PHP Implementation of a reference monitor to provide record level access

PHP Implementation of a reference monitor to provide record level access admin 7 October, 2012 - 14:53
If you refer to the classic "design of a reference monitor": To add record level protection to certain tables firstly we're going to use the "interface record segmentation" method, which allows us to provide the authorisation database within the protected subject - it is the subject that becomes responsible for providing ownership, group and protection information. This works well with tables in a database implemented at a low level within the active record implementation, however it doesn't protect the database or entities against direct access via SQL (because that's not what we're trying to achieve, and to do that would require a traditional reference monitor wired in a the driver level). With this approach protected objects need no extra code to support * prevent unauthorised access by providing an ID * filter lists (via DbIterator) to only contain accessible objects * protection against modification of records * protection against deletion of records * granting of access to a record to a user, group or everyhone h3. Description of elements of the ZXAF reference monitor |_<. Element|_<. Description| |Subjects|DbEntity derived items (tables/records)| |Objects|SystemUser derived entity| |Audit trail|Not yet implemented, but will eventually provide a record of all security-relevant events, such as access attempts, successful or not| h2. Implementation overview Added interfaces, namely IControlledObject for a DBentity and ISubject for User To store the data that is required (on record on all protected items) is: * IControlledObject.Protection INT * IControlledObject.Owner INT * IControlledObject.Group INT * ISubject.Group INT * ISubject.Privileges varchar(255) - comma seperated list of permission names h2. Reference implementation * "refmon.php in ZXAF": * "DB Entity.PHP in ZXAF":