- June 4, 2020

Photo by Matt Hardy on Unsplash

The designer must centralize the data into the cloud, preserve the data integrity, and protect confidential data from unauthorized access.

Data location

In the past, data was located on the device. The main advantage is that it works offline. This suits apps that don't need online capabilities, and that will only be used through one device. The data can't be accessed through the Web. As such, it is a simple but limited and rigid solution.

You bring data to the cloud to enable a multi-user and/or multi-device experience. Each user or device can get its data from a single source of truth: the backend server. Interaction between users is never direct and always goes through the server. The server acts as a trusted actor and a data centralization point.

While it may be considered as a single point of failure, the peer-to-peer alternative has a lots of drawback, as well as being non standard and not as straightforward.

Data integrity

Data only makes sense when it keeps its integrity.

Data integrity is the maintenance of, and the assurance of the accuracy and consistency of data over its entire life-cycle.

Read-only data is safe since no change is allowed. Data integrity is threatened when data change is allowed.

As a result, data change should be forbidden by default. It should only be allowed by specific and explicit rules. Those rules will have a limited scope: they allow specific users to alter specific data. Following this principle, data should be read-only by default.

For example, we set a rule that allows a user to edit its own data. That user won't be able to alter another user data since no rule allows for that.

Some privileged and trusted users such as moderators will be the subject of specific rules that grant them additional editing rights.

If data change wasn't restricted, any user could delete the entire data. This would make the data non reliable and useless.

Data confidentiality

Data confidentiality involves the protection of confidential data.

Data should be confidential by default. Access to data must be forbidden unless a specific rule allows for it. This helps prevent unintentional leak of confidential or private data.

When data is deemed to be public or accessible to a user or a group of user, a specific flag will allow that group of people to read it.

Data segmentation and ownership

The concept of individual user or a group of users is only possible through authentication, else, you can't distinguish from a user to another one, as there is only one mass of all the users. The concept of an individual user enables data ownership. Data ownership means some data is linked to a specific user in some way. This enables identifiable user-generated content. This also enables fine tuning read and write access rules.

Authentication can be skipped when the content is public and read-only, as there in no user-generated content, and no specific access-rules.

Authentication can also be skipped when the app is mono-user, as being the only user of the app acts as a virtual authentication.