Article

Access Denied: How Source Network’s ACPs Make Data Management Easy

// July 08, 2024

The security and management of an organization’s user data is a primary concern. Not only do companies have an ethical - and often legal - demand to ensure it is safe, but user data as a resource has become incredibly valuable in the modern digital economy - a trend that looks set only to increase. It’s no wonder, then, that breaches of user data are becoming a near-daily occurrence. 

And it’s not just small organizations getting breached, but massive corporations holding the data of millions of users. Worse, data storage and management organizations are also being attacked, leading to the data of multiple massive companies being compromised through no fault of their own. That is one of the true threats of centralized data management - that the value of any given business can, simply put, evaporate.

Add in the expensive, bureaucratic and time-consuming matter of legal compliance with jurisdictional data laws, and the result is that the management of user data is one of any modern companies biggest concerns. Centralized data management tools are no longer to be trusted. Incompetence and malfeasance are too abundant. In an AI-obsessed world where every morsel of data is avariciously traded and gluttonously fed upon, companies need new approaches to data management that protects their users, protects themselves and - fundamentally, in a data-driven market - protects their bottom line.

Making Access Control Easy

Source Network’s tools are about giving autonomy, security, and control back to organizations who have endured the status quo for too long. DefraDB is a user-centric database which allows organizations to set up fine-grained access control policies (ACPs) not just at the document level, but at the field level too.

Source uses a relationship-based DQL that extends GraphQL while retaining the core familiarity and usability of that language. This relationship-based DQL allows for ACPs that are more customizable and complex, and allows for permissions that are not just based on broad roles, but on individual relationships in a matrix. These are granular, dynamic, and fit for the purpose of complex hierarchical structures where data management between different agents needs to be pristine.

Why Granular ACPs are Essential

For example, a line manager might need access to their subordinates work performance reports, but not necessarily their payroll details, whilst payroll and HR might obviously need an employee’s tax and social security details, but perhaps shouldn't have carte blanche access to their performance reports. A doctor should have access to a patient’s medical records, while a nurse might only need access to specific treatment profiles contained within it. Neither should have access should a patient’s treatment stop or they change physician, perhaps. Even at the c-suite level, a CEO might want access to all his company’s data, but perhaps specifically doesn’t want access to the user data the company collects due to legal and compliance issues. The list goes on and on. 

How Source Network’s ACPs Work

Managing all these complex access control policies through a centralized role-based system is inefficient, ineffective, and massively prone to security flaws. Source Network’s dynamic, granular ACPs are a far more effective way of managing end-user data. DefraDB manages this metadata, permissions and ACPs in a distributed, decentralized manner. DefraDB pings the SourceHub trust layer, which stores the policy and any updates to it on-chain. Should DefraDB be unable to connect directly to SourceHub, the P2P database continuously syncs up with other nodes, piggybacking their connection to SourceHub, to maintain the state of its permissions using a multi-write-master architecture using Merkle CRDTs. Merkle CRDTs are what enable consistent, decentralized updates across the network. DefraDB is capable of updating access rights - say an employee moves positions within a company - without needing to migrate or change the underlying data storage itself. As data storage is separated from access management, Source is a more nimble and flexible way to dynamically adjust permissions without having to directly interact with the stored data. 

Perfect for Edge Environments

Source Network is thus perfect for setting up ACPs across hugely distributed edge computing environments or DePiN networks. The ACP stored on SourceHub, once updated, propagates changes throughout the network to DefraDB nodes. In case of non-connection to the protocol, DefraDB is able to update ACPs for databases across multiple devices by simply updating their ACP document stored on-chain, which then propagates the changes throughout the network seamlessly. This eliminates the need to update each device in a network individually, with automatic propagation of appropriate access control in a real-time distributed environment. This approach is far more scalable, far more compliant, and far more consistent than current centralized methods. Maintaining appropriate access control is easy even as an organization expands and the complexity of the relationships within it increases.

Putting the End User First

The end-user is also included in this new paradigm. The private key created for users when they sign is the one that controls all data associated with the account, allowing them to specifically invoke or revoke access over the user-data they generate. This doesn’t just mean PII data, but all data created by users through their interaction with a given application or protocol. In this way, the obscene data-harvesting that has characterized the last decade of development on our online information systems can gradually be rolled back, a more sovereign internet can emerge, and data can be given back to the people.

Managing ACPs in an era where data is gold and the rush for it a frenzied scramble is essential. Dynamic, low-latency, scalable, distributed approaches are required. That’s what Source Network is creating, with ACPs deployed on SourceHub ensuring consistent and up-to-date permissions that can be atomically specific without the usual overhead and complexity. Access a new sovereign internet for both your organization and users with Source Network’s tools, and start building the distributed systems of the future, today.

Dive Deeper

// December 17, 2024

Blockchain Doesn’t Mean Decentralization, Distributed Data Does

// December 04, 2024

Forget the Moon, Target the Stars: Why Crypto Alienates Developers

Stay up to date with latest from Source.

Unsubscribe any time. Privacy Policy