1. Technical Field
The present application relates generally to an improved data processing system and method. More specifically, the present application is directed to a system and method for providing multi-level security filtering of model representations.
2. Description of Related Art
A systems architecture framework is a mechanism by which to specify how to organize and present the fundamental organization of a system embodied in its components, their relationships to each other, and to the environment and the principles guiding the system's design and evolution. Many different standards have been developed for defining such systems architecture frameworks.
The Department of Defense (DoD) of the United States (U.S.) government, for example, has developed the DoD Architecture Framework (DODAF) which defines a standard way to organize an enterprise architecture or systems architecture into complementary views. All major U.S. government DoD weapons and information technology system procurements are required to develop and document an architecture using the views prescribed in the DoDAF. While it is clearly aimed at military systems, DoDAF has broad applicability across the private, public, and voluntary sectors around the world and represents only one of a large number of systems architecture frameworks. DoDAF is especially suited to large systems with complex integration and interoperability challenges and provides unique “operational views” detailing the external customer's operating domain in which the developing system will operate.
Similar to DoDAF, the United Kingdom (UK) Ministry of Defense has developed the UK Ministry of Defense Architectural Framework (MODAF). MODAF, which is built on DoDAF, defines a standardized way of conducting enterprise architecture and provides a means to model, understand, analyze, and specify strategy, acquisition, capabilities, systems, systems of systems, and services. The purpose of MODAF is to provide a rigorous system of systems definition when procuring and integrating defense systems. More information about MODAF may be found at www.modaf.org.uk.
A new international OMG open standard, referred to as the Unified Modeling Language (UML) Profile for DoDAF/MODAF (UPDM), provides an industry standard representation for Architecture Framework Models (including DoDAF and MODAF) through the OMG standardization process based on a model-driven architecture (MDA) approach to specification. UPDM is built on UML and Systems Modeling Language (SysML). More information about UPDM may be found at http://syseng.omg.org/UPDM.htm.
Within these systems architecture frameworks, modeling languages are often used to represent the models of a particular concept, organization and/or system. For example, the Unified Modeling Language (UML), officially defined by the Object Management Group (OMG), is often used to provide models of organizations and systems. UML is a standardized general purpose modeling language that includes a graphical notation used to create an abstract model of a system, referred to as the UML model. In UML 2.0 there are 13 types of diagrams that are supported. These 13 types of diagrams are categorized as structure diagrams, behavior diagrams, and interaction diagrams.
The structure diagrams emphasize what things must be in a system being modeled. The structure diagrams include a class diagram, component diagram, composite structure diagram, deployment diagram, object diagram, and package diagram. The behavior diagrams emphasize what must happen in the system being modeled. Behavior diagrams includes an activity diagram, state machine diagram, and use case diagram. Interaction diagrams, which are a subset of behavior diagrams, emphasize the flow of control and data among the things in the system being modeled. Interaction diagrams include a communication diagram, interaction overview diagram, sequence diagram, and UML timing diagram.
Various types of applications and user interfaces have been developed to aid users in generating such models of systems and organizations using modeling languages such as UML. Typically, these applications and user interfaces have a graphical aspect as well as many different types of interfaces for obtaining and inputting information about the various objects and entities in the various diagrams of the UML model. For example, Rational Software Architect (RAS), available from the Rational Software division of International Business Machines Corporation, of Armonk, N.Y., provides a comprehensive modeling and development environment that leverages UML for creating architected C++ and Java2 Enterprise Edition (J2EE) applications and web services. Rational Software Architect is built on the Eclipse open-source software framework and includes capabilities focused on architectural code analysis, C++, and model driven development (MDD) with UML for creating resilient applications and web services.
While such tools provide users with an excellent way in which to develop applications using a MDD approach, their implementation in environments where security of information contained within the models, such as in DoD environments, may be less than desirable. That is, UML models, developed by or accessed by such tools, are typically represented by structured documents, such as Extensible Markup Language (XML) documents or the like. Once a user is able to access the XML documents, the user is able to access all of the information for the various objects and models contained within that structured document. Thus, there is no ability to provide fine tune control of security within a UML model of a system. It is an all or nothing approach, i.e. the user is either able to access the entire model of the system or is not able to access any of the information in the UML model. This can be troublesome in environments, such as the DoD, where many different levels of security access are required and various individuals of different security levels may be working on the same system or project.
In an effort to provide additional granularity for controlling access to XML documents, the Extensible Access Control Markup Language (XACL) was proposed. XACL is a declarative access control policy language implemented in XML along with a processing model describing how to interpret the policies set forth using the access control policy language. XACL allows XML documents to be defined in such a way that access the XML documents may be controlled based on access control policies and access levels assigned to users. While XACL allows for simply hiding entire elements of the XML documents, XACL does not provide mechanisms to control elements, mechanisms to identify relationships between elements, or mechanisms to perform replacement or substitution of elements.