ACCESS CONTROL STRATEGIES FOR COORDINATING TEAMS OF SOFTWARE ENGINEERS

Abstract

The difficult-to-achieve goal of a software project manager's access control policy is to help coordinate the work of the team members — to maximize cooperative access to project artifacts such as source code while preventing interfering and destructive forms of access. Solutions to two problems that arise from current approaches to access control are discussed: • How much information about the software being built is needed to develop and support effective access control strategies? • How can access control strategies be applied not just to the work of programmers and designers, but to all members of the software project team? A key element in answering these questions is a model of software in which each component has separate specification and implementation. This model further distinguishes structural from behavioral aspects of a specification. An access control framework which exploits these distinctions and relies on the structural (but not the behavioral) facet of specification is explored. The framework supports a number of different access control policies. The specific policy selected depends upon management's objectives in coordinating programmers and other members of the team such as technical writers. The combination of the software model, a developments environment that is based on it, and a flexible access control tool that supports many feasible policies can result in a greater degree of team members' concurrent access to components without the problems often associated with such access.