[8780cbec] | 1 | ABAC Demo Distribution README |
---|
| 2 | $Date: 2003/07/16 16:26:48 $ |
---|
| 3 | |
---|
| 4 | documents - contains papers and presentations relating to ABAC. |
---|
| 5 | |
---|
| 6 | rbtm - contains java source for a credential management system which is used by |
---|
| 7 | the by the ABAC packages. This code base was originally developed at |
---|
| 8 | Stanford University with modifications made at Network Associates |
---|
| 9 | Laboratories. For more information, see the automatically generated |
---|
| 10 | documentation (javadoc) in the docs directory. |
---|
| 11 | |
---|
| 12 | * IntersectionProofNode currently only supports backward searching. |
---|
| 13 | Forward searching is need for a complete implementation of |
---|
| 14 | distributed discovery. |
---|
| 15 | |
---|
| 16 | ttg -+ contains java source code for the the ABAC packages. This code base |
---|
| 17 | | was developed at Network Associates Laboratories. |
---|
| 18 | | |
---|
| 19 | +-- docs - automatically generated javadoc html goes here. |
---|
| 20 | | |
---|
| 21 | +-- test - contains launch script and *.txt configuration files. |
---|
| 22 | | | Configuration files are grouped into different scenarios and |
---|
| 23 | | | may also contains scripts "go*" or test to launch a test. |
---|
| 24 | | | |
---|
| 25 | | +-- simple - simple Swedish and EPub (e-commerce) scenarios |
---|
| 26 | | | |
---|
| 27 | | +-- failed - examples of failure cases |
---|
| 28 | | | |
---|
| 29 | | +-- intersect - simple policies extended to include intersections |
---|
| 30 | | | |
---|
| 31 | | +-- linked - intersection policies extended to included linked |
---|
| 32 | | | roles with and without linking goals. |
---|
| 33 | | | |
---|
| 34 | | +-- heuristic_strategy - two scenarios: sweden1 and usdod, each |
---|
| 35 | | | are designed to exercise the heuristic, |
---|
| 36 | | | stingy strategy (see below) |
---|
| 37 | | | |
---|
| 38 | | +-- rtml - examples similar to linked above which incorporate RTML |
---|
| 39 | | credential stores and distributed discovery of RTML |
---|
| 40 | | credentials using distributed disovery |
---|
| 41 | | |
---|
| 42 | +-- demo - tomcat servlet source code and configuration and distributed |
---|
| 43 | | discovery servlet which allows access to the discovery service. |
---|
| 44 | | |
---|
| 45 | +-- INSTALL - installation notes for building and installing the demo |
---|
| 46 | |
---|
| 47 | atnvis -+ contains the visualization package in atnvis.jar (also relies on |
---|
| 48 | | grappa.jar from AT&T Research which is available at |
---|
| 49 | | http://www.research.att.com/~john/Grappa/ ) |
---|
| 50 | | |
---|
| 51 | +- demo - the demo configuration (*.prop) files generated from the |
---|
| 52 | | TestEngine class. |
---|
| 53 | | |
---|
| 54 | +- graphviz - the grappa java packages rely on GraphViz. Windows and |
---|
| 55 | | Linux binaries are included for convenience. Grappa and |
---|
| 56 | | GraphViz are licensed identically. Please see the README |
---|
| 57 | | file in this directory for more information. |
---|
| 58 | | |
---|
| 59 | +- strategy_comparison - visualization results for using various |
---|
| 60 | strategies in the same scenario (USSH vs |
---|
| 61 | SAdmir). |
---|
| 62 | |
---|
| 63 | |
---|
| 64 | Strategy Configuration |
---|
| 65 | ====================== |
---|
| 66 | |
---|
| 67 | The test engine supplied with this package can be easily configured with text |
---|
| 68 | files. The [Strategy] section has several configurable parameters; for example, |
---|
| 69 | add this on a single line "type=default". Note the left hand side parameter |
---|
| 70 | should be all lower case. |
---|
| 71 | |
---|
| 72 | type - set the type of strategy to use: "default" or "stingy", where the |
---|
| 73 | the default is a breadth first search. Stingy refer to the |
---|
| 74 | history-based, heuristic strategy. The remaining parameter types |
---|
| 75 | are only useful when the "stingy" strategy is selected. |
---|
| 76 | |
---|
| 77 | weightFile - a file name for loading and storing the weights used in the |
---|
| 78 | stingy strategy's algorithm. |
---|
| 79 | |
---|
| 80 | init - a single-precision floating point number for the initial value of |
---|
| 81 | new weights. |
---|
| 82 | |
---|
| 83 | sat - a single-precision floating point number to which a role's weight |
---|
| 84 | is set if the role is contained in a target that is satisfied at the |
---|
| 85 | end of a negotiation. |
---|
| 86 | |
---|
| 87 | training - "true" or "false" to tell the stingy strategy whether to |
---|
| 88 | save the set of weights generated by the current negotiation |
---|