Context Navigation

s6_result.save @ 11ca336

mei_rt2

Last change on this file since 11ca336 was 2e9455f, checked in by Mei <mei@…>, 11 years ago
1) added namespace 2) tweak ?This, 3) allowing linking role/oset as constraining conditions 4) adding access_tests regression testing that uses GENI's access policy 5) added couple multi contexts regression tests 6) add compression/uncompression calls to abac_encode_string/abac_decode_string (libstrongwan only allows 512 char for attribute rule storage) 7) add attribute_now option to creddy that takes a whole char string for attribute rule
Property mode set to `100644`
File size: 12.1 KB

Line
1	=====================s6_query.py==================
2	keystore is not set, using current directory...
3
4	...initial principal set...
5	#PP# (pAlice,keyid,y)
6	#PP# (pDan,keyid,y)
7	#PP# (pDrd,keyid,y)
8	#PP# (pEXO,keyid,y)
9	#PP# (pFrank,keyid,y)
10	#PP# (pGM,keyid,y)
11	#PP# (pGR,keyid,y)
12	#PP# (pG,keyid,y)
13	#PP# (pIDP,keyid,y)
14	#PP# (pLisa,keyid,y)
15	#PP# (pPA,keyid,y)
16	#PP# (pSA,keyid,y)
17
18	...initial policy attribute set...
19	#CC# pG.aggregate <- pG.geniRoot.aggregate
20	#CC# pG.geniPI <- pG.identityProvider.geniPI
21	#CC# pG.geniProxy <- pG.geniRoot.geniProxy
22	#CC# pG.geniUser <- pG.identityProvider.geniUser
23	#CC# pG.gmoc <- pG.geniRoot.gmoc
24	#CC# pG.identityProvider <- pG.geniRoot.identityProvider
25	#CC# pG.projectAuthority <- pG.geniRoot.projectAuthority
26	#CC# pG.qualifiedProject <- pG.root(This).project
27	#CC# pG.root(P) <- pG.projectAuthority.root(P)
28	#CC# pG.root(S) <- pG.sliceAuthority.root(S)
29	#CC# pG.sliceAuthority <- pG.geniRoot.sliceAuthority
30	#CC# pPA.createRoot <- pPA.geniPI
31	#CC# pPA.delegate_member_(P:pPA.standard) <- pPA.owner(P).delegate_member_(P)
32	#CC# pPA.delegate_memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.owner(P).delegate_memberQ_(P,Priv)
33	#CC# pPA.member_(P:pPA.standard) <- pPA.delegate_member_(P).member_(P)
34	#CC# pPA.member_(P:pPA.standard) <- pPA.owner(P)
35	#CC# pPA.member_(P:pPA.standard) <- pPA.owner(P).member_(P)
36	#CC# pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.delegate_memberQ_(P,Priv).memberQ_(P,Priv)
37	#CC# pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member_(P)
38	#CC# pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.owner(P).memberQ_(P,Priv)
39	#CC# pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.delegate_memberQ_(P,Priv)
40	#CC# pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv)
41	#CC# pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv).memberQ(P,Priv)
42	#CC# pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member(P)
43	#CC# pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.owner(P).memberQ(P,Priv)
44	#CC# pPA.member(P:pPA.standard) <- pPA.delegate_member_(P)
45	#CC# pPA.member(P:pPA.standard) <- pPA.member_(P)
46	#CC# pPA.member(P:pPA.standard) <- pPA.member_(P).member(P)
47	#CC# pPA.member(P:pPA.standard) <- pPA.owner(P)
48	#CC# pPA.member(P:pPA.standard) <- pPA.owner(P).member(P)
49	#CC# pPA.std_ops <- 'info'
50	#CC# pPA.std_ops <- 'instantiate'
51	#CC# pPA.std_ops <- 'stop'
52	#CC# pSA.createSlice(P:pSA.qualifiedProject) <- pSA.geniProxy & pSA.speaksFor(C:pSA.projectAuthority.memberQ(P,'instantiate'))
53	#CC# pSA.createSlice(P:pSA.qualifiedProject) <- pSA.geniUser & pSA.projectAuthority.memberQ(P,'instantiate')
54	#CC# pSA.controls_(S:pSA.standard) <- pSA.delegate_controls_(S).controls_(S)
55	#CC# pSA.controls_(S:pSA.standard) <- pSA.owner(S)
56	#CC# pSA.controls_(S:pSA.standard) <- pSA.owner(S).controls_(S)
57	#CC# pSA.controlsQ_(S:pSA.standard,Priv:pPA.std_ops) <- pSA.controls_(S)
58	#CC# pSA.controlsQ_(S:pSA.standard,Priv:pPA.std_ops) <- pSA.delegate_controlsQ_(S,Priv)
59	#CC# pSA.controlsQ(S:pSA.standard,Priv:pPA.std_ops) <- pSA.controlsQ_(S,Priv).controlsQ(S,Priv)
60	#CC# pSA.controlsQ_(S:pSA.standard,Priv:pPA.std_ops) <- pSA.delegate_controls_(S)
61	#CC# pSA.controlsQ_(S:pSA.standard,Priv:pPA.std_ops) <- pSA.delegate_controlsQ_(S,Priv).controlsQ_(S,Priv)
62	#CC# pSA.controlsQ_(S:pSA.standard,Priv:pPA.std_ops) <- pSA.owner(S).controlsQ_(S,Priv)
63	#CC# pSA.controlsQ(S:pSA.inStdProject(P),'info') <- pSA.projectAuthority.memberQ(P,'info')
64	#CC# pSA.controlsQ(S:pSA.inStdProject(P),'info') <- pSA.projectAuthority.owner(P)
65	#CC# pSA.controlsQ(S:pSA.inStdProject(P),'stop') <- pSA.projectAuthority.owner(P)
66	#CC# pSA.controlsQ(S:pSA.standard,'info') <- pSA.gmoc
67	#CC# pSA.controlsQ(S:pSA.standard,Priv:pPA.std_ops) <- pSA.controlsQ_(S,Priv)
68	#CC# pSA.controlsQ(S:pSA.standard,Priv:pPA.std_ops) <- pSA.controls(S)
69	#CC# pSA.controlsQ(S:pSA.standard,Priv:pPA.std_ops) <- pSA.owner(S).controlsQ(S,Priv)
70	#CC# pSA.controlsQ(S:pSA.standard,'stop') <- pSA.gmoc
71	#CC# pSA.controls(S:pSA.standard) <- pSA.controls_(S)
72	#CC# pSA.controls(S:pSA.standard) <- pSA.delegate_controls_(S)
73	#CC# pSA.controls(S:pSA.standard) <- pSA.controls_(S).controls(S)
74	#CC# pSA.controls(S:pSA.standard) <- pSA.owner(S)
75	#CC# pSA.controls(S:pSA.standard) <- pSA.owner(S).controls(S)
76	#CC# pSA.delegate_controls_(S:pSA.standard) <- pSA.owner(S).delegate_controls_(S)
77	#CC# pSA.delegate_controlsQ_(S:pSA.standard,Priv:pPA.std_ops) <- pSA.owner(S).delegate_controlsQ_(S,Priv)
78	#CC# pSA.inStdProject(P:pPA.standard) <- pSA.inProject(P) & pSA.standard
79	#CC# pDrd.project <- 'proj1'
80	#CC# pDrd.slice <- 'sliceA'
81	#CC# pGR.aggregate <- pEXO
82	#CC# pGR.identityProvider <- pIDP
83	#CC# pGR.projectAuthority <- pPA
84	#CC# pGR.sliceAuthority <- pSA
85	#CC# pG.geniRoot <- pGR
86	#CC# pIDP.geniPI <- pDrd
87	#CC# pDrd.memberQ('proj1','info') <- pFrank
88	#CC# pDrd.memberQ('proj1','instantiate') <- pDan
89	#CC# pPA.owner('proj1') <- pDrd
90	#CC# pPA.root('proj1') <- pDrd
91	#CC# pPA.standard <- 'proj1'
92	#CC# pSA.geniProxy <- pLisa
93	#CC# pSA.geniUser <- pDan
94	#CC# pSA.geniUser <- pDrd
95	#CC# pSA.geniUser <- pFrank
96	#CC# pSA.gmoc <- pAlice
97	#CC# pSA.inProject('proj1') <- 'sliceA'
98	#CC# pSA.owner('sliceA') <- pDrd
99	#CC# pSA.projectAuthority <- pPA
100	#CC# pSA.qualifiedProject <- 'proj1'
101	#CC# pSA.root('sliceA') <- pDrd
102	#CC# pSA.speaksFor(pDan) <- pLisa
103	#CC# pSA.standard <- 'sliceA'
104
105	===good============ SA.controlsQ('sliceA','info') <-?- Drd
106	YAP query succeed
107	pSA.controlsQ(S:pSA.inStdProject(P),'info') <- pSA.projectAuthority.memberQ(P,'info')
108	pSA.inStdProject(P:pPA.standard) <- pSA.inProject(P) & pSA.standard
109	pPA.standard <- 'proj1'
110	pSA.inProject('proj1') <- 'sliceA'
111	pSA.standard <- 'sliceA'
112	pSA.projectAuthority <- pPA
113	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv)
114	pPA.std_ops <- 'info'
115	pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member_(P)
116	pPA.member_(P:pPA.standard) <- pPA.owner(P)
117	pPA.owner('proj1') <- pDrd
118
119	===good============ SA.createSlice('proj1') <-?- Drd
120	YAP query succeed
121	pSA.createSlice(P:pSA.qualifiedProject) <- pSA.geniUser & pSA.projectAuthority.memberQ(P,'instantiate')
122	pSA.qualifiedProject <- 'proj1'
123	pSA.geniUser <- pDrd
124	pSA.projectAuthority <- pPA
125	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv)
126	pPA.standard <- 'proj1'
127	pPA.std_ops <- 'instantiate'
128	pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member_(P)
129	pPA.member_(P:pPA.standard) <- pPA.owner(P)
130	pPA.owner('proj1') <- pDrd
131
132	===good============ SA.Stanard <-?- 'sliceA'
133	YAP query succeed
134	pSA.standard <- 'sliceA'
135
136	===good============ SA.inProject('proj1') <-?- 'sliceA'
137	YAP query succeed
138	pSA.inProject('proj1') <- 'sliceA'
139
140	===good============ SA.inStdProject('proj1') <-?- 'sliceA'
141	YAP query succeed
142	pSA.inStdProject(P:pPA.standard) <- pSA.inProject(P) & pSA.standard
143	pPA.standard <- 'proj1'
144	pSA.inProject('proj1') <- 'sliceA'
145	pSA.standard <- 'sliceA'
146
147	===good============ SA.createSlice('proj1') <-?- lisa
148	YAP query succeed
149	pSA.createSlice(P:pSA.qualifiedProject) <- pSA.geniProxy & pSA.speaksFor(C:pSA.projectAuthority.memberQ(P,'instantiate'))
150	pSA.qualifiedProject <- 'proj1'
151	pSA.projectAuthority <- pPA
152	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv).memberQ(P,Priv)
153	pPA.standard <- 'proj1'
154	pPA.std_ops <- 'instantiate'
155	pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member_(P)
156	pPA.member_(P:pPA.standard) <- pPA.owner(P)
157	pPA.owner('proj1') <- pDrd
158	pDrd.memberQ('proj1','instantiate') <- pDan
159	pSA.geniProxy <- pLisa
160	pSA.speaksFor(pDan) <- pLisa
161
162	next proof:
163	pSA.createSlice(P:pSA.qualifiedProject) <- pSA.geniProxy & pSA.speaksFor(C:pSA.projectAuthority.memberQ(P,'instantiate'))
164	pSA.qualifiedProject <- 'proj1'
165	pSA.projectAuthority <- pPA
166	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.owner(P).memberQ(P,Priv)
167	pPA.standard <- 'proj1'
168	pPA.std_ops <- 'instantiate'
169	pPA.owner('proj1') <- pDrd
170	pDrd.memberQ('proj1','instantiate') <- pDan
171	pSA.geniProxy <- pLisa
172	pSA.speaksFor(pDan) <- pLisa
173
174	next proof:
175	no more..
176
177
178	===good============ SA.createSlice('proj1') <-?- Dan
179	YAP query succeed
180	pSA.createSlice(P:pSA.qualifiedProject) <- pSA.geniUser & pSA.projectAuthority.memberQ(P,'instantiate')
181	pSA.qualifiedProject <- 'proj1'
182	pSA.geniUser <- pDan
183	pSA.projectAuthority <- pPA
184	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv).memberQ(P,Priv)
185	pPA.standard <- 'proj1'
186	pPA.std_ops <- 'instantiate'
187	pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member_(P)
188	pPA.member_(P:pPA.standard) <- pPA.owner(P)
189	pPA.owner('proj1') <- pDrd
190	pDrd.memberQ('proj1','instantiate') <- pDan
191
192	next proof:
193	pSA.createSlice(P:pSA.qualifiedProject) <- pSA.geniUser & pSA.projectAuthority.memberQ(P,'instantiate')
194	pSA.qualifiedProject <- 'proj1'
195	pSA.geniUser <- pDan
196	pSA.projectAuthority <- pPA
197	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.owner(P).memberQ(P,Priv)
198	pPA.standard <- 'proj1'
199	pPA.std_ops <- 'instantiate'
200	pPA.owner('proj1') <- pDrd
201	pDrd.memberQ('proj1','instantiate') <- pDan
202
203	next proof:
204	no more..
205
206
207	===bad============ SA.createSlice('proj1') <-?- Frank
208	YAP query failed
209	A partial proof(type:what_default)
210	pSA.geniUser <- pFrank
211
212	===good============ PA.memberQ('proj1','instantiate') <-?- Dan
213	YAP query succeed
214	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv).memberQ(P,Priv)
215	pPA.standard <- 'proj1'
216	pPA.std_ops <- 'instantiate'
217	pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member_(P)
218	pPA.member_(P:pPA.standard) <- pPA.owner(P)
219	pPA.owner('proj1') <- pDrd
220	pDrd.memberQ('proj1','instantiate') <- pDan
221
222	next proof:
223	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.owner(P).memberQ(P,Priv)
224	pPA.standard <- 'proj1'
225	pPA.std_ops <- 'instantiate'
226	pPA.owner('proj1') <- pDrd
227	pDrd.memberQ('proj1','instantiate') <- pDan
228
229	next proof:
230	no more..
231
232
233	===bad============ SA.speaksFor(Dan) <-?- Frank
234	YAP query failed
235	A partial proof(type:what_default)
236	pSA.geniUser <- pFrank
237
238	next proof:
239	A partial proof(type:who)
240	pSA.speaksFor(pDan) <- pLisa
241
242	next proof:
243	no more..
244
245
246
247
248	=====================s6_run_query==================
249
250
251	===good============ SA.controlsQ('sliceA','info') <-?- Drd
252	YAP query succeed
253	prover success!!
254	credentials needed :
255	pSA.controlsQ(S:pSA.inStdProject(P),'info') <- pSA.projectAuthority.memberQ(P,'info')
256	pSA.inStdProject(P:pPA.standard) <- pSA.inProject(P) & pSA.standard
257	pPA.standard <- 'proj1'
258	pSA.inProject('proj1') <- 'sliceA'
259	pSA.standard <- 'sliceA'
260	pSA.projectAuthority <- pPA
261	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv)
262	pPA.std_ops <- 'info'
263	pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member_(P)
264	pPA.member_(P:pPA.standard) <- pPA.owner(P)
265	pPA.owner('proj1') <- pDrd
266
267	===good============ SA.controlsQ('sliceA','stop') <-?- Drd
268	YAP query succeed
269	prover success!!
270	credentials needed :
271	pSA.controlsQ(S:pSA.inStdProject(P),'stop') <- pSA.projectAuthority.owner(P)
272	pSA.inStdProject(P:pPA.standard) <- pSA.inProject(P) & pSA.standard
273	pPA.standard <- 'proj1'
274	pSA.inProject('proj1') <- 'sliceA'
275	pSA.standard <- 'sliceA'
276	pSA.projectAuthority <- pPA
277	pPA.owner('proj1') <- pDrd
278
279
280	===good============ SA.controlsQ('sliceA','info') <-?- Frank
281	YAP query succeed
282	prover success!!
283	credentials needed :
284	pSA.controlsQ(S:pSA.inStdProject(P),'info') <- pSA.projectAuthority.memberQ(P,'info')
285	pSA.inStdProject(P:pPA.standard) <- pSA.inProject(P) & pSA.standard
286	pPA.standard <- 'proj1'
287	pSA.inProject('proj1') <- 'sliceA'
288	pSA.standard <- 'sliceA'
289	pSA.projectAuthority <- pPA
290	pPA.memberQ(P:pPA.standard,Priv:pPA.std_ops) <- pPA.memberQ_(P,Priv).memberQ(P,Priv)
291	pPA.std_ops <- 'info'
292	pPA.memberQ_(P:pPA.standard,Priv:pPA.std_ops) <- pPA.member_(P)
293	pPA.member_(P:pPA.standard) <- pPA.owner(P)
294	pPA.owner('proj1') <- pDrd
295	pDrd.memberQ('proj1','info') <- pFrank
296
297	===bad============ SA.controlsQ('sliceA','stop') <-?- Frank
298	YAP query failed
299	prover failed!!
300
301
302	===bad============ SA.controlsQ('sliceA','info') <-?- Dan
303	YAP query failed
304	prover failed!!
305
306	===bad============ SA.controlsQ('sliceA','stop') <-?- Dan
307	YAP query failed
308	prover failed!!
309
310
311	===good============ SA.controlsQ('sliceA','info') <-?- Alice
312	YAP query succeed
313	prover success!!
314	credentials needed :
315	pSA.controlsQ(S:pSA.standard,'info') <- pSA.gmoc
316	pSA.standard <- 'sliceA'
317	pSA.gmoc <- pAlice
318
319	===good============ SA.controlsQ('sliceA','stop') <-?- Alice
320	YAP query succeed
321	prover success!!
322	credentials needed :
323	pSA.controlsQ(S:pSA.standard,'stop') <- pSA.gmoc
324	pSA.standard <- 'sliceA'
325	pSA.gmoc <- pAlice
326
327
328

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format