The Hogg Blog : Grid

SOA Symposium: SOA, Software + Services and Cloud Computing

Jason Hogg — Fri, 23 Oct 2009 09:44:00 GMT

I am presenting a discussion on SOA, S+S and Cloud computing later today at SOA Symposium. I have included the abstract for the talk and the slides that will be used in the presentation for anyone interested.

Organizations evaluating Software + Services and Cloud Computing offerings must first have a well thought-out SOA strategy in order to maximize the return on their investment. They must further understand how the Software + Services platform and the related emerging platforms can be shaped with SOA principles in order to establish a sound and standardized services eco-system that can build up on and extend service-oriented architecture implementations. This presentation will describe the relationship between these various paradigms, including detailed discussions of topics relevant to enterprise architects, software architects and infrastructure architects.

SOA Symposium: Understanding SOA Security Patterns

Jason Hogg — Fri, 23 Oct 2009 09:33:00 GMT

I presented a discussion on SOA Security Patterns at the SOA Symposium today in Rotterdam. The abstract fro the talk is included below and the PPT is attached for anyone interested.

Service-oriented solutions are distributed applications and therefore rely on many of the established security controls, practices, and technologies. However, there are distinct characteristics that make services and service compositions special. For example, designing distributed systems that will with greater frequency span organizational boundaries requires architects to understand threats associated with exposing such functionality on potentially hostile networks. This presentation walks through a number of the SOA design patterns that are specific to services, processes, and SOA security in general. In this talk we will introduce and explain these patterns and discuss how they can be applied to establish a secure foundation to service-oriented systems.

Microsoft Azure cloud OS announced at PDC2008

Jason Hogg — Mon, 27 Oct 2008 20:51:00 GMT

I am here at the PDC in Los Angeles having just watched Ray Ozzie and Bob Muglia finally present the next generation of Microsoft's Cloud Services / Software plus Services strategy with the release of our new operating system for the cloud "Azure"!

Windows Azure was designed from the ground up for the needs of cloud based computing models. It includes capabilities such as:

Scalable hosting - from a fraction of a server to many servers
Automated service management - fabric controller manages the health and lifetime of deployed services according to a services model
High-availability - replicated backend storage
Rich developer experience
Open platform - Command line interfaces, REST protocols, WS, Web…

As I watched the presentation it dawned on me some of the parallels between how existing operating systms are designed and the functions that will now be fulfilled by Azure. The diagram below shows a conceptual view of the core layers in existing operating systems, which are typically split between kernel mode and user mode where user applications are designed to be run.

Logically Azure follows a similar model having the Azure OS providing the equivalent of the kernel exept now running in the cloud managing a potentially limitless number of CPU's, memory and disk storage all hosted in the cloud.

Moving up a level we have the Microsoft Azure Services Platform. As with the executive in an OS taking responsibility for security, storage, I/O and IPC; Azure provides a host of similar capabilities. At the lowest level the Azure Services Platform includes support for .Net Services including a Service Bus, Access Control and Workflow Services. It also includes SQL Services. At a higher level the Azure Services Platform includes support for Live Services, Sharepoint Services and Dynamics CRM Services.

In terms of how applications can be designed to run on in this new cloud based paradigm the great news is that it is all through our existing tools and languages - Visual Studio and .NET. At the highest level in the stack where traditionally applications like Office would run, we now have online extensions to these products including: Windows Live, Office Live, Exchange Online, Sharepoint Online and Dynamics CRM Online.

Anyway, this post should introduce you to some key concepts and technologies that I believe are going to be critical to consider as you design distributed applications moving forward. I personally think this announcement and the associated announcements that you will continue to hear over the course of this week is the most significant change in our industry since the release of .NET.

Sample declarative access control policy

Jason Hogg — Wed, 29 Aug 2007 02:29:00 GMT

In my previous post I mentioned that we have now released a parser for SecPAL that allows policies to be written in a human readable simplified English grammar. I thought it might be worth including an example - based on the scenario that was used in the GridToday post on Access Control in Grid Computing Environments which (funnily enough) is very similar to the two pages of F# available here and very similar to the C# sample AttributeScenario solution included inside the v1.1 release of SecPAL.

The sample shows the policies being specified in C# using a similar approach to that you might use to specify dynamic SQL. Such policies could just as easily be read from a file etc. In the future I will provide some more advanced samples - including more discussion about each of the samples - but for now just remember that another of SecPAL's strengths is its ability to create generic access control policies through the use of variables. In the simplified English grammar variables are prefixed by % signs. Variables are substituted for concrete values during evaluation. Enjoy...

using System;

using System.Collections.Generic;

using System.Text;

using Microsoft.Research.SecPal.Authorization;

using Microsoft.Research.SecPal.Parser;

namespace DeclarativeTest

{

class Program

{

static void Main(string[] args)

{

// Input policies

// 1. Policy restricting access to a resource to those principals possessing a valid email address

string resourceAccessPolicy =

"LA says %p can read digitalContent:'file://public/' " +

" if %p possesses %a" +

" where %a matches rfc822Name:'.*@microsoft.com' ";

// 2. Policy delegating the rights to an STS to make statements about possession of email attributes

string trustPolicy =

"LA says K-STS can say %p possesses %a" +

" where %a matches rfc822Name:'.*@microsoft.com' ";

// 3. Identity assertion that would normally be included inside a token when the user requests access to a resource

string identityPolicy = "K-STS says K-JAHOGG possesses rfc822Name:'jahogg@microsoft.com' ";

// Authorization Query

// Query created based on the specifics of the resource access request

string authzQuery = "LA says K-JAHOGG can read digitalContent:'file://public/foo.txt' ";

// Error - keyholder principals are getting recreated each time

Assertion a1 = Interpretor.parseAssertion(resourceAccessPolicy);

Assertion a2 = Interpretor.parseAssertion(trustPolicy);

Assertion a3 = Interpretor.parseAssertion(identityPolicy);

Assertion[] assertionList = new Assertion[3] { a1, a2, a3 };

AuthorizationQuery aq = Interpretor.parseAuthQuery(authzQuery);

Console.WriteLine("Authorization result");

// Make an authorization decision

IList<Answer> answers =

AuthorizationEngine.MakeAuthorizationDecision(new LocalAuthorityPrincipal(),

assertionList,

aq,

new List<AuditRule>());

Console.WriteLine("Answer was " + (answers.Count > 0));

}

Parser for SecPAL simplified English grammar now available!

Jason Hogg — Mon, 27 Aug 2007 00:17:00 GMT

One of the great strengths of SecPAL is its unique support for multiple representations of a security policy; XML for interoperability; and a simplified English grammar for human readbility. The SecPAL v1.1 Research Release (available from http://research.microsoft.com/projects/secpal) allows SecPAL assertions to be created using the rich and flexible.NET object model or deserialized from (or serialized into XML) XML according to the SecPAL Schema Specification (also available at the aforementioned URL).

We have now also created a sample parser that allows SecPAL policies and authorization queries to be specified using a simplified English grammar and then translated into the SecPAL object model. This allows policies to be specified declaratively in a human readable form. The parser is written using F# and uses the Lexx and Yacc tools that accompany F#. Full source code is included - so if you are looking for a good project to start learning F# - or if you want to see a complete parser implementation developed using F# and the accompanying tools then this is a great place to start.

I really enjoyed working on this sample as it gave me an opportunity to learn a lot more about F# - so over the next couple of posts I will share a lot more information on how the sample works including some tips about F# that I have learned. I will also start posting additional additional access control patterns specified declaratively - hopefully making the samples much easier to follow than the more length samples written purely in C# or F#.

The parser sample is available from here: http://www.codeplex.com/secpal/Release/ProjectReleases.aspx?ReleaseId=6667

A Java implementation of SecPAL?

Jason Hogg — Thu, 09 Aug 2007 02:41:00 GMT

Panos, from the University of Newcastle just dropped me a note to say that he is making progress with his Java based SecPAL implementation - which is very exciting. I noticed that he has moved away from XSB and has decided instead to create his own custom datalog implementation - which is very cool - I am sure that took a coulple of very late nights! If you are interested in learning more take a look at Panos' blog.

The IEEE Computer Security Foundations Conference

Jason Hogg — Sun, 08 Jul 2007 03:43:00 GMT

The 20th IEEE Computer Security Foundations conference is underway in Venice at the moment, and our friends from Microsoft Research in Cambridge (Moritz Y. Becker, Cedric Fournet and Andrew D. Gordon) presented the first paper of the conference - based on their formal design for SecPAL. The paper "Design and Semantics of a Decentralized Authorization Language" is of course available from here. I have also included a photo of Moritz presenting which Andy just sent us.

Access Control Requirements for Grid Computing Environments

Jason Hogg — Tue, 03 Jul 2007 20:03:00 GMT

One question I hear a lot is "How does SecPAL compare with [InsertRandomSecurityTechnologyAcronymHere]?". Well the good news is that Marty Humphrey, Sang-Min Park, Jun Feng, Norm Beekwilder and Glenn Wasson from the Department of Computer Science at the University of Virginia have been studying just this question using real requirements from their grid network as the basis for this evaluation. The results of their study have been published in a paper called Fine Grained Access Control for GridFTP using SecPAL.

They have identified and categorized a number of requirements and then performed an in-depth analysis evaluating the extent to which SecPAL (and other security technologies) meet these requirements. They also consider six specific data access use-cases that have been problematic in today’s Grids: attribute-based access, role-based access, “role-deny” access, impersonation-based access, delegation-based access, and capability-based access and show actual SecPAL policies that they used to solve these use-cases.

One of the reasons why I think this paper is so important is that the UVa folks started their evaluation with a thorough understanding of their requirements - and documented them. So if you are in the process of evaluating a new access control solution (or perhaps building a custom access control solution) you will definitely gain by using the requirements in this paper as a starting point for your work.

All in all a really great paper - and the best news is that the paper has officially been accepted for Grid2007 - so if you are interested in hearing more hopefully you will be able to watch the presentation at Grid2007 in Austin Texas.

SecPAL Query Editor Now Available

Jason Hogg — Fri, 22 Jun 2007 01:40:00 GMT

A couple of people have remarked to us that they like the flexibility that SecPAL provides, but feel that it is difficult for people to get to grips with the API's when they first start evaluating SecPAL.

For this reason Lonnie Wall (a consultant from RDA Corp) has just released some sample C# source code for a SecPAL query editor and released it on our SecPAL CodePlex workspace. In addition to providing a GUI based interface to our samples*, the query editor also includes:

A series of task specific wizards for performing tasks such as establishing trust relationships, protecting resources and writing queries.
The ability to review security policies and tokens using our new simplified English grammar.
The ability to load / save your authorization context into XML based on our SecPAL Schema.
A graphical interface for reviewing query results - including direct access to the graphical proof graph viewer.
The ability to review the samples source code from within the editor.

The code is of course just sample, and although it only touches on the surface of SecPAL's capabilities I think it should hopefully provide a good starting point for people evaluating SecPAL. More importantly, it should also demonstrate one approach in which SecPAL could be integrated into products - hiding the complexity of our API's from end users.

The query editor functions best with our v1.1 release, so if you haven't already installed v1.1 download it from here. We are definitely looking for feedback, so if you have any comments / suggestions post them on the workspace. Also, if there are other examples of UI's that you like (or dislike) post some pointers to our workspace so other people can also comment.

* If you haven't had a chance to check our samples out yet - take this opportunity to review them. The samples include common access control patterns such as: establishing trust relationships, audit logging, unconstrained delegation (impersonation), constrained delegation, role exclusion, exists quantification, revocation, role based security, role exculusion, multi-level delegation, two man scenario, user and application scenario and much much more...

Writing SecPAL Assertions In F# - Contd

Jason Hogg — Wed, 20 Jun 2007 19:24:00 GMT

In my earlier post I showed how SecPAL could be used to grant access to a particular user based on a token issued by an STS that we explicitly established a trust relationship with using the SecPAL "canSay" predicate. Now I am going to show you something that I think is really cool - and something that demonstrates the advantage of our underlying Datalog engine. We are going to make three small changes to the code I showed you in the earlier post to demonstrate how instead of an authorization query being used to determine whether a particualr user can access a resource, we are going to ask who all the users are that can possibly access a resouce based on the policies we have defined.

This kind of query is simple for SecPAL. We simply change our authorization query from including a concreate value (LA says jason can read file://public/foo.txt) to a query that includes a variable (LA says %p can read file://public/foo.txt) at which point Datalog will evaluate what all the possible principals are that can read this resource and will then return a list of substitutions. In addition to the substitutions it will also include proof graphs for each possible substitution showing exactly why it is that a particular user could access this resource. Anyone who has used Prolog in the past will likely realize that this is similar to how Prolog works and this is in fact because Datalog is in a subset of Prolog!

Now before you run this code take a look at this and the original resource access policy and decide which of our users will in fact be granted access to read this file. Not all of them will be... and it should hopefully be obvious which one will not be granted access.

In order to make this change three pieces of code need to change:

1. Create additional users - We will create five additional users, four of which are actually the SecPAL developers, and the fifth is not.

// Define the users within the simple scenario
let User1 = KeyHolderPrincipal(new RSACryptoServiceProvider(), "John")
let User2 = KeyHolderPrincipal(new RSACryptoServiceProvider(), "Greg")
let User3 = KeyHolderPrincipal(new RSACryptoServiceProvider(), "Jason")
let User4 = KeyHolderPrincipal(new RSACryptoServiceProvider(), "Larry")
let User5 = KeyHolderPrincipal(new RSACryptoServiceProvider(), "Fred")

2. Issue tokens for the additional users - For this example I am being lazy and simply putting all the claims about possession of attributes in one token. In reality each user would normally be issued their own token.

// Create a Token to identify our Users with 
let token = Token(issuer=PrincipalIssuer(STS),
                  claims=[ Claim(fact=PossessFact(User1, 
                                                  new SecPALAttribute(AttributeType.rfc822Name,@"john@microsoft.com")));
                           Claim(fact=PossessFact(User2, 
                                                  new SecPALAttribute(AttributeType.rfc822Name,@"greg@microsoft.com")));
                           Claim(fact=PossessFact(User3, 
                                                  new SecPALAttribute(AttributeType.rfc822Name,@"jason@microsoft.com")));
                           Claim(fact=PossessFact(User4, 
                                                  new SecPALAttribute(AttributeType.rfc822Name,@"larry@microsoft.com")));
                           Claim(fact=PossessFact(User4, 
                                                  new SecPALAttribute(AttributeType.rfc822Name,@"fred@hotmail.com")))
                                                  ]) 

let tokens = [ token ]

3. Modify our authorization query - We now change the authorization query so that we leave a variable in the query. SecPAL will then determine all the valid users are for this this variable can be unified.

// Create our Authorization Query 
//		LA says %p can read file://public/foo.txt?
let query = AuthorizationQuery
               (expression=AssertionExpression
                   (assertion=AtomicAssertion
                       (principal=ResourceGuard, 
                        fact=ActionFact(PrincipalVariable("p"), ActionVerbs.read, 
                                        Resource(ResourceType.digitalContent, 
                                                 System.Uri(@"file://public/foo.txt"))))))

Writing SecPAL assertions in F#

Jason Hogg — Sat, 16 Jun 2007 02:22:00 GMT

I figured I would try to learn F# over this summer - and thought what better way to start than create a couple of SecPAL samples in F#. I thought this might help people that are interested in learning more about F#, or potentially F# users that are interested in learning more about how SecPAL can be used for access control scenarios. The sample below is simplified version of our classic multi-domain scenario (see here for a complete description). In short we have three parties: A resource guard that is responsible for protecting access to a resource, an STS that is trusted to issue claims about users, and a user that wants to access a file.

In order to support this scenario we have the following assertions:

SecPAL policies

Resource access policy - LA says %p read file://public/ if %p possesses %a where %a match .*@microsoft.com
Trust policy - LA says STS canSay %p possesses %a where %a match .*@microsoft.com

SecPAL token

STS says User possesses rfc822Name:jason@microsoft.com

SecPAL authorization query

LA says Jason can read file://public/foo.txt?

When run the code will output a textual proof graph illustrating exactly what the chain of deductions were that lead to this authorization decision being approved. If you want to use our graphical proof graph viewer take a look at this post. You will have to add an audit policy but that is really straight forward.

The F# code for this scenario is included below. In the my next few blog posts I will show you how to modify this code to do some extra cool things... In the mean time let me know if you have any questions, or if there are any scenarios you would like me to demonstrate.

Thanks to Don Syme and Can Erton of the F-Sharp team for reviewing my code before I released it!

// Title: Simple SecPAL security scenario (F#)
#light
// Update the pointer below to your SecPAL DLL (The SecPAL .NET implementation is available from http://research.microsoft.com/projects/secpal)

#I "C:\Users\jahogg\Documents\Microsoft SecPal Research Release\Bin\Microsoft.Research.SecPal.dll"
#r "Microsoft.Research.SecPal.dll"

open Microsoft.Research.SecPal.Authorization 
open System.Security.Cryptography
open System.Collections.Generic
type SecPALAttribute = Microsoft.Research.SecPal.Authorization.Attribute

// Define the users within the simple scenario
let User = KeyHolderPrincipal(new RSACryptoServiceProvider(), "Jason")
let STS = KeyHolderPrincipal(new RSACryptoServiceProvider(), "STS")
let ResourceGuard = LocalAuthorityPrincipal("ResourceGuard") // ResouceGuard == LocalAuthority == LA

// Define Resource Access Policy 
//		LA says %p read file://public/ if %p possesses %a where %a match ".*@microsoft.com" 					
let claims = [Claim(fact=ActionFact(PrincipalVariable("p"),
                                    ActionVerbs.read,
                                    Resource(ResourceType.digitalContent,
                                             System.Uri(@"file://public/"))),
                    condition=PossessFact(PrincipalVariable("p"),
                                          AttributeVariable("a")),
                    constraint=AttributeMatchConstraint("a",AttributeType.rfc822Name, @".*@microsoft\.com"));
              // LA says STS canSay %p possesses %a where %a match ".*@microsoft.com" 					
              Claim(fact=CanSayFact(STS,
                                    fact=PossessFact(PrincipalVariable("p"),
                                                     AttributeVariable("a"))),
                    constraint=AttributeMatchConstraint("a",AttributeType.rfc822Name, @".*@microsoft\.com")) ]

let policy = Policy(PrincipalIssuer(ResourceGuard), claims)
let policies = [ policy ]

// Create a Token to identify our User with 
//		STS says User possesses rfc822Name:"jahogg@microsoft.com"
let token = Token(issuer=PrincipalIssuer(STS),
                  claims=[ Claim(fact=PossessFact(User, 
                                                  new SecPALAttribute(AttributeType.rfc822Name,@"jason@microsoft.com")))]) 

let tokens = [ token ]

// Create our Authorization Query 
//		LA says Jason can read file://public/foo.txt?

let query = AuthorizationQuery
               (expression=AssertionExpression
                   (assertion=AtomicAssertion
                       (principal=ResourceGuard, 
                        fact=ActionFact(User, ActionVerbs.read, 
                                        Resource(ResourceType.digitalContent, 
                                                 System.Uri(@"file://public/foo.txt"))))))

// Perform our Authorization Query using the Authorization Engine		
let answers = AuthorizationEngine.MakeAuthorizationDecision(ResourceGuard, tokens, policies, query) 
 
// Determine if access was granted
let results = (if (answers.Count < 1) then "Denied" else "Authorized") 

// Print out the results
printf "The result is %s \n" results
printf "Answer count = %i \n\n" answers.Count

// Iterate over the Proofs
for answer in answers do
    // Output variable substitutions
    let subs = answer.Substitution 
    for sub in subs do
        System.Console.WriteLine ("Name " + sub.Key.Name + " = " + sub.Value.ToString());
    // Output proof graphs
    let proofs = answer.ProofGraphs 
    for proof in proofs do
        System.Console.Write("Expression = ")
        System.Console.WriteLine(proof.Expression)
        System.Console.WriteLine("Graph = ")
        System.Console.WriteLine(proof.ProofRoot)

// Press any key to continue (Homer "Where's the any key?")
System.Console.ReadLine()

SecPAL v1.1 Now Available

Jason Hogg — Thu, 14 Jun 2007 03:01:00 GMT

Just a quick note to let everyone know that we have just released a minor update to our SecPAL library. In addition to a couple of minor bug fixes there are two features which I think you are really going to like. The first is an update to our grammar - making it much clearer what conditions and constraints are. The second (which was actually a bug fix) is that our graphical proof graphs now work.

The diagram below shows an example of a (very simple) proof graph which graphically demonstrates the chain of deducations supporting an authorization decision. This is of course very valuable information for your audit logs to support requirements such as compliance etc.

Anyway, you might find the following links interesting:

The download is available from here: http://research.microsoft.com/projects/secpal
Summary of changes: http://www.codeplex.com/secpal/Wiki/View.aspx?title=ResearchRelease1.1&referringTitle=Home
Summary of how to write to the event log, use the event log viewer, and the graphical proof graph viewer: http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId=11187

I have also been working on a couple of F# samples to demonstrate how to call SecPAL from F#, which I will post those in the next day or two. These will also include examples of the new grammar etc.

Enjoy!

Extending Visual Studio - Made Easy

Jason Hogg — Tue, 29 May 2007 08:00:00 GMT

One thing that always amazes me as I talk to scientists and researchers at shows like the recent Open Grid Forum or the last Super Computing conference is the extent to which they have managed to extend Eclipse to provide intuitive interfaces to their work. Up until very recently similar extensions for Visual Studio has required a significant investment in time to learn the VSIP extension API's which many researchers just don't have time to spare, however Pablo Galiano (Pablo has worked on many P&P projects including most recently the Service Factory) has changed that with the release of his VSIP Factory.

At the highest level, the VSIP Factory supports authoring, testing, and deploying (using WIX or standard VS setup projects) VSIP extensions. I sat in on a demo of this work last week and I guarantee you will be impressed. In less than one hour Pablo demonstrated how to create a brand new VSIP package, including several custom forms, wiring them up to menu's and appropriate events within VS, integrating them into the existing VS toolbars (including supporting docking behavior) and even modifying the VS splash screen, all using self-explanatory wizards. Then for the creme de la creme Pablo also shows how to build a similar package using a DSL based designer that he has worked on...

As anyone who has tried to do this with Visual Studio using the VSIP extensions surely knows - this is amazing stuff. So for anyone that is interested in extending Visual Studio I definitely recommend you take a look at Pablo's latest CTP. Enjoy....

SecPAL In The News

Jason Hogg — Mon, 07 May 2007 16:13:00 GMT

In my last post I promised to walk through a demonstration of SecPAL using a scenario that is challenging to implement using current technologies - but simple to implement using SecPAL. As timing would have it, rather than walking through the scenario in this blog, I can instead point you to an article that was posted today in the magazine GridToday. Look here for more information Access Control in Grid Computing Environments.

A couple of other good articles have also been written that you might also be interested in.

Apr 30, 2007 Linux Insider Microsoft Invites Collaboration With Grid Computing Research
Sept 13,2006 eWeek article Microsoft building Security Language for Grids

This timing on this article was perfectly timed as OGF 20 has just kicked off today in Manchester UK, so hopefully this will generate additional interest.

SecPAL - Access Control for Grid Computing Environments

Jason Hogg — Sat, 21 Apr 2007 00:33:00 GMT

It has probably been around 9 months since my last blog release where I described the release of our ASMX Service Factory. A lot has obviously happened since then - including the release of both WCF and the WCF Service Factory. So what have I been doing since that time?

Well, around 9 months ago I was offered the opportunity to work on a project called SecPAL (SecPAL stands for the Security Policy Assertion Language) within a research and incubation team inside Craig Mundie’s organization. SecPAL is a policy language that has been developed to support the complex access control requirements of large scale grid computing environments.

So what kinds of challenges are we focusing on? Here is a partial-list of some of the challenges that SecPAL addresses:

How does an organization establish a fine-grained trust relationship with another organization across organizational boundaries?
How does a user delegate a subset of a user’s rights (constrained delegation) to another user residing either in the same organization or in a different organization?
How can access control policy be authored and reviewed in a manner that is human readable - allowing auditors and non-technical people to understand such policies?
How does an organization support compliance regulations requiring that a system be able to demonstrate exactly why it was that a user was granted access to a resource?
How can policies be authored, composed and evaluated in a manner that is efficient, deterministic and tractable?

If any of these challenges seem familiar, or if you are interested in learning more about SecPAL and how SecPAL solves these challenges you should take a look at our Microsoft Research home page which is located at: http://research.microsoft.com/projects/secpal. The SecPAL Research homepage includes links to the following papers which describe the architecture of SecPAL at varying levels of abstraction.

SecPAL Formal Model ("Design and Semantics of a Decentralized Authorization Language") – Formal description of the abstract types, language semantics and evaluation rules that support deterministic evaluation in efficient time.
SecPAL Schema Specification – Specification describing a practical XML based implementation of the formal model targeted at supporting access control requirements of distributed applications
.NET Research Implementation of SecPAL – C# implementation, C# samples for common authz patterns, and comprehensive developer documentation and a getting started tutorial

The .NET Research Implementation and SecPAL Schema Specifications were posted recently - just prior to TechFest. The .NET implementation is deliberately labeled a “research” release because we are interested in collaborating with security researchers and security thought leaders as they evaluate SecPAL against their access control requirements. This research release is definitely not intended to be viewed or used as product.

If you are interested in learning more about SecPAL I encourage you to first take a look at the whitepaper entitled “A Unified Approach to Trust, Delegation, and Authorization in Large-Scale Grids” also located on our research homepage, and then download our .NET Research Implementation and evaluate SecPAL against your requirements.

The .NET Research Implementation includes substantial developer documentation, including both a getting started tutorial as well as 15 common authorization patterns along with SecPAL implementations. If you don’t see something that meets you requirements, or you have suggestions or comments we would love to hear from you on community workspace. See www.codeplex.com/secpal.

Over the next couple of weeks I will also create some additional blog entries walking you through some of the authorization patterns that we have developed, hopefully providing more insight into how SecPAL works.