source: examples/creddy_prover_tests/experiment_create_rt0/README @ 9ac7fb4

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
Last change on this file since 9ac7fb4 was 461541a, checked in by Mei <mei@…>, 12 years ago

1) updated original rt0 to remove libstrongswan dependency

a) identity credential being made/accessed with openssl api calls

(X509/EVP_PKEY pem)

b) attribute credential being made/access via xmlsec1 (custom XML

structure)

2) refactored libcreddy into libabac and now one ABAC namespace for

libabac

3) added attribute_rule suboption to creddy's attribute as another way

to insert access rule

4) added some regression tests into example directory
5) updated some docs.

  • Property mode set to 100755
File size: 1.9 KB
Line 
1#!/bin/sh
2 
3#Acme runs a testbed. They've delegated the authority to create
4#!/bin/sh
5#
6#experiments to all their partners. The Globotron company is one such
7#!/bin/sh
8#
9#partner.
10#
11#    Acme.experiment_create <- Acme.partner.experiment_create
12#    Acme.partner <- Globotron
13#
14#Globotron has delegated the authority to anyone an admin thinks is a
15#'power user'.
16#
17#    Globotron.experiment_create <- Globotron.admin.power_user
18#
19#Alice is an admin, and her friend Bob is a power user:
20#
21#    Globotron.admin <- Alice
22#    Alice.power_user <- Bob
23#
24#From these credentials, it is possible to construct a proof graph
25#showing that Acme.experiment_create <- Bob.
26#
27#Note that there is a one-to-one correspondence with each credential
28#above and the attribute certificates below.
29#
30
31rm -rf *.pem *.xml
32
33creddy --generate --cn Acme
34
35creddy --generate --cn Globotron
36
37creddy --generate --cn Alice
38
39creddy --generate --cn Bob
40
41creddy --attribute \
42       --issuer Acme_ID.pem --key Acme_private.pem --role experiment_create \
43       --subject-cert Acme_ID.pem --subject-role partner.experiment_create \
44       --out Acme_experiment_create__Acme_partner_experiment_create_attr.xml
45
46creddy --attribute \
47       --issuer Acme_ID.pem --key Acme_private.pem --role partner \
48       --subject-cert Globotron_ID.pem \
49       --out Acme_partner__Globotron_attr.xml
50
51creddy --attribute \
52       --issuer Globotron_ID.pem --key Globotron_private.pem --role experiment_create \
53       --subject-cert Globotron_ID.pem --subject-role admin.power_user \
54       --out Globotron_experiment_create__Globotron_admin_power_user_attr.xml
55
56creddy --attribute \
57       --issuer Globotron_ID.pem --key Globotron_private.pem --role admin \
58       --subject-cert Alice_ID.pem \
59       --out Globotron_admin__Alice_attr.xml
60
61creddy --attribute \
62       --issuer Alice_ID.pem --key Alice_private.pem --role power_user \
63       --subject-cert Bob_ID.pem \
64       --out Alice_admin__Bob_attr.xml
65
66
Note: See TracBrowser for help on using the repository browser.