Security

Elephant security system is used to isolate contents based on user granted permissions. The content is generated at server side based on this security system.

Basic security points

  • User passwords.
  • User social group syndication.
  • User roles, mainly granted through social groups.
  • User permissions, defined by roles.
  • User fuzzy roles, discovered by user activity.
  • Conceptual permissions, related to entity's components and module specific.

Passwords

Elephant uses a symmetric cipher with a unique key pair, to produce the ciphertext to be stored.

Before stored, the application measures the password strength and shows the result as a percentage. The rules for measuring the strength are:

  • for length: [...4] = 3, [5...7] = 6, [8...15] = 12, [16...] = 18
  • has lowercase: = 2
  • has uppercase: = 2
  • lowercase > 2 and uppercase > 2: = 2
  • for numbers: = min{number, 3} * 2
  • lowercase > 2 and uppercase > 2 and numbers > 0: = 2
  • for special characters: = min{specials, 3} * 2
  • lowercase > 2 and uppercase > 2 and numbers > 0 and specials > 0: = 2

isInRole method

Elephant provides isInRole convenience method to check user assigned points. The method takes as string parameter with a permission checking syntax.

The scripts also provide a facade map named rolemap. The checking syntax will be rolemap['root:permission'].

See [ Social groups, Permissions, Scripting, Actors, Concept permissions ]

Printer version
English03/17/21 04:15Lluís Turró Cutiller
English11/21/21 16:31Lluís Turró Cutiller
English01/14/22 12:43Lluís Turró Cutiller
English06/26/22 17:02Lluís Turró Cutiller