#!/bin/sh # ##################################################################### # This example demonstrates using a parameters to control access to files based # on the attributes of the principals. The script creates three principals # Alpha, Bob, Maryann and Joe and sets out the access policy. # # files are named by URNs and are not principals. # # A principal's access rights are controlled by the Alpha principal. If a # principal has the role role::read(urn:filename) that # principal can read filename. The policy is that the manager of the owner of # a file can read it. (Presumably the owner can, too, but that is not encoded # here.) # # The example below lays out the policy that the manager of the owner of a file # can read it in Credential 1. Credential 2 establishes Bob as the manager of # Joe. and Credential 3 establishes Joe as the owner of the file. # # The attached ./run_query file runs 2 queries. First it confirms that Bob can read # fileA, then it confirms that Maryann cannot. # file_read_rt2 # alpha.read(fileA) <-?- Bob #[keyid:Alpha].role:read([urn:'file://fileA']) <-?- [keyid:Bob] (yes) #[keyid:Alpha].role:read([urn:'file://fileA']) <-?- [keyid:Maryann] (yes) creddy --generate --cn Alpha creddy --generate --cn Bob creddy --generate --cn Maryann creddy --generate --cn Joe alpha_keyid=`creddy --keyid --cert Alpha_ID.pem` bob_keyid=`creddy --keyid --cert Bob_ID.pem` maryann_keyid=`creddy --keyid --cert Maryann_ID.pem` joe_keyid=`creddy --keyid --cert Joe_ID.pem` read_fileA="read([urn:'file://fileA'])" managerof_joe="managerOf([keyid:$joe_keyid])" ownerof_fileA="ownerOf([urn:'file://fileA'])" managerof_qE="managerOf([principal:?E[keyid:$alpha_keyid].role:ownerOf([urn:?F])])" # alpha.read(?F) <- alpha.managerOf(?E:alpha.ownerOf(?F)) # [keyid:alpha].role:read([urn:?F])<- # [keyid:alpha].role:managerOf([principal:?E[keyid:alpha].role:ownerOf([urn:?F])] # Credential 1 creddy --attribute \ --issuer Alpha_ID.pem --key Alpha_private.pem --role "read([urn:?F])" \ --subject-cert Alpha_ID.pem --subject-role "$managerof_qE" \ --out Alpha_read_qF__alpha_managerof_qE_attr.der # Credential 2 #[keyid:Alpha].role:managerOf([Keyid:Joe]) <- [keyid:Bob] creddy --attribute \ --issuer Alpha_ID.pem --key Alpha_private.pem --role "$managerof_joe" \ --subject-cert Bob_ID.pem \ --out Alpha_managerof_Joe__Bob_attr.der # Credential 3 #[keyid:Alpha].role:ownerOf([urn:'file://fileA']) <- [keyid:Joe] creddy --attribute \ --issuer Alpha_ID.pem --key Alpha_private.pem --role "$ownerof_fileA" \ --subject-cert Joe_ID.pem \ --out Alpha_ownerof_fileA__Joe_attr.der #################################################################################### # note: # # alpha.read(?F) <- alpha.manager(?E:alpha.owner(?F)) # [keyid:alpha].role:read([urn:?F])<- # #[keyid:alpha].role:manager([principal:?E[keyid:alpha].role:owner([urn:?F])]) # # alpha.read(?F) <- alpha.manager(?E) # and alpha.owner(?F) <- ?E # # [keyid:alpha].role:read([urn:?F])<-[keyid:?M] # [keyid:alpha].role:manager([principal:?E])<-[keyid:?M] # [keyid:alpha].role:owner([urn:?F])<-[keyid:?E] # # isMember(M,role(alpha,read,F)) :- # isMember(M, role(alpha,manager,E)), # isMember(E, role(alpha,owner,F)) <-- constraining rule # # alpha.read(?F) <- alpha.manager(?E) # alpha.owner(?F) <- ?E # # condition like this, # ?E:A.r needs to be translate into constraining rule, A.r<-?E # # query, # alpha.read(fileA) <-?- Bob # needs # alpha.manager(Joe)<-Bob # alpha.owner(fileA)<-Joe