source: examples/file_read_rt2_typed/README @ c586a3c

mei_rt2mei_rt2_fix_1meiyap-rt1rt2
Last change on this file since c586a3c was da5afdf, checked in by Mei <mei@…>, 12 years ago

1) add static contraint

(limited to integer at this time)
  • Property mode set to 100755
File size: 2.5 KB
Line 
1#!/bin/sh
2
3rm -rf *.der *.pem
4
5# alpha.read(fileA) <-?- Bob
6#[keyid:Alpha].role:read([urn:'file://fileA']) <-?- [keyid:Bob] (yes)
7#[keyid:Alpha].role:read([urn:'file://fileA']) <-?- [keyid:Maryann] (yes)
8
9creddy --generate --cn Alpha
10creddy --generate --cn Bob
11creddy --generate --cn Maryann
12creddy --generate --cn Joe
13
14alpha_keyid=`creddy --keyid --cert Alpha_ID.pem`
15bob_keyid=`creddy --keyid --cert Bob_ID.pem`
16maryann_keyid=`creddy --keyid --cert Maryann_ID.pem`
17joe_keyid=`creddy --keyid --cert Joe_ID.pem`
18
19read_fileA="read([urn:'file://fileA'])"
20managerof_joe="managerOf([keyid:$joe_keyid])"
21ownerof_fileA="ownerOf([urn:'file://fileA'])"
22managerof_qE="managerOf([principal:?E[keyid:$alpha_keyid].role:ownerOf([urn:?F])])"
23
24# alpha.read(?F) <- alpha.managerOf(?E:alpha.ownerOf(?F))
25# [keyid:alpha].role:read([urn:?F])<-
26#    [keyid:alpha].role:managerOf([principal:?E[keyid:alpha].role:ownerOf([urn:?F])]
27creddy --attribute \
28       --issuer Alpha_ID.pem --key Alpha_private.pem --role "read([urn:?F])" \
29       --subject-cert Alpha_ID.pem --subject-role "$managerof_qE" \
30       --out Alpha_read_qF__alpha_managerof_qE_attr.der
31
32#[keyid:Alpha].role:managerOf([Keyid:Joe]) <- [keyid:Bob]
33creddy --attribute \
34        --issuer Alpha_ID.pem --key Alpha_private.pem --role "$managerof_joe" \
35        --subject-cert Bob_ID.pem \
36        --out Alpha_managerof_Joe__Bob_attr.der
37
38#[keyid:Alpha].role:ownerOf([urn:'file://fileA']) <- [keyid:Joe]
39creddy --attribute \
40        --issuer Alpha_ID.pem --key Alpha_private.pem --role "$ownerof_fileA" \
41        --subject-cert Joe_ID.pem \
42        --out Alpha_ownerof_fileA__Joe_attr.der
43
44####################################################################################
45# note:
46#
47# alpha.read(?F) <- alpha.manager(?E:alpha.owner(?F))
48# [keyid:alpha].role:read([urn:?F])<-
49#       #[keyid:alpha].role:manager([principal:?E[keyid:alpha].role:owner([urn:?F])])
50#
51# alpha.read(?F) <- alpha.manager(?E)
52# and alpha.owner(?F) <- ?E
53#
54# [keyid:alpha].role:read([urn:?F])<-[keyid:?M]
55#     [keyid:alpha].role:manager([principal:?E])<-[keyid:?M]
56#     [keyid:alpha].role:owner([urn:?F])<-[keyid:?E]
57#
58# isMember(M,role(alpha,read,F)) :-
59#       isMember(M, role(alpha,manager,E)),
60#       isMember(E, role(alpha,owner,F))  <-- constraining rule
61#
62# alpha.read(?F) <- alpha.manager(?E)
63# alpha.owner(?F) <- ?E
64#
65# condition like this,
66#          ?E:A.r  needs to be translate into constraining rule,  A.r<-?E
67#
68# query,
69# alpha.read(fileA) <-?- Bob
70# needs
71# alpha.manager(Joe)<-Bob
72# alpha.owner(fileA)<-Joe
73
Note: See TracBrowser for help on using the repository browser.