Elephant Security System is used to isolate contents based on user granted permissions. The content is generated at server side based on this security system.

Basic security points

• User passwords.
• User social group syndication.
• User roles, mainly granted through social groups.
• User permissions, defined by roles.
• User fuzzy roles, discovered by user activity.
• Conceptual permissions, related to entity's components and module specific.

Passwords

Elephant uses a symmetric cipher with a unique key pair, to produce the ciphertext to be stored.

Before stored, the application measures the password strength and shows the result as a percentage. The rules for measuring the strength are:

• for length: [...4] = 3, [5...7] = 6, [8...15] = 12, [16...] = 18
• has lowercase: = 2
• has uppercase: = 2
• lowercase > 2 and uppercase > 2: = 2
• for numbers: = min{number, 3} * 2
• lowercase > 2 and uppercase > 2 and numbers > 0: = 2
• for special characters: = min{specials, 3} * 2
• lowercase > 2 and uppercase > 2 and numbers > 0 and specials > 0: = 2

isInRole method

Elephant provides isInRole convenience method to check user assigned points. The method takes as string parameter with a permission checking syntax.

The scripts also provide a facade map named rolemap. The checking syntax will be rolemap['root:permission'].

See [ Social groups, Permissions, Scripting, Actors, Concept permissions, Superuser ]