CISF Security Portal Architecture

  • Article

Syam Babu Pinnaka here. I am a developer on the Information Security Tools team.

Later today well release our Community Technology Preview or CTP of the Connected Information Security Framework or CISF. This is an early preview so developers folks can understand what “could” be built using CISF and understand what we plan to release in a few months. The CISF portal is one component of the framework and is designed to host various custom security applications and ‘widgets’. It’s design and code is based on the excellent ASP.NET project Drop Things. It is designed as a three tier application with UI, business logic tier and data access layers. The following diagram depicts different layers and major components in each layer.

image

Data access Layer:

SQL server 2008 is used to host the data. The data access layer contains a data access helper class (DatabaseHelper.cs) to facilitate accessing the data from SQL server 2008. This data access helper class in turn uses Enterprise application blocks data access application block. All data access is controlled through stored procedures which allow calls from specific service accounts.

CISF Portal physical data model:

The physical data model that describes the CISF Portal data is illustrated in the following Database model diagram:

image

PortalUsers: This table stores the details about application users who have visited the CISF Portal. User details like Name, alias are stored in this table.

WidgetInstance: WidgetInstance contains the instances of widgets for each user.

Widget: Widget table contains the master data of all widgets available for Portal users.

AuditTrail: this table is used to capture all activities of users for application auditing purpose.

Activity: This table contains the Master data of all activities that can be performed by a Portal user.

Clustered index is used on fields that increase continuously. E.g., auto number integer fields. Because SQL Server physically arranges rows in the database file based on a clustered index field, if we choose some fields that do not continuously increase, it will lead to heavy page fragmentation.

Foreign keys are non-clustered indexed because they are not added as increasing values.

Business Layer:

CISF Portal business layer contains Portal façade and CISF Widget framework. Façade design pattern is used to create a helper class PortalFacade which is used to handle various user actions. Each user action is mapped to a method that responds to that action. For example when a user wants to add a new widget, a method “CopyWidgetInstance” will take care of creating the widget, positioning it properly on the page and configuring the widget with the default value. Two primary user workflows that are handled in Business layer are as below.

New user visit scenario

NewUserVisit is used to handle first visit of a new user. The operations involved in creating the first visit experience for a new user are as follows.

  1. Create a new user.
  2. Create default widgets for this user and add them to the list of widget Instances.
  3. Construct an object model that contains WidgetInstances, Widgets and associate them with this user.

Return visit of an existing user scenario

GetUserSetup creates a composite object named UserWidgetSetup that holds the user’s settings and widgets for this user. The Default.aspx gets everything that it needs to render the whole page from UserWidgetSetup.

Widget Framework

Widget framework contains the declaration for IWidget and IWidgetHost interfaces. These interfaces will help building custom widgets and hosting them in CISF Security Portal. For full details about Widget framework, Please see my previous blogs posts at https://blogs.msdn.com/securitytools/archive/tags/CISF/default.aspx

UI Layer:

Portal UI layer contains Default.aspx, WidgetContainer, Widget(s), Navigational manager and Widget manager.

Default.aspx contains a Portal header with links to sitemap, help etc. Navigational menu is right under header. This menu is easily customizable with two levels menu items. First level menu items are Portal specific and second level menu items are application specific. In addition there is a right hand menu to show application specific menu items. All the menu items can be controlled through CISFPortal.sitemap file. Adding/removing items to menu is just about editing the .sitemap file.

The content area of defalt.aspx contains widget container which in turn contains multiple widget host controls. Each widget host control contains a widget. All the widgets are displayed in a three column panel controls. Each columns width is about 33% of available horizontal space. All the user actions in each widget are handled through IWidget, IWidgetHost interface implementations. Detailed information about widget framework and how to create new CISF portal widget can be found at https://blogs.msdn.com/securitytools/archive/tags/CISF/default.aspx

Features provided with CISF Security Portal are as below.

1. Easy to customize Navigational menu

2. Hosting platform for multiple application

3. Widget framework: To allow create and add widgets.

4. Add/remove widgets

5. Sitemap

This is just a high level overview about CISF Portal design. We are currently working hard on the beta release which will include a full UI makeover, security sandbox for widgets and applications, dynamic application loading and many more “under the hood” architectural issues. 

 

Stay tuned.

 

- Syam