Changes between Version 2 and Version 3 of TIEDCredentials
- Timestamp:
- 04/18/13 21:00:11 (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
TIEDCredentials
v2 v3 20 20 The only type of GENI credential currently in use is the "privilege" credential. This credential assigns a principal (called the owner) one or more privileges with respect to another principal (called the target). The credential has an implicit issuer, the signer of the credential. The privileges are strings meaningful to the implementation. There is also a bit that allows delegation of the privilege. This section describes how to represent the semantics of the GENI credentials in ABAC statements. Libabac will import a GENI credential into ABAC statements internally and use those statements to make authorization decisions; the AM (relying party) will import the credentials and policy into libabac and ask libabac for the authorization decision. 21 21 22 The AM is trying to prove that the Owner who is asking to exercise a privilege on Target is authorized with respect to the AM. 22 The AM's decision to allow Owner to exercize privilege on Target is expressed in ABAC as asking the prover if Owner has the AM.privilege(Target) attribute. For each Issuer that the AM trusts to authorize privilege(Target) the AM's policy includes the rule: 23 24 {{{ 25 AM.privilege(Target) <- Issuer.privilege(Target) 26 }}} 23 27 24 28 Each GENI credential directly translates into one or more ABAC statements. In the simplest case, each of these statements assigns the owner a privilege with respect to the Target according to the issuer. In ABAC RT1 notation this is … … 26 30 {{{ 27 31 Issuer.privilege(Target) <- Owner 28 }}}29 30 for each privilege in the credential. This can be expressed in [http://groups.geni.net/geni/attachment/wiki/GEC11Authorization/chase-abac-gec11.ppt "RT0 lite"] as:31 32 {{{33 Issuer.privilege_Target <- Owner34 32 }}} 35 33 … … 44 42 45 43 {{{ 46 Issuer.privilege _Target<- Owner47 Issuer.can_delegete_privilege _Target<- Owner44 Issuer.privilege(Target) <- Owner 45 Issuer.can_delegete_privilege(Target) <- Owner 48 46 }}} 49 47 50 An 48 Each AM will include this line in its policy: 51 49 52 50 {{{ 53 Issuer.privilege_Target <- Issuer.can_delegate 51 Issuer.privilege(Target) <- Issuer.can_delegate_privilege(Target).privilege(Target) 52 }}} 54 53 54 That says that AM will treat a statement from a delegator as a statement from the issuer with respect to privilege on target. 55 55 56 When converting a delegated credential into ABAC, both the credential itself and the credential in the parent element are imported using the rules above. This recurses. 57 58 This can be expressed in [http://groups.geni.net/geni/attachment/wiki/GEC11Authorization/chase-abac-gec11.ppt "RT0 lite"]