Purpose

Kalivo offers security along two important dimensions:  (1) functional security, which answers the question "who can perform what operation?" and (2) data security, which answers the question "who can view what content?".  This primer address this second dimension, data security.

Methodology 

All security in Kalivo is described using tags (yes, the same tags that use can use to organize and search content!).  Even private interest groups use tags in the background to define their privacy restrictions. 

Securing Content 

By using tags, securing content becomes a very simple operation, simply add the "secured tag" to your conversation, event, poll, etc.  In the screen clipping below, we see the tag "BSGLock" has been applied.  The gold padlock beside the lock name indicates the tag carries security restrictions:

 (Click image to enlarge)

For any subsequent reply, the security settings of the conversation root will hold.  Therefore, if the root (aka beginning) of a conversation is secure, then all replies are.  And vice versa.  Attempting to secure a reply has no effect. 

When creating or editing secured content, you will be warned of the security status.  This is done with an alert message beneath the WYSIWIG editor, as shown below:

(Click image to enlarge) 

Ultimately though, the bottom line for content security:  content without a secure tag = no security for that content

Unsecuring Content 

Untag the content using the blue [x] seen above.  If the blue [x] is not present, you do not have tag removal privileges.

Viewing Content 

Unlike some traditional web pages you may be used to, Kalivo security is not strictly location dependent, it is identity dependent.  In other words, if you can view conversation X on the Community page of your Hub, you'll also be able to view that same conversation in the Recent Widget, Archives, or elsewhere.  The security is dependent on YOU not necessarily where you are. 

As an aside, we say Kalivo security is not strictly location dependent, because in fact Kalivo security can also vary based on your location.  This happens when a menu tag doubles as a secured tag, but this goes beyond the scope of this primer.

Implications and Recommendations 

• Secure tags may be combined.  The resulting privileges will be the restrictive superset of all tags. 
• While the gold padlock acts as a visual cue when tags have security restrictions, only system administrators, moderators, and Interest Group owners can set or view what those restrictions are.  
• By convention, tags used strictly for security purposes have the word "Lock" in them and should indicate what audience they are permissive towards.  For example, "Lock-Customers" would allow customers to view the content along with the normal Hub owners.
  • The BSG Alliance Hub has a tag named "BSGLock".  This tag restricts content viewing and authorship to only BSG Alliance employees. 
  • Other Hubs have similarly purposed tags.
• Interest Groups automatically generate a tag with a matching name.  Therefore the group, "Offerings Portfolio" has a corresponding tag "Offerings Portfolio".  Content tagged accordingly will appear within the group page and through the group RSS feed.
  • The visibility and membership settings affect the tag security privileges.  For example, a "Private" group translates into a tag with read privilege for only that group's members.  The other mappings are beyond the scope of this primer.