Changes between Version 6 and Version 7 of AbacTools

Show
Ignore:
Timestamp:
05/16/12 14:43:20 (7 years ago)
Author:
prateek (IP: 152.3.68.8)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • AbacTools

    v6 v7  
    66 
    77The coordinators need to generate ABAC credentials to perform the required operations. ABAC Tools is a set of Java programs to generate and upload ABAC credentials 
     8 
     9Note: Entities are identified by their public key identifier, the SHA-1 hash of of their public key. 
    810 
    911=== CreddyPod === 
     
    3335There is another issue with POD that gets solved with the help of links. In case of POD, a credential can be associated with only one identity: the entity uploading the credential. So, for a credential to be associated with its subject (the one for whom the credential is issued), the subject needs to get the credential from the issuer through some other channel. The way to solve this issue in POD is to make the issuer upload the credential, and then make the subject create a link to the already uploaded credential. 
    3436 
     37The following are the required input parameters 
     38 * Source public key certificate (sourcekey) 
     39 * Source private key (sakey) 
     40 * Source scope, only if the source identifier is scoped (sourcescope) 
     41 * Target public key certificate (targetcert) 
     42 * Target scope, only if target identifier is scoped (targetscope) 
     43 
     44Example:[[BR]] 
     45An Identity Provider issues user role credentials for a user Alice and uploads them scoped to Alice's public key identifier. Alice can associate the same credentials with its own identifier by creating a link to them. 
     46 
     47{{{ 
     48(Alice) -> (IdP, Alice) 
     49}}} 
     50 
     51{{{ 
     52java -cp AbacTools.jar util.PodAddLink --sourcekey credentials/Alice_private.pem --sourcecert credentials/Alice_cert.pem  
     53--targetcert credentials/IdP_cert.pem --targetscope `java -cp AbacTools.jar util.GetPublicKeySha1Hash credentials/Alice_cert.pem` 
     54}}} 
     55 
     56---- 
     57 
     58== Coordinators == 
    3559 
    3660=== Identity Provider ===