From Starships to Systems: Access Modelling

Science Fiction

I’m pretty sure many of you are aware, but I’m a big science fiction fan. Star Wars, Star Trek, Babylon 5, Battlestar Galactica, Altered Carbon, Firefly, The Expanse, I could go on. I love the future look at humanity, how different authors see different parts of us magnified as we move towards a world that is older, presumably more knowledgeable, and decidedly more powerful. 

One of the things that you almost never see (unless it’s a plot point. I’m looking at you, Deep Space Nine) is how the future controls who can access what. People sit down at consoles, they start hitting buttons or light panels or typing in midair, and immediately things start to go off. Lasers are fired, warp cores are breached, music is played in the communal lounge, hatches are opened, whatever. Things just seem to happen. Unless suddenly people have been denied for plot reasons (I picked on DS9 but it happens in a lot of these shows), “access denied” might as well be “moonbeam particle defibrillator” for the number of times you actually see it happen. It just doesn’t. Yet presumably, with the power to destroy planets (or at least their own starships) at their command, you don’t exactly want the new lieutenant to have the same access as the seasoned admiral. 

So how do they do it? Retinal scans and instant DNA analysis? Voice modulation? AI-based behavioral analysis? Well, actually, most of that is about determining who someone is. That’s the “are you who you say you are” question of identity and while it’s an important one (and another one that seems to get fooled only when it’s a plot point), it’s not the question we’re really asking here. The question really is: “assume you are who you say you are. What is it that you’re allowed to do?” 

Now, in sci fi we’re presumably dealing with a futuristic set of computing with processing power the likes of which we have never seen. Assuming for a second that they have near god-like ability to process who the person is and match it up with what they can do, we’re still not seeing the kind of behavior we see in our own computing, where we go to do something and get the inevitable “I’m sorry Dave, I’m afraid I can’t do that” messages. So, what gives? 

Thinking of the future

I think that in the future, if we can’t do something, we’re not even going to be given it as an option. When lieutenant Dave sits down at a console, he only gets options on his futuristic iPad that he is allowed to do. Immediately, before future Dave can even click on a button, he’s presented with just the things he needs at just the right time, and he can perform those tasks against only the people, places, and things that he’s allowed. So, even if future me wanted to, I couldn’t generate an “access denied” – nothing I click on and no action I launch is prohibited because prohibited things aren’t visible. And when I become Captain Dave, I automatically get access to new things that go along with my new Identity. 

The future is now

This idea – only presenting to people the actions and targets that they’re allowed – is at the heart of Access Modeling, an approach to security that connects people, objects, and tasks in an identity-driven way that gives people the right access to the right stuff by limiting the actions and the targets to those that are allowed. No more greyed out menu items, big red no messages, or 403 errors. When you click on your task, it executes, end of story. 

This is done by giving the security team a powerful new set of tools that matches actions with objects. Powerful filtering options ensure people only see the users or computers or file shares or whatever they’re manipulating that they’re allowed to change. Tasks or actions are similarly filtered and controlled with an identity-driven security system that matches people to the tasks you want them to have and no more. Once executed, the security context of the actor is manipulated behind the scenes to get the job done with the necessary credentials, and feedback is provided to the actor to ensure they know the job is done. From the user’s perspective, they’re getting their job done. 

From the security team’s perspective, however, things are quite different. A lot better, in fact. The user is divorced from the security context they need to do work, so access controls are centralized. If they can’t do it, it’s not an option. Nobody sees usernames and passwords because they’re never given to them, they’re safely in a vault and only used once the system determines that the task/object pair is appropriate. Everything is logged centrally, any errors are recorded and when they occur, they’re brought to the attention of someone who can do something about it – not the original user in most cases – and dealt with by folks with the right knowledge and experience. In short, while it’s done to make our users’ lives better, access modeling also makes our company more secure. 

Access Modeling is a modern approach to ensuring that once we know you are, you can do only those things you should. I can’t wait to see what the next futuristic advances we’ll be making. And if you’re curious what I’d like to see done, well, I wouldn’t be averse to a personal levitation belt that meant I could safely experience tall, open spaces without feeling vertigo. 

Make it so.