Components:
Architectural Access Control
Links
Home
General
What is ArchStudio?
Architecture
Mailing Lists
Getting Started
Download Page
Easy Setup
Setting up Java
Running/Developing
Checkout & Build
Foundations
xADL 2.0
xADL Data Bindings
c2.fw
Components
xADL 2.0
xArchADT
ArchEdit
ArchWizard
File Manager / Invoker
 
Analysis Tools
Tron Framework
Tron vs. Critics
Access Control
 
Product Line Management
Boolean Guard Language
Boolean Eval
  • (String Format)
  • (Symbol Table)
Selector
Pruner
Prune Versions
Selector Driver
 
Product Line Diff + Merge
PLA Diff Document
PLA Diff
PLA Diff Driver
PLA Merge
PLA Merge Driver
Deprecated Items
Critic Framework
Critics Overview
Critic ADT
Critic Manager
Critics (General)
Critic Artists
Critic GUI
Critic Manager GUI
For ArchStudio Users
Tutorials
From Architecture to Implementation
For ArchStudio Developers
Getting Started
Using xArchADT
Using xArchFlatProxy
Hello World C2 Component
EBI Wrapper Mechanism
 
ArchStudio Javadoc
Publications
Publications
External Links
ISR Software Architecture Research
xADL 2.0 Site
Official xArch Site
UCI Institute for Software Research
 

Architectural Access Control

ArchStudio supports editing, checking, and executing architectural access control policies described in Secure xADL.

Edit

You can use ArchEdit to edit the access control policy of Secure xADL. The policy itself is written in XACML.

The recommended way to edit the policy is to use the integrated XACML editor. The editor can be invoked through Archipelego, just right click on a secure component and select Add Policy. Using the editor is similar to using ArchEdit, and the editor understands XACML and Secure xADL.

Check

In ArchEdit, select one interface as the accessing interface, select another interface as the accessed interface, and select check to see whehter the arhictectural access control policies allow the accessing interface to access the accessed interface.

The same operation can also be pterformed through Archipelego.

Execute

You can excute an architecture described in Secure xADL if you launch ArchStudio with a secure architecture evolution manager. Just instantiate the architecture as usual. If any security exceptions occur during instantiation and connection, such as a component has insufficient credentials to instantiate or a connector rejects the connection of a component, these exceptions are reported to Tron.

After an architecture is launched, it executes by exchanging messages. The secure execution of the architecture can be controled through the messaging policies, combining the access control extension and the message rule extension of xADL 2.0.

That's it!

This provides a basic overview of how to interact with the architectural access control feature from a user's perspective. Any questions or comments on this page should be sent to Jie Ren.