views:

43

answers:

2

I'm designing a document security system. Ultimately, the document breaks down into sections, and then into content elements. Then there's an security id, a GUID presumably, which is associated with the content element. When a user requests the content element, they supply a SID and the system determines whether they're authorized or not. Search results are filtered in the same way.

The system will operate in the opposite direction, too...given a security id, it will generate a navigation bar consisting of the documents that have sections that have content elements to which the user is authorized. Pretty cool stuff.

So I can do all of this so far...what I'm concerned about is that I'm reinventing the wheel here...obviously, I'm borrowing heavily from traditional Windows security, and it has shades of Active Directory. Anyway, I wanted to get some smart opinions on whether there are some existing technologies I can use for this rather than coding it from the ground up.

What I DON'T want to do is use file security, so that's off the table from the beginning. Any other thoughts would be greatly appreciated.

TIA.

CBB

+1  A: 

I'd look heavily into using XACML for specifying your access rules. We use it as part of the Fedora repository system and we are able to do just what you describe using the mechanisms already provided by the software.

alxp
+1  A: 

Here's what I would do before you take another step! Build a threat model - what are you trying to protect the documents from? Who is the attacker? do you care about disclosure? tampering? origination? Once you have a threat model, you can determine if you have the approp mitigations in place. You can start with the Microsoft SDL Threat Modeling tool http://www.microsoft.com/downloads/details.aspx?FamilyID=A48CCCB1-814B-47B6-9D17-1E273F65AE19&displaylang=en

Michael Howard-MSFT