[Sigia-l] Designing a site with restricted content
dbedford at worldbank.org
dbedford at worldbank.org
Thu Apr 7 09:35:01 EDT 2005
All,
The Dept. of Defense has had a robust information security model in place for
decades. They are able to display metadata to let people within the department
know what exists, but to hold the content secure. The intent is that if you
have a need to see content, you can request access. However, if you don't have
any idea what exists, you can never make a request. And, therefore you may
miss content you need. Role based login is implemented at the content object
level rather than the website level.
If you architect your site to require login at the entry point, you have
essentially created a closed website - restricted website. If you have
different kinds of users, this approach to managing audience-based or restricted
content will force you to develop multiple sites. This becomes inefficient and
inelegant very quickly.
This is a fairly simply approach - from a website perspective, it moves you to a
portal model rather than just the architecture of a website. The website is
simply the access point, but no longer the direct content source. Content can
be accessed via the website which is not published directly to the website.
Best regards,
Denise
More information about the Sigia-l
mailing list