MeatballWiki | RecentChanges | Random Page | Indices | Categories

The inverse of AccessLevels, instead of access based on class (see ClassStriation), FunctionalAccess is access based on role. That it is, not every civil servant needs the ability to read your tax records. Only a certain set of those in the tax department do.

FunctionalAccess breaks the system down into a set of functions. For instance on a wiki those could be reading, editing, searching, access to the site logs, etc. Each member of the community has a different access level (usually "ALLOWED" or "DISALLOWED") for each function. These can be twiddled on or off as necessary for the person's intended role in the system.

Most FunctionalAccess systems work best when all citizens have a basic set of abilities they all share. Most of the additional abilities should be maintenance roles (and thus unfun) which are given to people along the lines of PeerPrivilege. The remaining set of privileges are administration roles, the ones with real power like the ability to kick a user out. Those should be given away with great care for they are easily abused. Especially if access becomes a competition as this system can certainly encourage. In this manner FunctionalAccess can become a form of ClassStriation.

The most common instance of FunctionalAccess in OnlineCommunities is a binary separation of programmers from non-programmers (often with a single GodKing as programmer). In MUDs the programmers are the wizards. FunctionalAccess becomes AccessLevels.

FunctionalAccess is most flexibly implemented as AccessControlList?s such as favored by many for controlling access to file systems (see OperatingSystemSecurityForCommunitySecurity).

Can you point to some things that use FunctionalAccess as opposed to AccessLevels? Or is this more of a useful rule of thumb to use when setting up AccessLevels?

Maximus BBS v. 3.0 used to offer both AccessLevels and FunctionalAccess if you configured it in just the right way. I've seen (RPG) MUDs like this too. I mainly think it's a better idea that fits better with the privilege-by-role system we have in the RealWorld.

[HardSecurity] CapabilitySystem


MeatballWiki | RecentChanges | Random Page | Indices | Categories
This page is read-only | View other revisions | Search MetaWiki