General Views versus Object Views

Main Difference

In securiCAD the middle/main area of the program will be the area where you can drop and view objects and their connections. When starting securiCAD you will see a new empty canvas area called “View 1”.

In the chapter “Introduction to IT Security Modeling” we were adding objects to this canvas and made connection between them. We also were dropping objects into other objects to bundle/hide them.

When we double-click to open an object, a new view tab will be shown with the contents of the opened object. This is what we call an “Object View”.

In the above example, I have been using the “note” function accessed via the “diagonal pen” button in the toolbar to create columns and categorize the SoftwareProduct objects.

The Object View of Apache web service

In the above image, we see the object view of the Apache web service object. It shows what objects are contained within the Apache web service object. The object you see in the Apache web service object view are all connected to that object.

The arrows I have added are indicating that I went from the View 1 which is a general view, double-clicked the ServerZone object which gave me the “Object:ServerZone” view and then I double-clicked the Apache web service object in the Linux web server, which gave me the content of that service in an object view called “Object:Apache web service”.

Object views are used for navigating your model structure in a hierarchical way.

No Object Arrows in Object View

Since all objects in an object view are connected to the main object (in this case Service Data, Gen GPL Srv and Service Login are all connected to sshd), only objects that can be connected/added to sshd are allowed here. This means that you can not, for instance, add a Network or Router object here.

Furthermore, when on a general canvas, you can select an object and use the left bound arrow to see connected objects and the right bound arrow to add new objects. This functionality is not available when you are in an object view.

No “Show All Connected Objects” in Object View

The right-click function “Show all connected objects” is also deactivated when you are on an object view.

If it would be possible to show all connected objects, and an object shown in an object view means that it is connected, you would connect all objects that are shown to the parent object (the sshd object in our case), which is not allowed. (Show all connected objects on AccessControl shall show a UserAccount which can not be connected to Host.)

No Hide Possibility in Object View

When looking at objects contained in an object view, the right-click Hide functionality is deactivated.

The reason to this is that an object view is automatically generated and must show all connected objects in it. Otherwise we might end up in a situation where two object views of identical objects look different and we can not trust them. The Delete function is still available.