|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.iaccess.LogicalLayer.BasicAccessControlAlgorithm
public class BasicAccessControlAlgorithm
Encapsulates the logic level computations. It functions as a wrapper to the DLV solver used as an underlying engine for deduction and abduction reasonings. The configuration file is config_dlv.xml. All computations on the dlv system are taken from the configuration file. Instead of recompilling the file, one can change some of the imput parameters to DLV in the configuration file. For exmaple, from 'cautious' to 'brave' reasoning, as explained in the doDeduction() function.
The class implements the interactive access control algorithm, function computeAccessDecision(), and the stepwise disclosure of missing credentials, function doStepwiseDisclosure().
Improvements on the interactive access control, and, on the complementing it, stepwise disclosure have been done with respect to the published negotiation scheme in the JNSM paper.
The improvements mainly concern the way disclosure policy is treated in order to avoid endless loops. The last may occur if a client declines to present a missing credential that is not part of a solution for a resource, but is part of a fine-grained disclosure control (stepwise computing). For such cases, in the SetUp function we prepare the disclosure policy in a way of not chaining any credential in a head of a rule that belongs to the set of declined credentials. Now, during a stepwise negotiation/computing whenever a client declines to present credentials the access decision will take it into account, i.e., any access decision for a missing set of credentials is computed as all credentials of the missing set are properly chained (by the disclosure policy) without any declined credentials in a chain.
Some more details are given for each of the functions in the class.
ResultOfOperation class is used to interface the results of logic level computations and the negotiation level.
iAccessNegotiation
,
ResultOfOperation
Field Summary | |
---|---|
static boolean |
IsInitialized
|
Constructor Summary | |
---|---|
BasicAccessControlAlgorithm()
|
Method Summary | |
---|---|
ResultOfOperation |
computeAccessDecision()
Implements the interactive access control algorithm. |
ResultOfOperation |
doStepwiseDisclosure(java.util.Vector MissingCreds)
Performs the stepwise computing of missing credentials. |
static void |
LoadConfiguration(java.lang.String configPath,
boolean MinimalityCriterion,
java.lang.String ConfigRootDir,
java.lang.String RootDir,
int os)
Runs only once for all negotiations. |
ResultOfOperation |
SetUp(TRequest Request,
java.lang.String ServiceRequest,
java.util.Vector CP,
java.util.Vector CN,
java.lang.String AnyValueTerm,
long negStartTime)
Use this function before to run computeAccessDecision() and doStewiseDisclosure() functions. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static volatile boolean IsInitialized
Constructor Detail |
---|
public BasicAccessControlAlgorithm()
Method Detail |
---|
public static void LoadConfiguration(java.lang.String configPath, boolean MinimalityCriterion, java.lang.String ConfigRootDir, java.lang.String RootDir, int os) throws java.lang.Exception
java.lang.Exception
public ResultOfOperation SetUp(TRequest Request, java.lang.String ServiceRequest, java.util.Vector CP, java.util.Vector CN, java.lang.String AnyValueTerm, long negStartTime)
public ResultOfOperation doStepwiseDisclosure(java.util.Vector MissingCreds)
The function takes as input a set of missing credentials and returns a next step of credentials (among the missing ones) to be asked to an opponent. Similarly in computing to the immediate consequence operator in logic programming. The disclosure policy (a copy of it) is internally manipulated to disclose a next set of credentials. We use internally negation as failure on a set of credentials to make the computing.
Important, we guarantee that if the disclosure policy is a stratified logic program, the internal transformations preserve the disclosure policy stratified. That is, we use negation as failure on facts internally generated and added to the policy, and preserve the single stable model of the policy.
public ResultOfOperation computeAccessDecision()
1. Deduction: Computes if an access policy together with a set of presented credentials grants a request. It first checks if the access policy is consistent according to the client's presented credentials and then, it checks if the request is in a stable model of the access policy. We use 'cautious' reasoning for computing if the request is in all stable models of the access policy. It is important to note that 'brave' reasoning (consult DLV reasoner for details) my result in inconsistent interactions of missing credentials within a wrong/different stable model of the access policy.
We notice that abduction reasoning of DLV (to be fully confirmed) uses 'brave' reasoning for computing missing sets of credentials, and that's why the access policy is also to be a stratified logic program. In this way you guarantee that abduction and deduction in an interactive access control process will have consistent behavior.
One should experiment of having an access policy with more than one stable models, and a given service which appears in more than one stable models of the access policy but with different credential requirements, if the abduction behaves as expected.
2. Disclosable credentials: Computes the set of disclosable credentials in accordance with the interactive access control algorithm. The function assumes that the disclosure policy is a stratified logic programm, i.e., it has unique stable model. So, the function computeAbducibles() takes ONLY the FIRST stable model of the disclosure policy (union the presented credentials).
3. Abduction: Computes a minimal set of missing credentials. It has an input list of sets of disclosable credentials, BUT , as mentioned, only the first element is actually used. Initially, we wanted to compute a set of missing credentials among more than one sets of disclosable credentials, but it was against the theory, that is, the disclosure policy is to be a stratified logic program and, as such, it has only one stable model -- single set of disclosable credentials.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |