Changes between Version 22 and Version 23 of WikiStart


Ignore:
Timestamp:
Sep 30, 2013 11:46:11 PM (11 years ago)
Author:
Mei
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • WikiStart

    v22 v23  
    77If you are new to ABAC, you may find the [http://groups.geni.net/geni/wiki/TIEDABACModel introductory material] from our [http://groups.geni.net/geni/wiki/TIED TIED project] helpful.  That material summarizes the power and semantics of ABAC and links to [http://groups.geni.net/geni/wiki/TIEDABACDemo examples of ABAC policy] illustrated using an early example of [CrudgeDocs the Crudge ABAC policy browser].
    88
    9 The latest ABAC RT0 version is [http://abac.deterlab.net/src/abac-0.1.5.tar.gz ABAC 0.1.5] ([http://abac.deterlab.net/src/abac-0.1.5.tar.gz.asc signature]).
     9The latest ABAC RT0 version is [http://abac.deterlab.net/src/abac-0.1.6.tar.gz ABAC 0.1.6] ([http://abac.deterlab.net/src/abac-0.1.6.tar.gz.asc signature]).
     10
     11Debian packages
     12  * [http://abac.deterlab.net/src/abac-0.1.6_0.1.6-1_amd64.deb Ubuntu12-amd64]
     13  * [http://abac.deterlab.net/src/abac-0.1.6_0.1.6-1_i386.deb Ubuntu10-i386]
     14RPM packages
     15  * [http://abac.deterlab.net/src/abac-0.1.6-1.el6.x86_64.rpm CentoOS6-x86_64]
     16  * [http://abac.deterlab.net/src/abac-0.1.6-1.i386.rpm CentoOS5-i386]
    1017
    1118== What's Included ==
     
    6875=== Installation ===
    6976
    70 Then get the [http://abac.deterlab.net/src/abac-0.1.5.tar.gz source], untar it, change to the {{{abac-0.1.5}}} directory and do the standard install sequence:
     77Then get the [http://abac.deterlab.net/src/abac-0.1.6.tar.gz source], untar it, change to the {{{abac-0.1.6}}} directory and do the standard install sequence:
    7178
    7279{{{
     
    8794=== Tracking Development ===
    8895
    89 Current released [http://abac.deterlab.net/src/abac-0.1.5.tar.gz source] [http://abac.deterlab.net/src/abac-0.1.5.tar.gz.asc signature]
     96Current released [http://abac.deterlab.net/src/abac-0.1.6.tar.gz source] [http://abac.deterlab.net/src/abac-0.1.6.tar.gz.asc signature]
    9097
    9198If you would like to track the libabac development, you can pull code from out publically available git repository:
     
    100107
    101108See the [source:/doc/ChangeLog ChangeLog] for details about each release
     109 * 2013-10-04: ABAC 0.1.6 released
    102110 * 2013-07-17: ABAC 0.1.5 released
    103111 * 2013-05-20: ABAC 0.1.4 released
     
    114122Libabac allows developers to import signed ABAC statements about principals and attributes and prove that certain principals have those attributes ([http://groups.geni.net/geni/wiki/TIEDABACModel more detail about ABAC logic]).  The basic structures that libabac uses to support those operations are identities, attributes, and a context for those.
    115123
    116 The [/browser/doc/API?tag=0.1.5 API document] lists all the interfaces to the library, but this section is intended to impart some meaning to the various structures.  The java interface is slightly different in detail, but uses the same constructs.  These examples use python so that the interested user can basically type along with the descriptions.
     124The [/browser/doc/API?tag=0.1.6 API document] lists all the interfaces to the library, but this section is intended to impart some meaning to the various structures.  The java interface is slightly different in detail, but uses the same constructs.  These examples use python so that the interested user can basically type along with the descriptions.
    117125
    118126Our native java implementation, [JavaSupport jabac] follows the same API, but differs in some details.  Full [http://abac.deterlab.net/javadoc/index.html javadocs] are available for jabac, and the examples below are easily translated into that interface.
     
    276284=== Credentials and Roles ===
    277285
    278 Credentials are the abstraction of ABAC statements and Roles are the abstraction of the terms of an ABAC statement.  A Credential is made up of two Roles, a head and a tail that make the two sides of the ABAC statement.  There are a set of  accessors to parse the contents of a role, described in the [/browser/doc/API?tag=0.1.5 API docs], and roles are primarily of interest in printing and exploring the proof.
     286Credentials are the abstraction of ABAC statements and Roles are the abstraction of the terms of an ABAC statement.  A Credential is made up of two Roles, a head and a tail that make the two sides of the ABAC statement.  There are a set of  accessors to parse the contents of a role, described in the [/browser/doc/API?tag=0.1.6 API docs], and roles are primarily of interest in printing and exploring the proof.
    279287
    280288Credentials are useful in communicating proof contents outside the program.  In addition to {{{head}}} and {{{tail}}} accessors that access the Roles, a Credential has a {{{attribute_cert()}}} method that returns the exportable content of the assertion and an {{{issuer_cert()}}} that returns the issuer's X.509 certificate (sans private key).  These outputs are chunks, useful for writing to files or importing into other contexts.  The following code prints the proof of our earlier successful question and saves it to files.  This is not exemplary python file handling, but the point is to see the accessors:
     
    297305== Next Steps ==
    298306
    299 In addition to the [/browser/doc/API?tag=0.1.5 API description] the code for the [CredPrinterDocs credential printer] is [/browser/cred_printer available].  It is a fairly complete example of using python and libabac.
     307In addition to the [/browser/doc/API?tag=0.1.6 API description] the code for the [CredPrinterDocs credential printer] is [/browser/cred_printer available].  It is a fairly complete example of using python and libabac.
    300308
    301309There are [NewStuff new features] being worked on in the git repository.