开发者

Document Security System - Am I Reinventing the Wheel? [closed]

开发者 https://www.devze.com 2022-12-20 02:22 出处:网络
Closed. This question needs to be more focused. It is not currently accepting answers. 开发者_C百科
相关专题:architecturedocument-librarysecurity
Closed. This question needs to be more focused. It is not currently accepting answers.
开发者_C百科

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 5 years ago.

Improve this question

I'm designing a document security system. Ultimately, the document breaks down into sections, and then into content elements. Then there's an security id, a GUID presumably, which is associated with the content element. When a user requests the content element, they supply a SID and the system determines whether they're authorized or not. Search results are filtered in the same way.

The system will operate in the opposite direction, too...given a security id, it will generate a navigation bar consisting of the documents that have sections that have content elements to which the user is authorized. Pretty cool stuff.

So I can do all of this so far...what I'm concerned about is that I'm reinventing the wheel here...obviously, I'm borrowing heavily from traditional Windows security, and it has shades of Active Directory. Anyway, I wanted to get some smart opinions on whether there are some existing technologies I can use for this rather than coding it from the ground up.

What I DON'T want to do is use file security, so that's off the table from the beginning. Any other thoughts would be greatly appreciated.

TIA.

CBB

I'd look heavily into using XACML for specifying your access rules. We use it as part of the Fedora repository system and we are able to do just what you describe using the mechanisms already provided by the software.

Here's what I would do before you take another step! Build a threat model - what are you trying to protect the documents from? Who is the attacker? do you care about disclosure? tampering? origination? Once you have a threat model, you can determine if you have the approp mitigations in place. You can start with the Microsoft SDL Threat Modeling tool http://www.microsoft.com/downloads/details.aspx?FamilyID=A48CCCB1-814B-47B6-9D17-1E273F65AE19&displaylang=en

0

上一篇:

:下一篇

更多 问答 相关资讯:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

关注公众号

热门标签

图文推荐

Delphi - Custom drawing a message list

Delphi - Custom drawing a message list
C++ header-only include pattern

C++ header-only include pattern
IE7 Margin Collapses Into Padding

IE7 Margin Collapses Into Padding
in CoffeeScript, how can I use a variable as a key in a hash?

in CoffeeScript, how can I use a variable as a key in a hash?
Interactive visualization of a graph in python [closed]

Interactive visualization of a graph in python [closed]
How to customise PHP MYSQL tables?

How to customise PHP MYSQL tables?
High quality, simple random password generator

High quality, simple random password generator
Image Recognition ApI in android

Image Recognition ApI in android

开发者开发者网给大家分享系统运维,大数据运维,云计算,编程开发技巧,路由交换,运维和开发相关的资讯及技术文章,同时StackOverflow中文社区,知识经验交流分享。

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,如存在版权或非法内容,欢迎举报,我们将尽快予以删除。邮箱:devze@qq.com

Copyright © 2018-2020 开发者. All rights reserved. Powered by 开发者ICP备案号: 京ICP备10032868号-9