Access Road projectAccess Road projectAccess Road is a free software which is defined as a General-purpose Integrated Rights Design Environment (GIRDE). Yes, Access Road "girds" you for the information security fight !
Access Road helps to design the access rights in an information system, by the mean of a both precise and user-friendly visual representation. Its covers all the related topics as the existing resources (files, applications,...), the existing user profiles, the access rules in the system. The required accesses and the access controls are so modeled. Access Road allows to consult and easily understand the logic of access rights.
Information systems are rarely made with only one access control system. With Access Road, the objective is to cover the leading software that implement most of the access functions. It covers access functions, not only access controls, because we need to know what accesses and resources are or will have to be, for designing precisely accounts and access rights. On the contrary of administration tools, Access Road models in detail the resources to be protected and the relevant technical functions that are used, and not only general user profiles that correspond to standard profiles of resource. It covers all aspects of access controls in an heterogeneous information system, and not only IP accesses or mainframe accesses like some tools. Finally, it helps to analyze and compare different solutions of access control in a complex system.
The leading products to model are typically :
Indeed, this is an ideal description. It is not a reality right now ! It simply shows the theoretical perimeter of Access Road.
Practically, the first access control systems (ACS) to be modeled will be Linux/Unix, simple application-specific ACS and any simple ACS as an Ethernet bridge for example. Then are planned Windows NT, Oracle, Apache, CORBA and Enterprise JavaBeans. Access Road is designed to add easily new ACS through the graphical user interface if it is simple, or by the mean of the reuse of generic components for bigger ACS.
Access Road defines dedicated and powerful graphical patterns for visualizing precisely the access functions of every ACS, with all the flexibility provided by those functions. In security too, the devil is in the details ! It draws the access rights in easy-to-use diagrams, always consistent with the concepts. Access Road joints the respective rights of an resource or an account in several interconnected systems. It makes visible the sequence of accesses, of accounts and of rights implied in a communication between separated systems, even when some proxy-like mechanisms are used (as a privileged system service or a firewall, for example).
Several graphic patterns are provided about generic model diagrams. They integrate the semantic differences and the relations between concepts in varied systems. The user can define particular views for filtering and presenting the access control diagrams.
Careful security and system administrators are involved in almost continuous security corrections and patches in their systems. People in the organization changes, and access rights must be adapted. When a new system is deployed, administrators have to understand it quickly for defining access control policy and users rights. The result is most often too general, without a right vision of the application risks and the needs. Sometimes access controls are too weak, sometimes they are too rigid. The worse is when they doesn't go down enough for dealing with the technical risks of the platform, creating an illusion of security.
The context is better when security is analyzed during the project. A specialist of the access policy may work with the IT project team. Its role is to associate access rights to every couple (user profile, functional task). But it is important to have a good knowledge of the access control systems to specify and control the access rights. It is also useful to know the application architecture and its data. Feasibility of the security policy may be validated. Access controls may be tuned. Their vertical consistency may be verified, from the higher conceptual level down to the parameters of each item in every access control system.
So, in large organizations where roles are well defined, the need is to obtain an efficient collaboration during the project between the security policy specialist, the system administrator, the application architect and the developer. In small projects and small organizations, the need is rather to allow the architect or the administrator to integrate access control in the application.
Then it appears that the first need is time for study the security, the second one is knowledge, and the third one is communication. Tools can't resolve all issues, but they can help to reduce analysis time, to increase knowledge in security and communication in IT projects. Visual representation is an efficient mean for providing that. If tools are well designed, they even may suggest that access control is an exciting domain !
There are numerous administration tools for designing and configuring the access rights in a specific software or hardware as a firewall, an operating system as Microsoft's Windows NT, a database management system as Oracle, a complex access control manager as IBM's RACF, or a card authentication system. In fact, every access control manager must have a quite comfortable tool for editing the access rights (or access rules, at a higher level). And most of the leading products in their domains have quite sophisticated tools to manage, modify, synthesize the present access rights.
But all of these solutions can't help to design efficiently the access controls of a system as a whole set. Even for a simple Web server build with an operating system and a HTTP server, it is useful to have a global approach and a detailed view of the access controls both in the two components. Add on the server a relational database and an application with access control functions, and it becomes more and more difficult to provide a consistent view.
Administration suites, centralized directories, Single Sign-On products and PKI systems are examples of solutions that cover all the information system, and provide security-related services. But they are not General-purpose Integrated Rights Design Environment (GIRDE). Some of them are authentication systems in front of access control systems. Some of them manage resources which may have to be known by a GIRDE, and even are access control systems (as PKI systems). Not any are competitors for Access Road, that is rather an useful complement to design the access control services that they offered.
Indeed, there are few true Access Road's competitors that applied the GIRDE concept. Let's take Computer Associates offer as an example. CA have bought in 1999 the Platinum security products, and declares on its Web site : "Platinum Enterprise Security Administration (ESA) helps by providing facilities that allow a single administrator to manage users' security attributes on different systems from a single point. This eliminates the need for multiple administrators to be involved in the task, and ensures that the management of those attributes is consistent across the different systems.(...) Computer Associates' eTrust solutions are built on an open, standards-based common security framework that delivers tremendous additional value through integration (note : eTrust suite contains around ten security products, with ESA) (...) it also enables other non-CA products to integrate with the eTrust suite."
Another known examples are in firewall domain and network equipment. Check Point Software and Axent Technologies frameworks include products for designing and managing rights on a large network with numerous firewall. There is also Security Explorer distributed by Sunbelt Software for Windows NT/2000 permissions administration, or from Symantec/Axent : "Resource Manager for Unix simplifies account administration across UNIX platforms. With Resource Manager you can establish default profiles on your system. Each individual user is then assigned to a group and associated with a user profile describing the user and his access rights to the system or network."
All of these offers deal with administration issues for distributed information systems, but don't help to design these distributed access controls. How to be confident in the access policy, if development teams haven't well understood and correctly designed all the access controls ? Finest access control issues are not administration issues, but rather design issues. Managing user profiles and firewall is not sufficient. The design tool have to model all the resources and the accesses with the true concepts that are implemented in the used products.
So, without true competitors in a to-be-build market where needs seem real, Access Road could be a classical proprietary product. A solid business plan would define how to start with a small team for develop Access Road, and then how to charm investors. The very dynamic market in the software domain would help to do so. In fact, the objective is different.
For putting it simple, since its true take off with Internet and firewall, the security market is driven by marketing and consultant services. The strategy is to build complex products and to sell them as expensive as the first database management systems in 80's. Numerous days of consultancy is almost mandatory to integrate security products in a corporate information system. Heavy, expensive, proprietary, strongly integrated, reserved to experts, that is the approach of main security products in domains as firewall, access controls, security scanners, single sign-on systems, intrusion detection systems, and so on.
And yet, there are true and even vital uncovered needs for information security. Not only in large corporate systems, but also for every small business, and even for every home. Information security is a need for all of us in a computerized society. It is so important, that it justifies the creation of a new international public utility, supported by active volunteers.
Public utility means that these strategic security products must be cheap or unpaid, standardized, resulting of an open work from an large community of unpaid programming people and users, including the IT students. These products will be as simple as possible to be popular. Therefore, they will provide smart relations between use simplicity and systems complexity. The US Free Software Foundation is a good support for such a project. First, because it is a winning approach : GNU/Linux ... Second, an international public utility have to call for programmers and redactors all around the world to work together through Internet. Third, it is a good practice for security software to publish their source codes to ensure their correctness.
I prefer here the FSF approach (http://www.fsf.org) to the Open Source approach (http://www.opensource.org/), because FSF is based on the search of a true developers community and because open source software may be modified then distributed under a more restricted license.
Linux, Apache have been successful first because hundred of programmers meant it strongly, a long time, in the evening and in the week-end... But there are many places, too, for proprietary products coming up as complements of the standard and free ones, above all when popular voluntary participation is not strong enough, and when a commercial market does exist for a creative software.
With Access Road, it would be the case if the editor, for example, of a storage system, an IP proxy or an invoicing application, detects that the access control functions in its product would be better designed by the user administrator with the use of Access Road, and wants to add a model of its product to Access Road ACS models, and sell this model as a proprietary add-in. Why not, if it is not a leading product in the information system domain ?
For doing that, the GPL copyright has to be adapted. There are several ways to be explored :
- use LGPL of the FSF, but it seems to be rather for libraries, not for add-ins,
- complete GPL, like Linux does, with a text as "This copyright doesn't cover the software that is a standard add-in, that follows the add-in architecture of the core GPL-protected software",
- prepare a special license for software editors, with the agreement of the main Access Road project members. This option would allow to partially finance the Access Road project (and the project members, but it would be much more difficult to build up). It could also restrict our personal right to develop an add-in for this specific product in the future (but without restrictions for any developer starting from the GPL version).
The choice is open for the moment, since the add-in architecture is not still coded in Access Road.
Access Road is a proposal for an International Public Utility Movement for a Popular Information Security (IPUMPIS). It is still a quite virtual movement, since it is its first message ! But we will try to "pump out" insecurity from our information systems. Indeed, the work will need light "pumps" to walk on narrow footpaths...
If some Access Road's proprietary competitors appear any day among IDE and CASE editors, it would be great. This new concept will be stronger when multiple offers will exist. There is enough room to move for everybody. But the development of the IT security market is first the sign of an explosion of new needs. This fact is used to promote popular information security which fits to the most fundamental needs.
Professionals of IT projects are the first target. Access Road is a software for IT designers and developers, with both basic or expert knowledge in security. But there are other targets.
Training sessions in information security may use it for accelerate the understanding of both the general access control concepts, and their implementation in varied leading products.
Functional experts of the corporate security policy don't have to be confident with every used product to be able to analyze the access rights thoroughly.
Generalists in security may used it for visualizing the concepts and the implementation details, and even for doing limited maintenance tasks on the access rights models.
Technical experts are rarely experts on every product and every task. They do appreciate to have diagrams to catch all the varied access controls.
In IT projects, Access Road is very useful when it is used as a communication link for design and deployment. It is used by security designers of the new system to dialog with the technical architects, the developers and the integrators. It helps to analyze the required changes in an iterative development approach. So, security may become more popular and well understood among IT project teams.
Access Road has a GPL license from the Free Software Foundation in USA. Access Road is free of charge for its use. Its code source and its documentation are protected to be accessible with no charge by everybody for maintenance and evolution, but without allowing license modifications nor derivation of a proprietary product for external distribution and sale.
The architecture of Access Road and its technical documentation will allow business companies to develop pluggable software for modeling new access control systems (ACS), and to sell them using Access Road as a common platform. Business companies could eventually sell an Access Road maintenance, under the condition that modifications will be published under the GPL license.
As you see, the concept of General-purpose Integrated Rights Design Environment make an open and extensible product. The objective is to create a standard and free product for the most common ACS, and to encourage business world to add more specific ACS.
So, no war of religion here between free and proprietary software. Instead an active will to draw a more funny future, by offering an opportunity both to the IT citizens awareness and the software editors.
Any comments ? send it to the author : patrick.thazard@informaticien.com
Home | News | FAQ | Documentation | Download | Links | Authors All registered names are trademarks of their respective owners.
Last modification of this page : October 5, 2000
© Copyright 2000 TPA Conseil - All Rights Reserved.