6.9 Ownership

Full ownership is to have all rights to an entity. Physical ownership is generally defined as both exclusive rights and control over a property. It includes both possession and control, and title which is the right to possess. In this model, full ownership of a data entity can be stored as a triplet of the owner persona, the entity and the set of all operations on it:

Full Ownership = (Owner, Entity, All Operations)

Full ownership lets the owner use it as they wish. Yet this right is also a data entity in itself that can also be given away.

   Owned entities can be given away. That I own a car for example also lets me lend or even transfer my ownership to another when I sell it. Likewise, the author who writes a document and owns it can give it away to a publisher. Or one can give away some rights, as letting a friend view your profile gives them view rights. In information terms, giving away a right is an act upon the right itself. A meta-right then is the right to allocate entity rights:

MetaRight = (Owner, Entity Rights, Allocate)

Allocate is the operation of changing the right to an entity. The logic is exactly as before, except now the data entity acted upon is a right. The meta-right to an entity is the right to allocate its rights to other persona.

   Meta-rights. Fully owning an entity includes the right to give away rights such as view or edit. A meta-right is the right to change who holds the rights to it. Does this then imply meta-meta-rights? Or meta-meta-meta rights? Such an endless iteration contradicts the information level requirement that every program must halt, i.e. not run endlessly. To avoid meta-meta-rights, a meta-right is the right to allocate all rights to an entity including the meta-right itself.

   The owner of a data entity has control over it. If the registered owner of a car lends it to an adult who runs a red light, the charge is against the driver not person who lent the car. In general, the person in control of a thing is responsible for it, and for a data entity that is the person who can edit it. The person who can change a post owns it in the sense that they are responsible for its effect on others. Likewise the owner of a space is the person who can change it by creating objects within it. In this model, the owner of an entity is the persona who can edit it.

   The administrator of a data entity has the meta right to it. For example, renting a physical apartment gives a tenant control over it, but the landlord retains the meta-right to re-allocate the apartment, so they can ask a tenant to leave. The tenant owns the apartment in that they control it, but the landlord administers it in being able to allocate rights. In this model, the administrator of an entity is the persona who can re-allocate its rights, e.g. a system administrator.

   The above give the access control rule:.

Rule 8. The administrator of an entity can re-allocate its rights and the owner can edit it.

Physical world tenancy agreements usually require pages of text but in the information world giving another control over your data means giving them edit rights but keeping the meta-right. Thus one can delegate ownership but remain the administrator of an entity. However to give away the right to delete an entity lets another destroy it along with all rights, including the meta-right, i.e. giving away the delete right gives away administrative control, giving a corollary to Rule 8:

   Corollary. The administrator of an entity cannot give away the right to delete it.

An administrator who wishes to let another delete an entity must give them the meta-right, i.e. make them administrator’

In conclusion, the owner of an entity who by definition can edit it is directly responsible for it, while the administrator who by definition can allocate rights such as edit is indirectly responsible for it. In full ownership, one person both owns and administers the entity.

Next