Upload
jonah-phelps
View
213
Download
0
Embed Size (px)
Citation preview
Computer Science 490.002Topical Paper Presentation #15
Zach Sloger
The Secure Blackboard Pattern
Secu
re B
lackb
oard
Patte
rn –
Pag
e 1
The Secure Blackboard PatternBy
Jorge L. Ortega-ArjonaAnd
Eduardo B. Fernandez
The ProblemHow to address the handling of shared resources by multiple entities while maintaining the security of the shared resource.The Secure Blackboard pattern offers an enhanced version of the Shared Resource pattern with the addition of security features.
Secu
re B
lackb
oard
Patte
rn –
Pag
e 2
Similar to the use of semaphores and mutexes in systems programming, resources need to be protected not only from corruption and integrity challenges, but also from unauthorized or unprivileged access.For example, other students shouldn’t be able to access your COUGARNET account, but System Administrators would need access in certain situations (i.e. “I forgot my password.”)
The Secure Blackboard PatternThe Knowledge Source sends requests to the Control to perform an operation on the Blackboard.The Control handles these requests by first authenticating them using the Authenticator and Reference Monitor.
Secu
re B
lackb
oard
Patte
rn – P
ag
e
3
The Control performs these operations (read, update, etc.) in accordance with their Role and records the activity using the Secure Logger.
Real-World Application – Punch clock systemThe various staff
(managers, employees, system admins) make requests via a Terminal or Workstation to read or update the Clock Database.
Each staff member is allowed access to certain operations determined by their assigned Role (user, manager, or system admin).
Secu
re B
lackb
oard
Patte
rn –
Pag
e 4
The Control class handles these requests which first have to be authenticated and verified and finally logged.
Secu
re B
lackb
oard
Patte
rn –
Pag
e 5
Real-World Application – Punch clock system AdvantagesNo staff member is allowed to access the clock database without first going through the control class via a workstation or terminal.
This means that every request made to access or update the clock must be authenticated and verified before it is performed.
The clock database is kept secure by the introduction of roles. For example an employee cannot alter the time punches, only punch in and punch out, but a manager can make edits to the database.New role types can be added dynamically. For instance, a payroll type that can only read the database and not make updates.
Pattern AnalysisThe Secure Blackboard Pattern becomes invaluable as networked computing environments continue to rise.With the advent of distributed computing, cloud computing, and the increase of reliance on databases the need for data security and the means for determining different access privileges is crucial.
Secu
re B
lackb
oard
Patte
rn –
Pag
e 6
The Secure Blackboard pattern provides a repeatable solution for a shared resource that can be accessed by multiple entities whom can be added dynamically with varying levels of access as determined by their roles.