Scenario & Sequence Diagram: Difference between revisions

From UNamur InfoSec
Jump to navigation Jump to search
 
(7 intermediate revisions by the same user not shown)
Line 48: Line 48:
== Policy Expression in XACML ==
== Policy Expression in XACML ==


*Policy 1
*Policy 1 : Turn on light when it is dark
  <?xml version="1.0" encoding="UTF-8" standalone="no"?><Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyId="policy-8" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides" xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os        access_control-xacml-2.0-policy-schema-os.xsd">
  <?xml version="1.0" encoding="UTF-8" standalone="no"?><Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyId="policy-8" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides" xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os        access_control-xacml-2.0-policy-schema-os.xsd">
     <Description>Turn On LED When It Is Dark</Description>
     <Description>Turn On LED When It Is Dark</Description>
Line 82: Line 82:
             </Actions>
             </Actions>
         </Target>
         </Target>
         <Condition>
         <Condition><Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
  <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
  <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
  <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
    <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
  <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
    <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:1122334455667722-id"  
<EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:1122334455667722-id"  
 
   DataType="http://www.w3.org/2001/XMLSchema#string"/>
   DataType="http://www.w3.org/2001/XMLSchema#string"/>
  </Apply>
    </Apply>
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">dark</AttributeValue>
    <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">dark</AttributeValue>
  </Apply>
      </Apply>
             </Apply>
             </Apply>
           </Condition>
           </Condition>
     </Rule>
     </Rule>
*Policy 2 : Turn on light when it is dark and I am at home
<?xml version="1.0" encoding="UTF-8" standalone="no"?><Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyId="policy-9" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-
overrides" xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os        access_control-xacml-2.0-policy-schema-os.xsd">
    <Description>Turn on light when it is dark and I am at home</Description>
    <Target/>
    <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:any-rule-id:rule">
        <Description>
            any-rule-description
        </Description>
        <Target>
            <Subjects>
                <Subject>
                    <SubjectMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">user1</AttributeValue>
                        <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                    </SubjectMatch>
                </Subject>
            </Subjects>
            <Resources>
                <Resource>
                    <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">70B3D5499C2163D2</AttributeValue>
                        <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                    </ResourceMatch>
                </Resource>
            </Resources>
            <Actions>
                <Action>
                    <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TurnOn</AttributeValue>
                        <ActionAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                    </ActionMatch>
                </Action>
            </Actions>
        </Target>
        <Condition>
                  <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
            <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                                        <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
                                            <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:1122334455667722-id"
DataType="http://www.w3.org/2001/XMLSchema#string"/>
                                        </Apply>
                                        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">dark</AttributeValue>
                                    </Apply><Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                                <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
                                    <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:user-id"
DataType="http://www.w3.org/2001/XMLSchema#string"/>
                                </Apply>
                                <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">user1</AttributeValue>
                                </Apply>
          </Apply>
        </Condition>
    </Rule>

Latest revision as of 10:09, 3 May 2017

Scenario 1

The lamp will be turn on when there is no light or light intensity goes down below visibility or turn off when there is sufficient light with the condition that the home owner is at home.

  • i. Sensors: light detection sensor, identity sensor
  • ii. Actuators: electricity supply regulator
  • iii. Device (Object): lamp

It is worth noting that the below sequence diagram for scenario 1 is based on the IOTs system modelling in https://doc.info.fundp.ac.be/mediawiki/index.php/IoT-infrastructure-modelling

New Scenario 1 (1).png

Scenario 2

User requests to turn-on or turn-off light or other devices through client application.

  • ii. Actuators: electricity supply regulator
  • iii. Device (Object): lamp (other devices)

It is worth noting that the below sequence diagram for scenario 1 is based on the IOTs system modelling in https://doc.info.fundp.ac.be/mediawiki/index.php/IoT-infrastructure-modelling

New Scenario 2 (2).png

Scenario 3

When movement sensor detects moving object, the CCTV is turn-on and the alarm message is sent to user through client application.

  • i. Sensors: movement sensor
  • ii. Actuators: electricity supply regulator
  • iii. Device (Object): CCTV

It is worth noting that the below sequence diagram for scenario 1 is based on the IOTs system modelling in https://doc.info.fundp.ac.be/mediawiki/index.php/IoT-infrastructure-modelling

New Scenario 3.png

Scenario 4

When smoke sensor detects smoke and the temperature sensor detects unusual temperature raised, the alarm message is sent to user through client application.

  • i. Sensors: smoke detector and temperature sensor

It is worth noting that the below sequence diagram for scenario 1 is based on the IOTs system modelling in https://doc.info.fundp.ac.be/mediawiki/index.php/IoT-infrastructure-modelling

New Scenario 4.png

Scenario 5

New Scenario 5.png

Scenario 6

New Scenario 6.png

Policy Expression in XACML

  • Policy 1 : Turn on light when it is dark
<?xml version="1.0" encoding="UTF-8" standalone="no"?><Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyId="policy-8" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides" xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os         access_control-xacml-2.0-policy-schema-os.xsd">
   <Description>Turn On LED When It Is Dark</Description>
   <Target/>
   <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:any-rule-id:rule">
       <Description>
           any-rule-description
       </Description>
       <Target>
           <Subjects>
               <Subject>
                   <SubjectMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">user1</AttributeValue>
                       <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                   </SubjectMatch>
               </Subject>
           </Subjects>
           <Resources>
               <Resource>
                   <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1122334455667711</AttributeValue>
                       <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                   </ResourceMatch>
               </Resource>
           </Resources>
           <Actions>
               <Action>
                   <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TurnOn</AttributeValue>
                       <ActionAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                   </ActionMatch>
               </Action>
           </Actions>
       </Target>
        <Condition><Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
	   <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
	     <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
	     <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:1122334455667722-id" 
  DataType="http://www.w3.org/2001/XMLSchema#string"/>
	     </Apply>
	     <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">dark</AttributeValue>
 	     </Apply>
            </Apply>
         </Condition>
   </Rule>
  • Policy 2 : Turn on light when it is dark and I am at home
<?xml version="1.0" encoding="UTF-8" standalone="no"?><Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyId="policy-9" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-
overrides" xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os         access_control-xacml-2.0-policy-schema-os.xsd">
   <Description>Turn on light when it is dark and I am at home</Description>
   <Target/>
   <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:any-rule-id:rule">
       <Description>
           any-rule-description
       </Description>
       <Target>
           <Subjects>
               <Subject>
                   <SubjectMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">user1</AttributeValue>
                       <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                   </SubjectMatch>
               </Subject>
           </Subjects>
           <Resources>
               <Resource>
                   <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">70B3D5499C2163D2</AttributeValue>
                       <ResourceAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                   </ResourceMatch>
               </Resource>
           </Resources>
           <Actions>
               <Action>
                   <ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TurnOn</AttributeValue>
                       <ActionAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
                   </ActionMatch>
               </Action>
            </Actions>
        </Target>
        <Condition>
                 <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
            <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                                        <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
                                            <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:1122334455667722-id" 
DataType="http://www.w3.org/2001/XMLSchema#string"/>
                                        </Apply>
                                        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">dark</AttributeValue>
                                    </Apply><Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                                <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
                                    <EnvironmentAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:user-id" 
DataType="http://www.w3.org/2001/XMLSchema#string"/>
                                </Apply>
                                <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">user1</AttributeValue>
                                </Apply>
         </Apply>
        </Condition>
    </Rule>