The
simulations | The graphical user interface
The
tutorials | The design | The
reliability
The Access Road software
is an universal simulator of access controls, to improve the
design and the audit of IT security.
There
is a host of changes from the previous 0.6 version, which has a
size of 60 000 lines of Java®
code.
The current 0.7 version has a source code of 100 000 lines. We
prefer introduce the version 0.7 in a coherent view, rather than
enumerate the elementary changes. The improvements are mainly
into the Access Road data model and the search of access paths,
to extend the simulation capacities. Due to the genericity of the
previous version, the software architecture and the GUI remains
almost the same.
The
simulations
Access Road 0.7 provides
the simulation of two great software and one theoretical
application for learning purpose:
as
an example of operating system, the Linux
Ubuntu®
8.04 access controls are
simulated with the file system and the authorization system;
this covers, in an ACS addon (new in 0.7), the
User-Group-Other Linux rights including the inherited rights
from the parents, some Linux kernel capabilities, and the Ubuntu
authorizations on system resources; the POSIX ACLs and the
Netfilter firewall are not covered,
as an example of DBMS, the MySQL
Server®
5 access controls are simulated (new in 0.7); this covers
the structure of components, the MySQL privileges, the priority
rules among the privileges and the privileges inheritance,
at
the application level, a typical large application which follows
the Role-Based Access Control model; this covers the tree of
functional roles, the application transactions, and the ACLs
with granting and denying rights.
By
design, Access Road models varied types of objects and access
controls. It may be customized to simulate many real systems with
their structural properties, their behaviors, their standard and
non-standard components and their rights.
Most
of the object modelings from the previous version have been
extended. The AclEntry may have a simple condition group. The ACS
type policy is more rich. Access Road 0.7 provides complementary
objects as following:
the
typed and the linked privileges (new in 0.7),
the information system (new in
0.7),
the
virtual folders (new in 0.7),
the
aliasing relation (new in 0.7),
the
inheritance of AclEntry and Privilege (new in 0.7),
the
ACS parent roots (new in 0.7).
To
specify the structure and the behavior of a software in a new
ACS, two ways are proposed to the Access Road user without
coding: (1) through a smooth derivation from one current
simulation, (2) by entering all the structural properties by
hand. The ACS components have always to be defined by hand,
except for some default components an ACS may create.
Access
Road 0.7 is able to simulate, right now, a certain variety of
application software. The RBAC model is a good representative of
the application needs. For the other types of software (system
software, network software...), the access control functions and
the structure are often more complex. Every software has to be
studied thoroughly to evaluate the Access Road ability to
simulate it. The source of the data is never the algorithms or
the code of the software to simulate, but its official
description in the user documentation and its behavior, seeing
from an user point of view. The
current 0.7 version has still a long way to go before being able
to simulate the thousand of important software in IT systems.
The
graphical user interface
The
graphical user interface is standardized, easy to use and
versatile. It facilitates both simple and complex works over all
the simulations to handle. It allows the user to study the
details of a complex structure... or the final compliance with a
general security rule. It allows him to work on large texts which
explain a simulation... or on a diagram to catch a result in a
single look.
The
GUI may be customized for a given ACS, but mainly on the
properties the beamer displays. By this way, when the user learns
the GUI for one ACS, he masters it for all. He may then
concentrate his efforts on the behavior of each modeled software.
The
GUI uses a fresh object-oriented framework using multiple
windows, varied kinds of diagrams and textual representations.
The mouse has to use only the left clicking, and it is
straightforward because the GUI automatically adapts the open
windows to the new selected object. All the simulations start
with the creation of an Access Control System (ACS) to model a
given software. The main
features of the graphical user interface are listed hereafter:
the explorer shows in a specific
window the structure, as a tree, of the open Access Control
System (or ACS), the open views and the generic rights,
the beamer window allows to see
and to update the properties of a modeled object, with all the
update constraints coming down from the ACS policy, and it
manages also the specific properties from an ACS addon,
the information system window
displays the tree of all the ACS and the passive nodes the
programs knows, including their parent/child relations (new
in 0.7),
the sketcher window shows quickly
the very near objects of any modeled object, that is, its direct
rights users and access targets, with the relevant rights,
the user-defined full views for
rights simulation, containing from 0 to 48 objects in each view,
to search all the direct and indirect access paths between the
view objects, and to display the paths in the form of a diagram
and a text,
the user-defined NoMore-NoLess
views for the security policy compliance, to display in a
diagram, and for one access target, if a set of rights users
fulfills the maximum/minimum allowed rights on this target,
the
export/import functions to export images and texts from Access
Road in any external document, and to exchange ACS models
between different desktop computers.
Exchanging ACS models is
useful for internal users in a company. In the future, we hope it
will allow to set a public catalog of shared ACS made both by the
developers and the non-developer users.
Unfortunately, the
Access Road files of the 0.6 version cannot be open in this 0.7
version. This is due to the huge extension of the complex ACS
properties.
|
About
Access Road
One-hour
tutorial for learning access controls
Two-hours
tutorial for designing access controls
One-hour
tutorial for verifying access controls
Why
Access Road is unique
Glossary
|
The
tu torials
Three basic tutorials
are the getting-started
documentation. There is no requisite about the skills
to have for following these tutorials. The tutorials use a
balanced approach to learn both the Access Road core platform,
and the use of a given-software simulation, even if you do not
know this software. By the way of a simulated
Linux Ubuntu®
and a simulated MySQL Server®,
the tutorials demonstrates how the generic functions support the
specific features of a given simulation. The tutorials introduce
Access Road from 3 points of view listed hereinafter:
a one-hour tutorial
for learning the access controls
of a simulated Linux Ubuntu®,
and for using the four
main tools: the
explorer, the beamer, the IS structure and the sketcher; it is a
19-pages printable document,
a two-hours tutorial
for knowing the main ACS
properties, for understanding the design of access controls into
MySQL Server®,
and for learning how to
use the Access Road full view;
it is a 26-pages printable document,
a
one-hour tutorial for verifying in a theoritical
Role-Based-Access-Control application, the access controls
compliance with the security policy, for learning the
NoMore-NoLess view and the ACS import/export functions; it
is a 15-pages printable document.
It is strongly
recommended to follow these 3 tutorials in their order of
presentation.
Last but not least,
don't forget the specific tutorials for the ACS add-ons! The
first ones are for Linux Ubuntu and MySQL Server. They are
accessible from the Access Road main menu, at 'Help/ACS addons
guides'.
We hope to bring to you
a powerful, user-friendly, reliable, efficient and scalable
program. Don't hesitate to tell us your personal opinion about
both the concept and the tool.
|
About
Access Road
One-hour
tutorial for learning access controls
Two-hours
tutorial for designing access controls
One-hour
tutorial for verifying access controls
Why
Access Road is unique
Glossary
|
The
design
We think access control
simulation is a worldwide innovation. We are proud to bring in it
as a great free software. Access Road 0.7 is the result of more
than 5 person-years of work to search the best design solutions,
and to develop a code which is fully original. There is no
integration of external code.
The main innovation has
been to study a core platform for handling all the access
controls, able to be derived for simulating the access controls
of a given software. The second innovation has been to present to
the user, the full complexity of rights in, as far as possible,
simple, generic and varied points of view, while a limited
customization offers the best possible explanation about each
specific simulation. The third innovation is an unique
object-oriented database management system, which provides great
performance, integrated integrity controls, extensibility and
scalability.
The Access Road design
is driven by the following principles:
to model first the objects on
which access control applies, then the access controls, and for
that, use some concepts as UserID, GroupID, Resource, Directory,
Access Control Lists, User-Group-Other rights as in Linux®,
Group hierarchy as in a RBAC application, granting and denying
rights, rights hierarchy, rights inheritance...
to model the structure of each
specific software to simulate it as one or several 'Access
Control System' (or ACS) in Access Road, and to model the
internal structural constraints on the key properties of each
ACS object,
to use 8 architectural patterns,
like the access path search pattern and the ACS add-ons pattern,
to master the software reusability, testability, performance and
extensibility,
to design the rights simulator for
detecting all the authorized paths between any given couple
(rights user, access target) from any ACS, and for detecting all
the structural links for any couple of objects, like the owning
relation from an account to a file,
to show the rights simulation into
complementary diagram and text, where the diagram offers a
simplified and visual result, but without never being a
caricature that distorts important things, while the text
explains in details all the results in a standardized form into
which an ACS add-on may insert its own terms,
to update the simulations on the
fly, at each user change on any object property which influences
the current right simulations,
to have multi-threading for the
access paths search, letting the user interacts with the user
interface during the large searches (new
in 0.7); on the other
hand, most of the searches are done in a period of less than one
second, on a medium-size desktop computer,
to
design the ACS add-ons for facilitating the extension of the
Access Road simulations with a minimum effort of Java coding,
offering a great versatility in the choice of the generic
features to adapt to a new simulation (new in 0.7).
|
|
The
reliability
Even
if the 0.7 version is a beta version, Access Road is workable and
reliable, able to help the user for complex works. Errors
should be from the code, of course, but also from the
specification of a given software simulation, or from any user
misunderstanding because the results may be rather complex. The
overall reliability of Access Road is based on the following
principles, trying to cover all these issues:
the object-oriented database
system is isolated from the other code packages, and its code is
thoroughly tested,
this database system ensures all
the integrity controls, coming down both from the general model
and the software simulation model,
the specification of a given
software simulation is done, as far as possible, through a set
of properties the user may consult and study at any time, and
this includes the ACS addon properties,
the code for the generic access
paths search is mainly structured by the ACS properties to
handle; it is tested through a large set of generic ACS and ACS
add-ons to cover most of the ACS properties space,
the access paths search code is
also tested by the comparison of several independently-coded
algorithms (but this is no parallel programming) to search for
the 2-nodes paths, the 3-nodes paths and the more-than-3-nodes
paths,
the user updating is controlled,
and each refusal by the program is explained to the user, with
the true context of the ACS and the implied simulations,
the simulated access paths between
two modeled objects are explained in details in a generated
text, to avoid, as far as possible, any misunderstanding of the
results,
the
specific behavior of an ACS is explained into several beamer ACS
tabs ('Rules', 'See Why') and by a dedicated documentation.
The
simulations | The graphical user interface
The
tutorials | The design | The
reliability
®All
trademarks are property of their respective holders. Copyright
ACCBEE – 22 February 2012
|
About
Access Road
One-hour
tutorial for learning access controls
Two-hours
tutorial for designing access controls
One-hour
tutorial for verifying access controls
Why
Access Road is unique
Glossary
|