Hypergrid Inventory Access

From OpenSimulator

Revision as of 12:30, 14 November 2008 by Diva (Talk | contribs)

Jump to: navigation, search

Contents

Proposal for Restricting Access to Inventory in Open Grids

Problem Statement

Open grids that allow arbitrary people to plugin their opensims pose a serious threat to the security of users' inventories and grid assets. A malicious host can simply copy the entire visitor's inventory, and can even wipe it out. It can also issue a long stream of requests to the asset server, in the hopes of copying as many grid assets as possible.

Analysis of the Problem

The kernel of the problem is that there exists an implicit trust between regions and storage-related servers. This trust comes from Linden Lab's grid architecture, where all regions are run by the same organization that runs the storage-related servers. This trust does not hold in open systems.

Proposed Solution

  1. Make "home" mean a lot more than a place on the map. In an open system, "home" can be the place where the user can safely access her inventory without fear of theft. When users go out of their home regions, access to their inventory (GET) is restricted to only one special folder called "Suitcase". The only items that can be accessed while the user is out and about are those placed in the Suitcase, all other items are refused service. The user should be aware that those items, as well as the attachments the user carries, can be stolen by malicious hosts.
  2. Establish a function for users to be able to specify foreign additional regions that they trust.
Personal tools
General
About This Wiki