securing.
With Wave, however, you add people as they’re needed. The act of adding somebody to the conversation grants them permission to operate on the Wave. You can break off into sub-Waves (”Wavelets”), and give people access to just those as well, by adding them to the sub-wave instead of the main wave.
It has the effect of creating functional user groups on the fly, moving individuals in and out of the group as needed by creating new wavelets. As opposed to the typical model of preconfiguring user groups and tweaking them as needed.
I think you could call it “participatory security” versus the old “administrative security” model. The whole idea seems kind of a “duh” item in retrospect, like all great ideas I suppose.
I was just very impressed with this as it’s the first common-sense and intuitive way to handle object security that I’ve ever seen. It’s going to be such a great fit for the enterprise that I seriously cannot wait to begin using it myself in an application. I’ll be interested to see how this model ends up either competing or integrating with Microsoft Exchange. If they’re smart, Microsoft is watching this VERY closely.
I have lots more to say on Wave, but suffice it to say that I’m very keen on the security model it employs, and will be rooting very hard for it. It’s a nice simple and elegant solution to what’s been a pain forever.