Changes between Version 30 and Version 31 of TIEDABACDemo


Ignore:
Timestamp:
07/13/09 19:07:51 (10 years ago)
Author:
faber@isi.edu
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • TIEDABACDemo

    v30 v31  
    3737== Assigning Attributes to Principals Directly (local GENI administrator) ==
    3838
    39 In order to assign that attribute to a principal using the explorer, one connects the principal representation (an ellipse with that prinicpal's name in it) to the attribute in question.  The following shows the '''BBNAdmin''' principal being assigned the '''GENI.CTFadmin''' attribute.
     39In order to assign that attribute to a principal using the explorer, one connects the principal representation (an ellipse with that prinicpal's name in it) to the attribute in question.  The following shows the BBNAdmin principal being assigned the '''GENI.CTFadmin''' attribute.
    4040
    4141[[Image(example0.png)]]
     
    135135== Overall ==
    136136
    137 A query for principals with ath GENI.CTFaccess query, given the setup above looks like:
     137A query for principals with the GENI.CTFaccess query, given the setup above looks like:
    138138
    139139[[Image(example10.png)]]
     
    165165When faber receives the candidate graph, it can check the signatures of all the credentials and satisfy itself that the graph is well formed.  (It may need to find GENI's or ACM's public key, or the slice may have included them.)  Faber's only credential fits on the graph and establishes a path from faber to the '''GENI.CTFaccess''' credential.  Faber adds the credential to the message and returns it to the slice.  Once the slice confirms the signature, the two parties agree that faber can have access.
    166166
     167The completed graph in that message looks like:
     168
     169[[Image(example16.png)]]
     170
    167171The collaborative process is completely characterized by adding nodes to a graph in a simple manner.  Though the policies experessed by the system are complex, the process of validating any given prinicpal posses an attribute is very simple.
    168172