Libre Home strive to achieve maximum level of security and privacy protection.
We design a custom security model that is optimal for both residential and enterprise users.
- User and group, group is a list of users
- User and group may have special privileges
- User and group may have access permissions to system objects
- Logical Devices
- A user inherits privileges and permissions of all groups the user belongs to.
- Residential setup can have 3 groups:
Access is granted on per device bases, which can be easily added or removed by the admin.
Icons marked red are with super user (administrator) privileges.
A user or group may have special privileges.
- System Admin - Super user. A super user has maximum privileges.
- Add Device - The user/group can add new devices to system.
- Add App - The user/group can add new App to system.
- Add App Task - The user/group can add new App Task to system.
- Add Scene - The user/group can add new Scene to system.
- Add User - The user/group can add new user to system.
- Account Enabled - The account is enabled.
If this flag is unchecked, user will not be able to login to the system.
**Note if a group is disabled, all members (including indirect members through nested sub-groups) will be denied login.
If a user belongs to two groups, and one group is disabled, the user will be disabled, even though another group is not disabled. “Account Enabled” flag is more stringent than other flags.**
It is recommended to assign special privileges to a group. It is more efficient because all users/groups within the group will inherit the privileges.
A privilege may be displayed grayed out. It is because the user/group inherits that privilege from parent groups.
User/Group may have a list of access to other objects, such as devices, apps, tasks, and users.
- For devices, get status
- For other objects, know the existence
- For devices, control
- For tasks, turn on/off
- For users, send messages
- Remove; user can remove this object from system
- Config; user can manage the object
- For devices, change attributes
- For tasks, edit the task arguments
- For users, change user attributes; for groups, edit the group members
It is recommended to assign accesses to a group. It is more efficient because all users/groups within the group will inherit the accesses.
An access may be displayed grayed out. It is because the user/group inherits that access from parent groups.