| | 84 | [[Image(edit2.png)]] |
| | 85 | |
| | 86 | In addition to drawing the arc from Bob to test.a, crudge has generated an ABAC credential, signed by test, that assigns the test.a role to Bob. If the principal has been loaded from a file or URL (see below) and crudge does not know the principal's private key, it will add a red arc to the graph. That arc will be included in query responses and create implied edges, but it cannot be saved, as crudge does not have the information to create the credential. |
| | 87 | |
| | 88 | Now Connect Bob to the test.b role. |
| | 89 | |
| | 90 | [[Image(edit3.png)]] |
| | 91 | |
| | 92 | Again, crudge has created a credential for this arc (assigning test.b to Bob) and a dashed line has been added from Bob to the "test.a & test.b" role. Because Bob holds both these credentials, Bob has any of the roles predicated on the pair. |
| | 93 | |
| | 94 | To delete an arc, put the mouse pointer over it, and choose "Delete Edge" from the menu (that choice will only appear if the pointer is directly on the edge). When you delete one of these edges, the credential is destroyed and the dashed arc disappears. |
| | 95 | |
| | 96 | You can delete principals in a similar manner. |
| | 97 | |
| | 98 | Node position does not matter, but you are free to move nodes around by dragging them, and the mouse wheel zooms in and out. |
| | 99 | |
| | 100 | === Vertex Types === |
| | 101 | |
| | 102 | When you create a new role by adding a vertex, there are 4 kinds of inputs that create different roles: |
| | 103 | |
| | 104 | * A single name with no dots or ampersands - Bob |
| | 105 | * Creates a principal (blue circle). If the principal did not exist, a new certificate and key pair are created |
| | 106 | * A single name with a single dot - Bob.role |
| | 107 | * Creates a simple role (green rectangle) that the principal before the dot can assign. If no such principal exists, it is created as if the principal name had been typed directly. |
| | 108 | * A single name with two dots - Bob.linker.linked |
| | 109 | * Creates a linking role (red rectangle) that the principal before the first dot can indirectly assign. If the linking role does not exist (the role before the last dot) it is created as above. |
| | 110 | * More than one of the above, linked by ampersands (&) - Bob.a & Bob.b |
| | 111 | * Creates an intersection role (red rectangle). If any of the roles are missing they are created as above. |
| | 112 | |
| | 113 | Incoming edges to the red roles can only be created by crudge deducing them, but outgoing edges are allowed and useful. You cannot assign a principal the Bob.a & Bob.b role, but if you assign a principal both Bob.a and Bob.b, crudge fills in the edge as above. |
| | 114 | |
| | 115 | == Loading Credential Graphs == |
| | 116 | |
| | 117 | Crudge can load ABAC information from several different file formats: |
| | 118 | |
| | 119 | * Individual X.509 certificates that contain either principals (in PEM format) or ABAC credentials (in der format) |
| | 120 | * A directory containing X.509 certificates that contain either principals (in PEM format) or ABAC credentials (in der format) |
| | 121 | * A zip file of X.509 certificates |
| | 122 | * An rt0 file that includes only a description of the credentials, but no principal keys or credentials |
| | 123 | |
| | 124 | The first three are pretty straightforward. The certificates that comprise a real policy or proof can be loaded from those formats and viewed and manipulated directly in crudge. Note that if the principal keypairs are not included, or are not accessible, crudge will not be able to create new certificates signed by those principals. Such credentials can still be reasoned about, but will be drawn in red to indicate that they cannot be exported. |
| | 125 | |
| | 126 | The rt0 format is for simple debugging and testing. It consists of lines of the format: |
| | 127 | {{{ |
| | 128 | Principal.role0 <-- Principal |
| | 129 | Principal.role1 <-- Principal.role0 |
| | 130 | Principal.role2 <-- Principal.role11.role2 |
| | 131 | Principal.role3 <-- Principal.role11 & Principal.role2 |
| | 132 | }}} |
| | 133 | |
| | 134 | The "Principal" and "rolen" in that description can be replaced with any named that do not contain dots or ampersands. Rt0 format is a textual encoding of RT0 rules. |
| | 135 | |
| | 136 | To load any of these from the local file system, choose "Open File" or "Append File" from the File menu and choose the file or directory name. Append file does not clear the existing credentials from the displayed graph. If a file is appended that has the same principal name as one in the current graph, but that principal has a different keypair, crudge will assign the new principal a different name in the current display. |
| | 137 | |
| | 138 | Zip files and rt0 files can also be loaded from URLs. The "Open URL" and Append URL" choices in the File menu accomplish this. |
| | 139 | |
