User:Mstone/Commentaries/Infrastructure 1: Difference between revisions

From OLPC
Jump to navigation Jump to search
m (New page: == Proposed Requirements == ; Data integrity : It should be possible to verify the integrity of reference documentation on an independent system booted from read-only media. ; Timely acc...)
 
mNo edit summary
Line 7: Line 7:
: Failures of otherwise critical pieces of OLPC infrastructure should not inhibit timely read or write access to the reference documentation.
: Failures of otherwise critical pieces of OLPC infrastructure should not inhibit timely read or write access to the reference documentation.


; Credential rotation
; Access credentials
: When people leave the VIG, it should be easy to remove their access to secrets created after their exit.
: When people leave the VIG, it should be easy to remove their access to secrets created after their exit.
: If people ever leave the VIG non-amicably, it should be possible to quickly update important secrets throughout the OLPC infrastructure.
: If people ever leave the VIG non-amicably, it should be possible to quickly update important secrets throughout the OLPC infrastructure.

Revision as of 17:57, 20 August 2008

Proposed Requirements

Data integrity
It should be possible to verify the integrity of reference documentation on an independent system booted from read-only media.
Timely access
Failures of otherwise critical pieces of OLPC infrastructure should not inhibit timely read or write access to the reference documentation.
Credential rotation
When people leave the VIG, it should be easy to remove their access to secrets created after their exit.
If people ever leave the VIG non-amicably, it should be possible to quickly update important secrets throughout the OLPC infrastructure.
Publishability
Secrets should be carefully separated from public knowledge (e.g. with encryption or quarantine) so that everything else can be published.