Saturday, December 15, 2007

security model

I was thinking about the security model for Flip the other day. As I have it currently, the security is maintained as a part of the file itself. But I need to re-examine whether the security should be part of the file itself, maintained separate from the file, or whether the user should be provided the option to decide where the login and password is maintained. Part of the consideration has to do with Leitner tracking.

Leitner tracking is a model whereby the memorization of a concept is quantified with boxes (or buckets to use a development term). Once a concept hits or exceeds a certain threshold, the concept is considered memorized. Answering the concept or card correctly advances the score for that concept towards the memorization threshold, while wrong answers decreases the score away from the threshold (or resets the score to zero altogether). More advanced models provide means to customize the incrementation and decrementing associated with correct and incorrect answers as well as set the thresholds for what is considered memorized. I still need to design the Leitner tracking system for Flip.

Maintaining the tracking file for each user has its advantages and its disadvantages for both inside the file and outside the file. If the file is maintained inside the file, then the Leitner tracking can be maintained as the file is moved from one computer to another, but the file size gets larger, quicker. If the file is maintained outside of the file, then the file size doesn't grow too large, too quick, but the tracking resides on one computer and you lose that tracking if you use the file on another PC. The best option is probably to maintain the tracking in an online repository so that the file size does not grow too large and the tracking can be accessed from one computer to another. This might even lend itself to online accounts individuals can create where their tracking, results, and analysis is maintained. The accounts could also have online communities dedicated to certain topics and offering online help in those areas of study. It wouldn't be necessary to use the application, but it might be an added benefit that some people would be willing to pay a little extra for.

I had to authenticate my computer for using SalesForce at home today. It finally dawned on me how useful that is to prevent hackers from stealing a password and using it from their computers. It's definitely a model worth following when I finally put together my company. I'll have to ensure that logins are people's email addresses the way SalesForce does. The more I think about the Software as a Service (SaaS) model, the more I like it.

Labels: , , , ,

posted by bylaw @ 10:00 PM

0 Comments:

Post a Comment

<< Home