Private WIKIs
| (12 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | Besides the two main components composing this platform (the back-end part represented by this wiki, and the front-end for the navigation among contents within the scope of a single-page-application) a third component | + | Besides the two main components composing this platform (the back-end part represented by this wiki, and the front-end for the navigation among contents within the scope of a single-page-application) a third component completing its design is represented by an arbitrary number of private WIKIs where to store all reserved information and to make them ''conditionally'' available on the front-end, for instance to students accessing their own data or the digital representation of their classes, to readers accessing some paid content, and so on: through the combination of a streamlined interface as client<!-- (based on [https://nodejs.org/en/ Node.js], [https://vuejs.org/ Vue.js] and [https://quasar.dev/ Quasar Framework], as well as [https://pouchdb.com/ Pouchdb] for offline navigation)-->, a collaborative wiki for contents intended to the public domain, and an arbitrary number of private wikis managed by the respective owners or by a data controller, every requirement conceivable within the frame of IT, information technology, may be potentially met. |
The overall structure of this platform therefore is expected to be composed by a public wiki at this address (1) | The overall structure of this platform therefore is expected to be composed by a public wiki at this address (1) | ||
| Line 30: | Line 30: | ||
To be noted that '[organization username]' in (2) corresponds to a wiki page of a shared wiki, while '[organization username]' in (4) corresponds to a username used by the [https://developer.mozilla.org/en-US/docs/Learn/Common_questions/What_is_a_web_server web server] to query a specific database (while in (2) the database is the same for all the organizations) so that any related page will reside in a dedicated wiki. | To be noted that '[organization username]' in (2) corresponds to a wiki page of a shared wiki, while '[organization username]' in (4) corresponds to a username used by the [https://developer.mozilla.org/en-US/docs/Learn/Common_questions/What_is_a_web_server web server] to query a specific database (while in (2) the database is the same for all the organizations) so that any related page will reside in a dedicated wiki. | ||
| − | This is an optimal solution in the view of data security, because while [https://www.mediawiki.org/wiki/Category:Page_specific_user_rights_extensions a number of Mediawiki extensions] allow to restrict access to data based on some privileges, they are not intrinsically secure as long as the database is shared. | + | This is an optimal solution in the view of data security, because while [https://www.mediawiki.org/wiki/Category:Page_specific_user_rights_extensions a number of Mediawiki extensions] allow to restrict access to data based on some privileges, they are not intrinsically secure as long as the database is shared or the wiki is public. |
| − | On the other side, <html><span style="font-size: 32px;line-height: 1em;padding-right: 6px" class="BroadcastMatter">Cultura italiana</span></html> offers a model in which a subject requiring the maximum level of confidentiality (taken for granted the value of the information) virtually can manage his own wiki, on his own server, which will be conditionally accessed using specific precautions by a "[https://www.mediawiki.org/wiki/Manual:Bots bot]" ensuring interoperability with the components aimed at processing and conditionally disseminating | + | On the other side, <html><span style="font-size: 32px;line-height: 1em;padding-right: 6px" class="BroadcastMatter">Cultura italiana</span></html> offers a model in which a subject requiring the maximum level of confidentiality (taken for granted the value of the information) virtually can manage his own wiki, on his own server, which will be accessed by a "[https://www.mediawiki.org/wiki/Manual:Bots bot]" (using a model similar to [https://en.wikipedia.org/wiki/OAuth OAuth] used to access user's information by external apps) which will conditionally retrieve only the data intended to be outsourced (for instance paid contents, teaching materials intended to students, and so on) by the data subject. |
| + | <!-- | ||
| + | which will be conditionally accessed using specific precautions by a "[https://www.mediawiki.org/wiki/Manual:Bots bot]" ensuring interoperability with the components aimed at processing and conditionally disseminating the information | ||
| − | On the other side subjects or "users" who do not have | + | On the other side subjects or "users" who do not have --> |
| − | Specifically, at present, dedicated private wikis completely managed by a given subject/organization are being used in order to store all organization's confidential data, like internal timetables, accounting, students, teachers, organization's members information (and more) and a general private wiki managed by only one data controller, is being used to store literary contents not intended to the public domain, and to be disseminated "for profit" : not merely by an economic point of view, but aimed at the increment of knowledge, which does not correspond to the maximization of the diffusion, but by the specific modalities through which the dissemination is performed. | + | However typically a private wiki will be offered within the framework of this platform as a [https://en.wikipedia.org/wiki/Software_as_a_service SaaS] (Software as a Service) i.e., the private wiki will reside at an address like (4), against a subscription fee, while subjects without the required resources (either in terms of knowledge to autonomously manage a wiki system, or economic to outsource the required skills) can send using some secure channel their confidential data (only intended to authorized people) to the data controller <!--responsible of the centralized private wiki at [[https://culturaitaliana.org/private/wiki/culturaitaliana this address]],--> and such data controller will make that information available within terms agreed with the data subject for his/her profit: which is precisely the model adopted by most of Internet services, except that, specifically those "for free", does not pursuit the ultimate benefit of the user. |
| + | <!-- following the instruction of the first on the basis of a model resulting from a joint effort, will, indeed process such data and will make them available in some profitable way. --> | ||
| + | <!-- Specifically, at present, dedicated private wikis completely managed by a given subject/organization are being used in order to store all organization's confidential data, like internal timetables, accounting, students, teachers, organization's members information (and more) and a general private wiki managed by only one data controller, is being used to store literary contents not intended to the public domain, and to be disseminated "for profit" : not merely by an economic point of view, but aimed at the increment of knowledge, which does not correspond to the maximization of the diffusion, but by the specific modalities through which the dissemination is performed.--> | ||
| + | |||
| + | At present (December 2020) we are just testing and refining the private-wikis data structure and integration with the front-end, in order to offer a rich and useful set of features to organizations which will request it (and their users), and we will provide additional details "as soon as possible". | ||
</noinclude> | </noinclude> | ||
Latest revision as of 19:19, 27 December 2020
Besides the two main components composing this platform (the back-end part represented by this wiki, and the front-end for the navigation among contents within the scope of a single-page-application) a third component completing its design is represented by an arbitrary number of private WIKIs where to store all reserved information and to make them conditionally available on the front-end, for instance to students accessing their own data or the digital representation of their classes, to readers accessing some paid content, and so on: through the combination of a streamlined interface as client, a collaborative wiki for contents intended to the public domain, and an arbitrary number of private wikis managed by the respective owners or by a data controller, every requirement conceivable within the frame of IT, information technology, may be potentially met.
The overall structure of this platform therefore is expected to be composed by a public wiki at this address (1)
https://culturaitaliana.org/wiki
which as mentioned will contain in a shared environment an arbitrary number of organizations at an address like (2)
https://culturaitaliana.org/wiki/[organization username]
then by a general private wiki managed by a specific data controller, at this address (3)
https://culturaitaliana.org/private-wiki/culturaitaliana
and then by an arbitrary number of private wikis at an address like (4)
https://culturaitaliana.org/private-wiki/[organization username]
To be noted that '[organization username]' in (2) corresponds to a wiki page of a shared wiki, while '[organization username]' in (4) corresponds to a username used by the web server to query a specific database (while in (2) the database is the same for all the organizations) so that any related page will reside in a dedicated wiki.
This is an optimal solution in the view of data security, because while a number of Mediawiki extensions allow to restrict access to data based on some privileges, they are not intrinsically secure as long as the database is shared or the wiki is public.
On the other side, Cultura italiana offers a model in which a subject requiring the maximum level of confidentiality (taken for granted the value of the information) virtually can manage his own wiki, on his own server, which will be accessed by a "bot" (using a model similar to OAuth used to access user's information by external apps) which will conditionally retrieve only the data intended to be outsourced (for instance paid contents, teaching materials intended to students, and so on) by the data subject.
However typically a private wiki will be offered within the framework of this platform as a SaaS (Software as a Service) i.e., the private wiki will reside at an address like (4), against a subscription fee, while subjects without the required resources (either in terms of knowledge to autonomously manage a wiki system, or economic to outsource the required skills) can send using some secure channel their confidential data (only intended to authorized people) to the data controller and such data controller will make that information available within terms agreed with the data subject for his/her profit: which is precisely the model adopted by most of Internet services, except that, specifically those "for free", does not pursuit the ultimate benefit of the user.
At present (December 2020) we are just testing and refining the private-wikis data structure and integration with the front-end, in order to offer a rich and useful set of features to organizations which will request it (and their users), and we will provide additional details "as soon as possible".