Samstag, 27. Februar 2010

MACS, Part 4 - System core security

Now we talk about the security of the system core. System core is the part, connecting both, the control system and the system under control, the architecture picture again:



The system allows to use multiple control systems or systems under control in same connection. Usually there is a single device controlling multiple devices. We just keep that in mind by talking about one control and controlled system.

The system core connects both devices. What are main properties. The connection is directed but broadcasted. The connection is verified – no one can manipulate it. The connection is signed – the person named as operator of the control unit really press its buttons. And finally the connection is secured – the unit under control accepts only access of allowed devices or operators.

The security has two parts, access levels of unit under control and those of the control unit, both configurable by a notecard in the device inventory.

Unit under control

The unit under control supports two access modes and seven access levels for each mode. These access levels control what or who is allowed to send commands.

In the operator mode the identity of the control unit's operator is provved, the device itself has no relevance. In the device mode is the identity of the control device and it's owner is important, the operator is irrelevant.

The exact configuration syntax is given in the supplied notecard. At this place we just introduce the levels briefly.
  1. public access – Command are acepted regardless what or who sent them
  2. owner access – Only the owner can be operator or own the control unit
  3. not owner access – Inverts the owner access: Commands are accepted from every device or operator except the owner or owned devices
  4. group acess – Commands are accepted if the control device or it's operator belongs to same group
  5. not group access – Inverts the group access: Commands are accepted from every device or operator unless it belongs to same group
  6. semi group access – Combines the group and not owner access levels: Commands are accepted  from every device or operator in same group, but not of the owner or owned devices
  7. white listed access – A list of allowed device owners or operator names

Control unit

The control unit supports four levels of device access. They describe who is allowed to touch buttons. If a not allowed person does, the touches and also prepared commands are ignored and not relied to the unit under control.

Every command sent to the control unit takes also the identity of the operator working on the unit under control. To ensure, this identiry is true, in some access levels the operator has to log into the device in order to operate it.

Again, the exact configuration syntax is given in the supplied notecard. These four access levels are:
  1. owner access – Only the device owner may operate it. Logins will not work because of irrelevance.
  2. strict access – Everyone can operate the device, but must log in first. The owner can do every time, others must wait until the current operator logs out.
  3. loose access – Everyone can operate the device after logging in. The current operator must not log out first, the next person can log in and 'steal' that way the control.
  4. public access – Everyone can operate the device without logging in. Logins will also not work. The identity of the operator is replaced by the owner of the device, i.e. the unit under control is told, the control unit's owner is operating it even if that is another person. Important note: If the unit under control checks group or name of the operator, this checks will fail if the control unit's owner leaves the sim.The unit under control will deny the access than.

In the next part

Ok, this was the last post about the theory. Now we need some practice. First we will equip attachments with this system, by using already developed TASC SDK. We take shoes as controlled devices, since the idea of MACS started with a boots controlling HUD. After we seen this in action we will do more: We write own processors and control modules to use MACS for a task far away from controling attachments: We will control street laterns and some other devices simwide, manually and even with a daylight timer.

Keine Kommentare:

Kommentar veröffentlichen