Hi all, I made a start writing down the security model vsh will get, it's not complete yet, so please read it and comment on it, i'll work some more on it later today. bye, jarl -------------- next part -------------- VSH Security model 9-4-2000 Changelog: 10-4-2000: Jarl van Katwijk, 1st draft text ------------------ Definitions: 1) VSH is implemented by 4 layers, 2) LAYERS are concidered isolated besides the communication api, 3) NODES are the neurons making up subnets and complete structures, 4) SUBNETS are sets of nodes that are clustered for some reason, Layers description: 1) UI, User Interface layer, graphical user front end or batch script. 2) DL, Definition layer, coordination engine for scheduling UI's and partial sharing of structure data. Logs into the BL. 3) BL, Bropkering layer, engine for handling subnets, authentication of DL's and parsing to the PL. Wraps application plugins. 4) PL, Processing layer, holds the nodes, wraps (terminal?) applications and performs nodes processing. Layers communications: 1) UI<->DL communication will go by sockets 2) DL ->BL communication will go though the dl2bl corba orb 3) BL ->DL communication will go though the bl2dl corba orb 4) BL<->PL communication will go by linking the PL libraries Authentication system: 0) Localhost has running VSH core, cq a BL\PL process. 1) UI's spawn a new DL. 2) DL's login to BL by their dlID and blPassword. 2a) The 1st DL loggin into a BL becomes the root DL and has the ability to authorize other DL's to log into the BL. (AddDL();) 2b) All subnets created by a DL are marked by the idDL and have the same login ability (or: idDL+blPassword) as their parent. Subnets can therefor be relocated or mirrored inside a remote BL\PL process. 3) DL's can login to other DL's by dlID and dlPassword. Note dlPassword is NOT blPassword. These are 2 seperate id+password tables. 3a) A DL can only interact\mutate it's 'own' nodes 3b) A DL which is logged into another DL can interact & mutate all nodes of the host DL.