Along with my colleague Alan Wills, I recently had the privilege of co-hosting a workshop on DSL Tools and Software Factories at the SPA2005 conference. It was my first time at SPA and, despite only managing a short visit, I had a good time and met a bunch of interesting and diverse people. Alan has a more detailed entry on some of our group's learnings. One that I wanted to pick up on was the idea of "Shared multi-user transactional models".
Our DSL Tools models (at least for version one) are firmly based in the world of files for their storage. We are working on a set of requirements for multi-file-models and inter-model-file references and other such adjucts to large-scale modeling, but we assume that a file is the unit of both management and access control for models. In our Software Factories vision, we're aligning models as first class development artefacts alongside code, DB schema etc. In today's world, all of these are very much also stored in files so there is a natural mental model to follow here. This implies that a traditional file-based revision control system is used to deal with concurrent access to models and that security permissions are managed through this and the file system.
Several SPA participants suggested a potential need for more granularity than this. They envisaged models stored in a database, with job-role-based permissions for access, sometimes with differing permissions on different attributes of a single object. I can see that this would offer some powerful features, especially where models become tightly integrated into the flow of the business. However, I've worked with database-hosted modeling tools before and it wasn't a pleasant experience. If you wanted something as simple as branching and merge of changes, you were quite simply stuck - you'd expect those features from revision control of files. Also, it put a huge barrier between traditional artefacts like code which were stored in files and the model which was not. Maybe we can only deliver this kind of feature when we have some kind of unified store that can handle concurrent access and fine grained role-based permissioning at the same time as providing sophisticated revision control facilities. On balance, for large-scale software production, I'll come down on the side of files and revision control as the best available mainstream technology right now.