 |
 |
|
September 14, 2004Using Graphs to Depict Access ControlMost programmers are familiar with the access-control list (ACL) as a datastructure used for authorization. This morning I read an interesting article that describes using a more robust structure called an access-control graph (ACG). The author proposes that we use an ACG instead of an ACL for access control. He believes a graph does everything an ACL can do, offers additional security, and provides other useful features not available in an ACL design. I'm not sure how I feel about this. On one hand pictures are more powerful than words; flat datastructures as depicted by traditional ACLs have a tendancies to get new infosec pros glossy eyed, and are prone to error. Yet on the other hand, I am not sure if the ACG can be used quickly through the "truth table" data checks you can do with an ACL. What do you think? Posted by SilverStr at September 14, 2004 07:31 AM | TrackBackComments
I think it's useless for any system that directs flow in a strong manner - ie. any non web based app. Posted by: Lurene at September 14, 2004 11:00 AMPersonally I prefer a graph over text. I'm a visual learner and tools like Visio help me depict with pictures what I can't seem to do correctly with words. I'm a designer more so than anything else I think. I like to design GUI first when I do an application, and build functionality around that. I do things backwards but then again that's just how I learn and operate. I think both approaches should be used but one could be preferred by the developer. I know I would move to a graph in a heartbeat because I love dropping objects in place and making links. GUIs can be tedious in this manner though, so it'd have to be carefully thought through. If there's a way to use "templates" rather than redo each graph over and over, that'd be awesome. Then you could link graphs together in a hierarchy, much like GPOs are linked in Active Directory. Rather than having one big graph you could break things up into chunks. I honestly don't think the concept will go away despite how things are now. Some people prefer graphs and charts so giving them things they're more familiar with will help everyone out in the long run. Posted by: Jeremy Brayton at September 15, 2004 01:58 PMHaving just spent the better part of an evening working with Cisco/Linux access lists, I'd still say that I prefer traditional text-based line-for-line access lists (that may or not represent things internally using a graph). Graphs complicate things like crazy, more room for bugs, more bloat, harder to debug effective permit/deny settings, and so on. I suppose it all depends on the implementation, the environment, etc. A good traditional ACL system will probably be better then any average graph based system for a long time. Posted by: Wim at September 16, 2004 12:59 AM |
 
My 5 Favorite Books
Writing Secure Code
Secure Programming Cookbook Security Engineering Secure Coding Principles & Practice Inside the Security Mind
My 5 Favorite Papers
Smashing the Stack
Penetration Studies Covert Channel Analysis of Trusted Systems DoD Trusted Computer System Evaluation Criteria NSA Security Recommendation Guides
Archives
December 2005
November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004 February 2004 January 2004 December 2003 November 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 April 2003 March 2003 February 2003 January 2003 December 2002 November 2002 October 2002 September 2002 August 2002 July 2002 |
|
