secpal Forum Rss Feed

New Post: Why datalog with constraints?

cguino — Tue, 19 Jan 2010 23:41:42 GMT

Thank you very much! That was what kind of what I thought.

Thanks again.

Claudia

New Post: Why datalog with constraints?

jasonhogg — Tue, 12 Jan 2010 23:46:53 GMT

Wrt why Datalog vs Prolog, Datalog gives us deterministic and efficient query evaluation. Wrt why Datalog, it also helps with some of the complex recursive queries necessary to solve complex constrained delegation rules - amongst other things.

Jason

New Post: Why datalog with constraints?

cguino — Thu, 10 Dec 2009 20:26:00 GMT

Hi, I want to understand just why. Mostly the need for doing so or the benefits that it has. I suppose you don´t use Prolog because of the functions on the head (and other reasons? ).

Thank you!!

New Post: Why datalog with constraints?

jasonhogg — Thu, 10 Dec 2009 18:01:34 GMT

Do you mean why the need for Datalog or why not use a more advanced inference engine such as Prolog?

New Post: Why datalog with constraints?

cguino — Tue, 24 Nov 2009 01:20:14 GMT

I am studying SecPAL and other security languages for distributed systems. I have tried to guess why do they use Datalog for a start point but I couldn´t find out some paper or study that fundaments my ideas. Does anybody knows or guesses why is it?

Thank you very much for your help!

New Post: Sample Parser for SecPAL Simplified English Grammar Now Available!

jasonhogg — Sun, 27 Sep 2009 21:54:44 GMT

Hi Apurva -

I have posted an update of the parser that works on the latest version of F#. Although, looking at your issue again I think you might just be missing a path statement pointing to the bin directory of your F# implementation... I think the intro docs covered a lot of that stuff. Let me know how you went.

Jason

New Post: SecPAL Parser Updated for VS2008 and F#1.9.6.16

jasonhogg — Sat, 26 Sep 2009 22:26:59 GMT

I finally got around to updating the SecPAL Parser to run on the latest version of Visual Studio and F#. Development experience should be much cleaner now because F# is far better integrated into VS. If you run into any problems please post a note or drop me an email.

Enjoy

Jason Hogg

jahogg@microsoft.com

New Post: SecPAL Parser Updated for VS2008 and F#1.9.6.16

jasonhogg — Sat, 26 Sep 2009 22:26:59 GMT

Enjoy

Jason Hogg

jahogg@microsoft.com

New Post: Sample Parser for SecPAL Simplified English Grammar Now Available!

appu — Thu, 29 Jan 2009 18:56:52 GMT

Thanks for the reply. I got involved in other things and could not follow up on that. As I am a newbie in Secpal, I think your solution (1) will be most suitable. I will try to look into solution (2).

I will update you when I make some progress.

thanks again,
Apurva

New Post: Sample Parser for SecPAL Simplified English Grammar Now Available!

jasonhogg — Wed, 17 Dec 2008 03:44:40 GMT

Unfortunately I think the version of the SecPAL parser that is posted here is not compatible with the latest version of F#. So you can do one of three things.
1. Find the same version of F# that we used. I think it is stated in the docs.
2. If you have the time it would be great if you could update the parser to work with the latest version of F# and I will add you as a contributor and you can post the updates to share with everyone else
3. Or there is a slight chance that I could take a look at this over Christmas - but it is just a slight chance...

Jason

New Post: Sample Parser for SecPAL Simplified English Grammar Now Available!

appu — Tue, 09 Dec 2008 22:20:10 GMT

Hello, I am evaluating SecPAL for possible implementation of an authorization module for a trust management system as part of my PhD research. I am trying to setup the environment and I am getting an error while trying to build the parser. I am copying the output of the command line below. Any help in solving this issue and building the parser will be appreciated.
----------------------------------------------------------------------------------------------------------------------------------------------------------
Build the sample...
compiling to dfas (can take a while...)
117 states
writing output
building tables
computing first function...time: 00:00:00.0991109
building kernels...time: 00:00:00.1091141
building kernel table...time: 00:00:00.0184146
computing lookahead relations...................................................................................................................time: 00:00:00.0665690
building lookahead table...time: 00:00:00.0348494
building action table...time: 00:00:00.0508581
building goto table...time: 00:00:00.0082940
returning tables.
112 states
19 nonterminals
34 terminals
50 productions
#rows in action table: 112
PREBUILDSTEP for LexAndYacc Project FAILED
----------------------------------------------------------------------------------------------------------------------------------------------------------

I have SecPAL 1.1, Visual Studio and F# installed. I also tried running the three additional files separately but I get an error when I try to check whether the environment variable was configured correctly. I am sure that I am setting the variable correctly but when I type “fsc /?”, “fslex –help”, “fsyacc –help” on the command line, I get the error saying - '"fsc /?"' is not recognized as an internal or external command, operable program or batch file.

I would appreciate any help in this regard.

Thanks,
Apurva Mohan

NEW POST: Sample Parser for SecPAL Simplified English Grammar Now Available!

jasonhogg — Sun, 26 Aug 2007 21:16:53 GMT

One of the great strengths of SecPAL is its unique support for multiple representations of a security policy; XML for interoperability; and a simplified English grammar for human readbility. The SecPAL v1.1 Research Release (available from http://research.microsoft.com/projects/secpal) allows SecPAL assertions to be created using the rich and flexible.NET object model or deserialized from (or serialized into XML) XML according to the SecPAL Schema Specification.

This sample includes a parser that allows SecPAL policies and authorization queries to be specified using a simplified English Grammar and then translated into the SecPAL object model. This allows policies to be specified declaratively in a human readable form. Full source code is included. The parser is written using F# and the Lexx and Yacc tools that accompany F#.

Use this thread as a starting point in case you have any questions / suggestions...

Available from here: http://www.codeplex.com/secpal/Release/ProjectReleases.aspx?ReleaseId=6667

NEW POST: Use of the RSACryptoServiceProvider in our Samples

jasonhogg — Fri, 27 Jul 2007 19:59:04 GMT

I have had a couple of people ask about how our use of the KeyHolderPrincipal works in the SecPAL samples. Our samples use code similar to this for creating KeyHolderPrincipals:
private static KeyHolderPrincipal userPrincipal =
new KeyHolderPrincipal(new RSACryptoServiceProvider(), "K-User");

In this case the .NET Framework gives you a randomly-generated key pair in a random (and transient) key container. But if you provide a key container name then the .NET Framework will access the key that’s present in the container (and if the container doesn’t exist it’ll create it and randomly generate a persistent key in that container for you). I have included a code sample below that shows how to create and persist a key. As a side note, the CspParameters class also allows a provider to be specified, which could allow you to access keys stored on a smart card or in a crypto hardware module (etc).

using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography;

namespace RSATest
class Program
{
static void Main(string[] args)
{

string publicKey = InitializeKey();
Console.WriteLine("The RSA key {0} was persisted in the container JasonsTest.", publicKey);
Console.WriteLine(publicKey);
// LOGOFF / REBOOT / etc
LoadKey(publicKey);
Console.ReadLine();
}

private static string InitializeKey()
{
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = "JasonsTest";
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);
string publicKey = RSAalg.ToXmlString(false);
return publicKey;
}

private static void LoadKey(string publicKey)
{
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = "JasonsTest";
RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider(cspParams);
rsaCSP.FromXmlString(publicKey);
publicKey = rsaCSP.ToXmlString(false);
Console.WriteLine("Key {0} was read successfully", publicKey);
}
}
}

NEW POST: SecPAL QueryEditor

Lon28Wall — Thu, 21 Jun 2007 19:56:10 GMT

We've just added a QueryEditor to the Releases section that demonstrates how to use the SecPAL authorization engine. The QueryEditor is deployed as a Visual Studio 2005 project with full source code.

The QueryEditor allows you to create authorization policies and examine how policies are created using the Microsoft.Research.SecPal assembly. The QueryEditor will also load Sample Authorization Scenarios that are included with the SecPal Research Release.

Download the QueryEditor today and give it a try. If you have any questions or issues with this release please use this discussion to provide feedback.

Thanks!

NEW POST: Where do I download SecPAL from?

jasonhogg — Fri, 15 Jun 2007 20:17:20 GMT

This site is intended to help support people evaluating SecPAL. The .NET implementation of SecPAL and associated design papers can be found at our main research site http://research.microsoft.com/projects/secpal/.

The releases section does not currently contain anything to download, but hopefully in the next couple of days Lonnie is going to post source code for a query editor that I think people will find very interesting...

NEW POST: SecPAL v1.1 Is Now Available!

jasonhogg — Wed, 13 Jun 2007 23:37:29 GMT

We have just released a point release of SecPAL which you should definitely take a look at. In addition to a couple of minor bug fixes there are two features that we think you will be interested in:

We have implemented a new grammar which makes it much simpler to understand conditions and constriants within policies
The graphical proof graph viewer now works from within the audit log viewer

If you do already have SecPAL v1.0 installed you should ensure you remove the first version before you try to install the new version. More information is available here: http://www.codeplex.com/secpal/Wiki/View.aspx?title=Installingv1.1&referringTitle=ResearchRelease1.1.

For a complete description of what is new take a look at http://www.codeplex.com/secpal/Wiki/View.aspx?title=SecPALv1.1Summary.

NEW POST: Writing to the Audit Log

jasonhogg — Fri, 08 Jun 2007 17:02:59 GMT

We have had a couple of questions about writing to the audit log using SecPAL's audit logging capability - so I figured I would summarize how this capability works - including how to view the audit log using the audit log viewer.

#1 AuditLogSample - The best place to start is by running the sample called "AuditLogScenario". This sample includes the following audit rule within an audit policy. This rule specifies that all requests based on an ActionVern of "read" should be written to the audit log when a successful authorization decision occurs. The audit log should also incorporate the proof and the authorization context that was used to support the authorization claim.

{"
auditRules.Add(
new AuditRule(
new ProofTarget[] {
new ProofTarget(
ActionVerbs.read,
new Resource(
ResourceType.digitalContent,
new Uri("file:///public/"))) },
1 /* eventId */,
AuditAction.log,
EventType.success,
true /* includeProof */,
true /* includeContext */));

policies.Add(
new Policy(
new PrincipalIssuer(new LocalAuthorityPrincipal()),
claims,
auditRules,
null /* authorizationQueryTemplate */,
null /* description */ ));
"}

#2 Viewing the Audit Logs - Once you have run this sample (or modified your code, or any of our other samples to include a policy similar to above) you are then ready to take a look at the audit logs. You can do this by looking at the XML file yourself - but noone likes looking at XML - so we have included a tool for doing this. Click on the start menu / programs / secpal / and run the audit log viewer. This tool will now allow you to see all the audit entries that have been logged. Plus for each audit entry you can see:

The SecPAL statements that were actually evaluated vs all the SecPAL statements that were in the AC
A hierarchical view of the proof graph that lead to an authorization decision
A graphical view of the proof graph (see below)
A translation of your SecPAL into Datalog (as per our formal model)

#3 Using the Graphical Proof Graph Viewer (1) - This is one of the hidden secrets and in my opinion one of the coolest features in the Audit log viewer. To use the graphical proof graph viewer you must: click on the Answers tab for an audit record you are interesed in seeing. Expand the Answers root node until you see the child (or children) of the "Proof" node. Right click on any of the children of the proof node and select view proof graph. You will then get a graphical representation of the deduction process that lead to your authorization decision being granted.

#4 Where are the audit logs stored? - On Vista the logs will be stored inside C:\Users\YOURNAME\AppData\Roaming\Microsoft\SecurityPolicyStore, whereas on earlier versions of Windows the logs will be stored in C:\Documents and Settings\YOURNAME\Application Data\Microsoft\SecurityPolicyStore. Note that the audit log viewer is currently a little sensitive to changes in the schema, so you are probably best not to modify the file, especially the actual schema.

(1) - Note - The initial release of our bits does have a bug using the Graphical Proof Graph Viewer - so until around June 18th (at which time we hope to have released a minor point release to SecPAL) assume this capability will not work. I

NEW POST: SecPAL Related Research

wasson — Fri, 18 May 2007 18:08:42 GMT

The University of Virginia Grid Computing Group http://www.cs.virginia.edu/~humphrey/GCG/ is working on a couple of projects using SecPAL. The first is an integration of SecPAL with GridFTP, the common grid file transfer service. You can read about this project here http://www.cs.virginia.edu/~humphrey/papers/GridFTP_SecPAL_2007.pdf. The second project is to use SecPAL for survivable grids, that is grids which reconfigure themselves to handle changing system priorities or disruptions in the underlying resource fabric. In essence, SecPAL is used to allow different virtual organizations (VOs) to control access to the resources they manage to support dynamically changing privileges for applications and/or users. You can read about the status of this project here http://www.cs.virginia.edu/~gsw2c/research/sc07_wasson.pdf.

NEW POST: SecPAL Related Research

jasonhogg — Tue, 15 May 2007 12:26:45 GMT

Use this section to let other researchers know what research you are working on with SecPAL. Feel free to include offsite references or pointers to blogs etc.

NEW POST: FactQualifiers and Constraints

jasonhogg — Wed, 14 Mar 2007 16:23:04 GMT

One point of confusion that we see time and time again is with regard to the difference between FactQualifiers and Constraints. In particular people tend to assume that because information has been specified in the FactQualifier for a Fact that this information will automatically be enforced by policy. This is not the case. A Fact may contain a FactQualifier that describes the context within which the assertor intended the fact to be applicable. Unlike a Constraint or a Condition, a FactQualifier has no special impact on the evaluation of a query. So if you want your policy to ensure that certain properties relating to the fact qualifiers are true, they you must ensure your policies specify constraints that verify values of the fact qualifiers.

For example, the following claim specifies a FactQualifier that implies the posssession fact should only be trusted for the month of December, which on first site leads many people to believe that the policy would automagically enforce this behavior. This is not the case.

                claims.Add(
                    new Claim(
                        new PossessFact(
                            userPrincipal,
                            new SecPalAttribute(
                                AttributeType.rfc822Name,
                                "Joe@fabrikam.com"),
                            new FactQualifier(
                                new DateTime(DateTime.UtcNow.Year, 12, 1),
                                new DateTime(DateTime.UtcNow.Year, 12, 31),
                                null,
                                TimeSpan.MaxValue))));

The following policy does not have any constraints specified on these FactQualifiers, hence this Claim would evalaute to True at any time of the year.

                claims.Add(
                    new Claim(
                        new CanSayFact(
                            this.stsPrincipal,
                            new PossessFact(
                                new PrincipalVariable("p"),
                                new AttributeVariable("a"),
                                new FactQualifier(
                                    new DateTimeVariable("t1"),
                                    new DateTimeVariable("t2"),
                                    new LocationPatternVariable("f"),
                                    new DurationVariable("ts")))),
                        new Constraint[] {}));

However, if you modify the policy to include a constraint similar to this the the values in the FactQualifier will be verified.

                            new DurationConstraint(
                                "t1", "t2", new TimeSpan(366, 0, 0, 0)),
                            new TemporalConstraint("t1", "t2"),
                            new AttributeMatchConstraint(
                                "a",
                                AttributeType.rfc822Name,
                                @".*@fabrikam\.com")

Samples extracts are from the AttributeScenario in the samples, so feel free to modify the samples to prove this for yourself.