Changes between Version 11 and Version 12 of CrudgeDocs
- Timestamp:
- Apr 11, 2011 11:36:59 AM (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
CrudgeDocs
v11 v12 19 19 == Using Crudge == 20 20 21 This section describes navigating crudge. We describe the screens, how to manipulate credentials, and how to load and save credential sets. If everything seems intuitive to you, feel free to treat this reference as a tutorial.21 This section describes navigating crudge. We describe the screens, how to manipulate credentials, and how to load and save credential sets. If everything seems intuitive to you, feel free to treat this tutorial as a reference. 22 22 23 23 === Crudge Screens === … … 27 27 [[Image(crudge_first.png)]] 28 28 29 The left side of the screen holds the worldviews. These are the views of credentials controlled by a given principal, and currently there is one worldview with all credentials visible. Because there are no credentials loaded, there are none displayed. The text entry box is used to restrict the view. When a principal name is entered, only those credentials controlled by that principal are shown. Multiple views can be shown simultaneously. 29 The left side of the screen holds the worldviews. These are the views of credentials controlled by a given principal, and currently there is one worldview with all credentials visible. Because there are no credentials loaded, there are none displayed. The text entry box is used to restrict the view. When a principal name is entered, only those credentials controlled by that principal are shown. Multiple views can be shown simultaneously. We describe how to manipulate worldviews [CrudgeDocs#WorkingWithWorldviews below]. 30 30 31 On the right is the results of the current query, which is used to test if a given principal has a given attribute/role. The role is entered in the left text box and the principal in the right. If the query is successful, the query success icon turns into a green smiling face; a failed query shows the red "X". 31 On the right is the results of the current query, which is used to test if a given principal has a given attribute/role. The role is entered in the left text box and the principal in the right. If the query is successful, the query success icon turns into a green smiling face; a failed query shows the red "X". Queries are discussed in more detail [CrudgeDocs#RunningAQuery below]. 32 32 33 These details are summarized below.33 These input and output areas are summarized as: 34 34 35 35 [[Image(crudge_first_annotated_test.png)]] … … 37 37 === Viewing a Graph === 38 38 39 A credential graph represents a view of a set of ABAC credentials, for example the credentials that make up a proof or a policy. There are several ways to load a proof (described in more detail below), but to see the basics load an example set of credentials from http://abac.deterlab.net/examples/rockets_intersection.zip . Select "Open a URL" from the File menu and type http://abac.deterlab.net/examples/rockets_intersection.zip into the dialog box and hit return. (You can also get the dialog box by typing Ctrl-U).39 A credential graph represents a view of a set of ABAC credentials, for example the credentials that make up a proof or a policy. There are several ways to load a proof (described in more detail [CrudgeDocs#LoadingCredentialGraphs below]), but to see the basics load an example set of credentials from http://abac.deterlab.net/examples/rockets_intersection.zip . Select "Open a URL" from the File menu and type http://abac.deterlab.net/examples/rockets_intersection.zip into the dialog box and hit return. (You can also get the dialog box by typing Ctrl-U). 40 40 41 41 A set of credentials will appear layed out roughly as a tree. You will probably need to move the boxes around a bit to see the structure. You can move a vertex by putting the pointer on it, holding down the left mouse button and dragging the box. You can pan around the space by putting the pointer on the background, holding the left button and dragging the whole frame. With a little moving you should see something like the image below. … … 43 43 [[Image(batman.png)]] 44 44 45 This set of credentials represents the policy of a company called Acme that is in the business of selling armaments to fictional characters. There are four roles displayed and two principals. The principals are the two blue circles labelled "Coyote" and "Batman". The green rectangles are simple roles assigned by two principals not depicted ("Acme" and " WarnerBros"). A simple role is controlled by the principal to the left of the dot in the rectangle. Acme controls Acme.preferred_customer. WarnerBros controlsWarnerBros.character.45 This set of credentials represents the policy of a company called Acme that is in the business of selling armaments to fictional characters. There are four roles displayed and two principals. The principals are the two blue circles labelled "Coyote" and "Batman". The green rectangles are simple roles assigned by two principals not depicted ("Acme" and "!WarnerBros"). A simple role is controlled by the principal to the left of the dot in the rectangle. Acme controls Acme.preferred_customer. !WarnerBros controls !WarnerBros.character. 46 46 47 The red rectangle represents an intersection role, which is the logical conjunction of the two roles separated by the ampersand, in this case Acme.preferred_customer and WarnerBros.character. A principal has an intersection role if it also has all of the individual roles. When the prerequisites for an intersection role are met by a principal, crudge connects the principal to the intersection role with a dotted line. In this example, Coyote has edges to both Acme.preferred_customer andWarnerBros.character, so it has a connection to the red role.47 The red rectangle represents an intersection role, which is the logical conjunction of the two roles separated by the ampersand, in this case Acme.preferred_customer and !WarnerBros.character. A principal has an intersection role if it also has all of the individual roles. When the prerequisites for an intersection role are met by a principal, crudge connects the principal to the intersection role with a dotted line. In this example, Coyote has edges to both Acme.preferred_customer and !WarnerBros.character, so it has a connection to the red role. 48 48 49 The solid lines represent credentials, the dotted lines represent deductions. This graph captures the idea that Acme will allow characters that are both its preferred customers and WarnerBros characters to buy rockets.49 The solid lines represent credentials, the dotted lines represent deductions. This graph captures the idea that Acme will allow characters that are both its preferred customers and !WarnerBros characters to buy rockets. 50 50 51 51 There is another kind of role, a linking role, that is described in more detail in the [http://groups.geni.net/geni/wiki/TIEDABACModel ABAC description referenced above.] … … 55 55 The paths through this simple graph are easily traced by eye, but the query interface can be used to find the relevant paths through more tangled graphs. We demonstrate the query interface on the graph loaded above. 56 56 57 If a user enter dAcme.buy_rockets in the leftmost query box and Coyote in the other and hits enter, that requests a proof that Coyote has the Acme.buy_rockets role. After that request is made (by hitting return) the query pane displays the following:57 If a user enters Acme.buy_rockets in the leftmost query box and Coyote in the other and hits enter, that requests a proof that Coyote has the Acme.buy_rockets role. After that request is made (by hitting return) the query pane displays the following: 58 58 59 59 [[Image(coyote_query.png)]] … … 75 75 [[Image(tab.png)]] 76 76 77 That 's the single global view of the credentials. Add another view by choosing Add Worldview from the View menu (or hitting Ctrl-A), and the screen will split horizontally into two views. Type Acme into the text box on the lower view and you will see this:77 That is the single global view of the credentials. Add another view by choosing Add Worldview from the View menu (or hitting Ctrl-A), and the screen will split horizontally into two views. Type Acme into the text box on the lower view and you will see this: 78 78 79 79 [[Image(acme.png)]] 80 80 81 The lower view shows only credentials controlled by the Acme principal. The red role depends on a role outside Acme's control ( WarnerBros.character), so in the Acme view, the derived (dotted) connection for the Coyote to the red role cannot be deduced.81 The lower view shows only credentials controlled by the Acme principal. The red role depends on a role outside Acme's control (!WarnerBros.character), so in the Acme view, the derived (dotted) connection for the Coyote to the red role cannot be deduced. 82 82 83 83 Worldviews are simply filtered views of all the known credentials, and you may add as many as you need. … … 85 85 === Editing Credential Graphs === 86 86 87 Editing credential graphs is fairly straightforward. When editing, crudge create d any missing but implied roles and principals, and credentials can be assigned by drawing arcs between nodes. For example, clear the current credentials by choosing "New" from the "File" menu, and then left click on the empty graph. A menu with an "Add Vertexentry will appear. Entering "test.a & test.b" and hit enter, will cause 4 nodes to appear in the graph (after a short wait).87 Editing credential graphs is fairly straightforward. When editing, crudge creates any missing but implied roles and principals, and credentials can be assigned by drawing arcs between nodes. For example, clear the current credentials by choosing "New" from the "File" menu, and then left click on the empty graph. A menu with an "Add Vertex" entry will appear. Entering "test.a & test.b" and hit enter, will cause 4 nodes to appear in the graph (after a short wait). 88 88 89 89 [[Image(edit1.png)]] … … 125 125 126 126 Incoming edges to the red roles can only be created by crudge deducing them, but outgoing edges are allowed and useful. You cannot assign a principal the Bob.a & Bob.b role, but if you assign a principal both Bob.a and Bob.b, crudge fills in the edge as above. 127 128 === Edge Types === 129 130 Edges in a graph represent the following credentials and implications: 131 132 * Solid black edge 133 * A signed credential exists for this edge. 134 * Users can create these by holding the shift key down, pressing the left mouse button and dragging the arrow from one node to another. 135 * Solid red edge 136 * This edge represents a credential, but crudge does not have enough information (e.g. a private key) to create it. The credential cannot be saved other than to an .rt0 file. Those files are described [CrudgeDocs#LoadingCredentialGraphs below]. 137 * Users can create these by holding the shift key down, pressing the left mouse button and dragging the arrow from one node to another. 138 * Light blue edge 139 * Edge selected for inclusion in a subgraph 140 * Users can select edges by clicking on them with the left mouse button. Multiple edges can be selected by holding down Ctrl while clicking 141 * Users can use the "select all edges" button to select all edges from a successful query. 142 * Dashed black edge 143 * This is a deduced edge. It connects a principal to an intersection or linking role. 144 * Users cannot create these directly, but crudge will deduce them. 145 146 127 147 128 148 == Loading Credential Graphs == … … 169 189 Neither of those check boxes are relevant to .rt0 files, because they contain no cryptographic material. 170 190 191 == 192 171 193 == Conclusion == 172 194