The NASA Space Telecommunications Radio System (STRS) specification cites a plan for an application repository, similar to an “app store,” but with a wide variety of licensing restrictions on access to different applications, and even different parts of an application package (for instance, wide access to descriptive documentation but limited access to source code). A method is needed to coordinate application artifact storage, license terms, and user access rights.
A relational database entity relationship model has been designed that allows identification of software packages made up of items, identification of groups made up of users, and identification of license documents that allow certain users to have certain access to certain items. The database design is represented in a UML (Unified Modeling Language) diagram, along with a data dictionary spreadsheet. A prototype implementation exists in mySQL, along with mySQL stored procedures for adding entries and determining allowed access.
The database design represents license terms individually for fine-grained access control. The design also stores only location information about where items are stored (such as URLs), allowing the access control database to be separate from the physical data storage, or even for dispersed physical data storage at many locations (or in “the cloud”). As a result, the design is quite flexible for application to different environments.
This work is applicable to the NASA STRS standard development, and to the Space Communications and Navigation (SCaN) Testbed on the International Space Station [also known as the Communications, Navigation, and Networking reConfigurable Testbed (CoNNeCT) project]. In principle, any organization that needs to track license terms and control user access to licensed items could apply the database design.