RASSP Information Management Appnote

Abstract

In an integrated product development environment which involves several vendor tools, diverse and incompatible configuration management mechanisms and authorization management mechanisms across tools can lead to the inefficiencies in the design process. We describe in this document a common model for configuration management and authorization management that may be adopted by an integrated product development environment. We have specified a common minimal set of configuration management mechanisms that need to be provided by the tools to support the proposed configuration and authorization models. We have completed a pilot implementation of the Configuration management (CM) and Authorization Management (AM) models for the Intergraph Asset and Information Management (AIM) software system. This pilot implementation proves the plausibility and usability of the model.

The RASSP configuration management model supports three types of workspaces -- private, shared, and global. The workspaces are organized hierarchically with global workspaces as the root of the hierarchy, shared workspaces as children of the global workspace, and private workspaces as children of the shared workspaces. The CM model supports three types of versions of design objects -- transient, working, and released. Transient design objects are created in the private workspaces, and when mature for sharing with the other members of the team, are promoted to working versions and checked in to a shared workspace. Once the working version has been thoroughly tested it is them promoted to a released version and checked into the global workspace.

The RASSP authorization management model supports three types of hierarchies -- an authorization object hierarchy, an authorization type hierarchy, and an authorization role hierarchy. The authorization object hierarchy is a composition tree of all the design objects in a project. The authorization type hierarchy is an implication tree, with a node of a certain access privilege implying a set of access privileges below it in the inverted tree. The authorization role hierarchy is also an implication tree with a node representing a certain user role subsuming all the access privileges of the user roles below it in the hierarchy. This hierarchical approach allows an administrator to specify authorizations in a succinct fashion by creating a three-way relationship between a node from each of the three hierarchies.

Purpose

The RASSP tools for information management were used for the RASSP benchmark programs at the Lockheed Martin Advanced Technology Labs. The tools supported a design program involving about ten engineers, and spanned about two years in duration. The metrics we have collected on the design process quantifies the benefits of the RASSP CM and AM tools.

This application note is intended for managers and administrators of design groups who are interested in streamlining the process of building, releasing, and supporting product designs.

Roadmap

1.0 Introduction

2.0 The RASSP Configuration Management Model

• 2.1 Workspaces and Configurations
• 2.2 The RASSP CM Mechanisms
  • 2.2.1 Workspace Functions
    • 2.2.1.1Creating a workspace
  • 2.2.2 Accessing an arbitrary workspace
  • 2.2.3 Accessing child workspace
  • 2.2.4 Accessing the parent workspace
  • 2.2.5 Making a workspace visible
• 2.3 Version Management Functions
  • 2.3.1 Creating a configuration
  • 2.3.2 Inserting data objects into a configuration
  • 2.3.3 Checkout
  • 2.3.4 Checkin
  • 2.3.5 Accessing child version
  • 2.3.6 Accessing the parent version
  • 2.3.7 Naming versions
  • 2.3.8 Retrieving a named version

3.0 The RASSP Authorization Model

• 3.1 Authorization Objects, Types, and Roles
• 3.2 Mechanisms to support the RASSP Authorization Model
  • 3.2.1 Mechanisms to manipulate the authorization object hierarchy
    • 3.2.1.1 3.2.1.1 Creating an authorization object
    • 3.2.1.2 Deleting an authorization object
    • 3.2.1.3 Adding a child to an authorization object
    • 3.2.1.4 Associating data files with authorization objects
    • 3.2.1.5 Retrieving an authorization object
    • 3.2.1.6 Retrieving the children of an authorization object
  • 3.2.2 Mechanisms to manipulate the authorization role hierarchy
    • 3.2.2.1 Creating an authorization role
    • 3.2.2.2 Deleting an authorization role
    • 3.2.2.3 Adding a child to an authorization role
    • 3.2.2.4 Associating users with authorization roles
    • 3.2.2.5 Retrieving an authorization role
    • 3.2.2.6 Retrieving the children of an authorization role
  • 3.2.3 Mechanisms to manipulate the authorization type hierarchy
    • 3.2.3.1 Retrieving an authorization type
    • 3.2.3.2 Retrieving the children of a node in the authorization type hierarchy
  • 3.2.4 Mechanisms to grant and revoke authorization
    • 3.2.4.1 Granting authorizations
    • 3.2.4.2 Revoking authorizations

4.0 Implementation of the RASSP Configuration and Authorization Management Models

5.0 Lessons Learned

6.0 References