source: doc/design @ 80f6450

abac0-leakabac0-meicompt_changesgec13mei-idmei-rt0-nmei_rt0mei_rt2mei_rt2_fix_1meiyap-rt1meiyap1rt2tvf-new-xml
Last change on this file since 80f6450 was 80f6450, checked in by Mike Ryan <mikeryan@…>, 11 years ago

update design doc a bit

  • Property mode set to 100644
File size: 2.1 KB
Line 
1OVERVIEW
2
3ABAC proves attributes about principals.
4
5libabac is comprised of three main types of objects: credentials, roles,
6and contexts.
7
8A typical use of ABAC is:
9
10    - create a context
11    - load some certificates
12    - clone the context
13    - add more certificates, possibly presented by another party
14    - make a query 'does principal B have the role A.r1?'
15
16CREDENTIAL
17
18An ABAC credential is the most basic unit of an ABAC proof. It is a
19signed assertion by a principal A that some other entity has a role r1.
20Abstractly, it is one of the following (A and B principls, r1, r2, r3
21roles):
22
23    A.r1 <- B
24    A.r1 <- B.r2
25    A.r1 <- B.r2.r3
26
27When interacting with libabac, a credential is represented by an X509
28attribute certificates and the associated issuer X509 identity
29certificate.
30
31A principal is represented by the SHA1 hash of the public key of its
32identity certificate. Therefore when a credential is encoded in an
33attribute certificate, it will look something along the lines of:
34
35    e65aace9237833ec775253cfde97f59a0af5bc3d.frobnicate <-
36        e93547826455a80d9488825a1d083ef6ef264107
37
38ROLE
39
40ABAC roles are the atomic units that form the head and tail of a
41credential. The head will always be a proper role, which is to say it
42takes form:
43
44    A.r1
45
46As seen in the CREDENTIAL section, the tail of a role can take one of
47three forms:
48
49    principal:      B
50    role:           B.r2
51    linking role:   B.r2.r3
52
53For more information about the different types of roles, refer to
54[Li03rt].
55
56CONTEXT
57
58An ABAC context object encapsulates a set of ABAC credentials and its
59associated proof graph. The context supports the following operations:
60
61    - load X509 identity certificate
62    - load X509 attribute certificate
63    - list all the credentials (attribute identity certificate pairs)
64    - query whether a principal has a given role
65    - duplicate context
66
67REFERENCES
68
69[Li03rt]
70    Li, N. and Mitchell, J. C. RT: A role-based trust-management
71    framework. In Proceedings of the Third DARPA Information
72    Survivability Conference and Exposition. IEEE Computer Society
73    Press, 201­212.
Note: See TracBrowser for help on using the repository browser.