• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

design a flexible application security

 
Bernie Gu
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am designing a project with Swing GUI, hibernate persistence, MySql database.
But I don't have a clear blueprint of the security system. If you can give me some opinion or give a example or open source software's URL), I will appreciate it very much.
*********************************************
In my opinion, the security management system should have several entities: User, Role, Function(Read, Update, Delete functions of a GUI window), Resource(some special entities,like a people's Card).
The according tables will include:
User(id, name,....);
User_Role(userId, RoleId);
Role(id, description, ....);
Role_Function(roleId, functionId);
Function(id, windowsName, readUpdateDelete, resource)
Resource(id, resources(vector of Integer, which is used to mark entities's identity))
The relationship is:
User n<----->n Role
Role n<----->n Function
Function 1<----->1 Resource
 
Ilja Preuss
author
Posts: 14112
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What are your requirements? Where are they coming from?
 
Bernie Gu
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I want to set up a flexible security(permission) management system which can be suitalbe to any CRM or ERP's requirement. Is it possible?
I have studied some open source softwares, such as sourceforge's compiere whose architecture is user,role,Access. But I can't find its all source codes and can't know how it runs.
Maybe SAP or Sieble have their own solutions. Can anyone give me a suggestion? I will appreciate it very much.
Thanks for your time.
 
Frank Carver
Sheriff
Posts: 7001
6
Eclipse IDE Python C++ Debian Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I want to set up a flexible security(permission) management system which can be suitalbe to any CRM or ERP's requirement.
First, a warning. Attempting to design any sort of general-purpose solution is almost guaranteed to prduce a poor result if you don't already have experience of designing at least one (and ideally more than one) specific solution first. Please, please consider producing a solid, simple, specific, security subsystem for some real project first.
If you really need to make some sort of general solution, you need to do a lot of research, and even then you'll likely produce an unwieldy, bloated and fragile solution simply because you don't have enough experience of the domain to weigh up the thousands of tiny choices you will have to make during design and coding.
Start by looking at some theory, for example: http://www.cap-lore.com/CapTheory/ , http://www.opengroup.org/security/gsp.htm . These are sites I found in just a few minutes of googling, you'll need to find more. You should really look up some academic papers, too.
Then look at some implementations. You'll probably need to browse some CVS repositories if you want to study open source software, so get comfortable with that first. Be critical, consider the strengths and weaknesses of the choices the other developers made, decide whether you agree, justify your decision, keep notes.
Finally, you can start designing and coding. But make sure that you build a test and measurement framework as you go, so when you have to make a choice about how to do something, you can be as informed as possible. Do experiments - try things and measure the results, run load tests and concurrency tests, throw things away if they are not right.
But please, if at all possible, practice on a simpler, more constrained solution domain first; learn what works and what doesn't; get a "feel" for what's important.
Good luck.
 
Stan James
(instanceof Sidekick)
Posts: 8791
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've usually done well enough with your first two levels:
User n<----->n Role
Role n<----->n Function
with "function" defined as "anything one user can do that another cannot". Given a large and complex set of rules, this can get to be an administrative headache!
I'd also try for a single security api that tells me if user x can do function y. With that abstraction, you can change implementations behind the scenes without disrupting the rest of the system.
I agree with Frank that this is a critical area, easy to mess up, done well by others, and some research or a buy-vs-build study is in order. For example, if you are doing a web app, a security filter like Netegrity might be a perfect solution for global authentication and page-level authorization.
 
Bernie Gu
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for Frank and Stan's advice.
In fact, I have researched the access controller for a long time.
Although I have successfully implemented some simple security systems as Stan said(User-->Role-->Function(whether readable or writable in a specifical window or URL)), I can't satisfy the new requirement coming from my current project. Because there is only windows access here.
I want more types of Access, for example, data access, form access and work flow access. So I design to add a Resource(include a scope object) class to bundle with Function. I wish it can been a reasonable patterns. And I will learn what works and what doesn't in the feature.
 
Frank Carver
Sheriff
Posts: 7001
6
Eclipse IDE Python C++ Debian Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
OK. I'm slightly puzzled that nobody seems to have included the idea of a "group" yet. The most flexible access control systems I have seen have included both user-groups and role-groups. Something like:
<pre>
user or user-group (n : is in : n) user-group
user or user-group (n : has : n) role or role-group
role-group (n : includes : n) role or role-group
</pre>
If that makes any sense.
For a slightly contrived example, here at the Ranch:
user (Frank Carver) is in user-group (sheriffs)
user-group (sheriffs) is in user-group (bartenders)
user-group (bartenders) is in user-group (known users)
user-group (bartenders) has role (move posts in own forum)
user-group (sheriffs) has role (move posts in any forum)
user-group (known users) has role-group (write posts)
role-group (write posts) includes role (post a message)
role-group (write posts) includes role (edit own post)
So to find out if (Frank Carver) can edit this post, the system needs to traverse the network of relationships until a match is found. eg.
(Frank Carver) -> (sheriffs) -> (bartenders) -> (known users) -> (write posts) -> (edit own post).
For any particular application, a system like this might be too much, though. If you only have a small number of users or roles it might make more sense to just list all the user roles and live with the redundancy and complexity of updates if/when things change.
 
Junilu Lacar
Sheriff
Posts: 17644
300
Mac Android IntelliJ IDE Eclipse IDE Spring Debian Java Ubuntu Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The book "Secure Coding" has a good high-level coverage of the many different considerations that you'll have address.
 
Stan James
(instanceof Sidekick)
Posts: 8791
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Bernie, I had Function instead of your Function-Resource just to simplify things. If resource is not always needed, you may run into some complexity around when to use it and when not to. I can cheat and make my "function" arbitrarily detailed, perhaps naming it "function.resource" when I need the resource level of detail, and naming it "function" when I don't. I can even add more "function.resource.action" if it seems necessary. I'm having a lot of trouble making this make sense - did that parse for you?
I made my point about administration headaches because they have hurt us. It gets to be a real burden to ask user admins to manage many levels of things with multiple many-to-many relationships. I'd probably "denormalize" the ideal model to make it easier on the admins.
I liked the suggestion about group - if it applies to you. For my main application, group is a reporting structure and has little to do with priviledges, so I left it out. If you have globs of roles that usually come together, group may be a good level to model.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic