Menu
support@authoritypapers.com
+1(805) 568 7317

arizona state university school of computing informatics anddecision systems enginee 5123498

Arizona State University School of Computing, Informatics andDecision Systems Engineering CSE 465 – Spring 2018 Assignment 2DUE: Wednesday, February 21, 2018, 3:00 PM SUBMISSION INSTRUCTIONS:Please submit a single ZIP file containing all of your source code(no executables). In addition, please submit a make file that willcompile, prepare your code for execution, and execute a set of testcases. A sample make file for you to customize, as well as a sampleLinux VM in which your code will be tested, will be available inthe Assignment 2 folder in our class Blackboard site. You areexpected to implement your code from scratch, without resorting toany third-party libraries or APIs. All submissions will be checkedfor plagiarism, and all detected cases will be promptly reported toASU authorities. Please direct any questions or clarificationsregarding this assignment to the discussion forum labeled asAssignment-related Questions within the class Blackboard site. 1.Implementing an RBAC Engine (100 Points). For this assignment, youwill implement an RBAC Engine as it was depicted in class. Yourengine should be able to load a syntactically-correct RBAC policy,that is, it should be able to parse the policy from a text file,store the policy within some internal data structures, and beenable to respond to an authorization request asking if a given usercan be granted or denied a given permission. In addition, yourengine should allow for modifying the loaded policy by adding orremoving permissions, users and roles, and by changing therole-assignment (RA), permission-assignment (PA) and therole-hierarchy (RH) relations as discussed in class. You are freeto implement your RBAC engine using the programming language ofyour choice. However, you are required to implement the commandline interface we discuss next, so we can properly test your engineand we can correctly award you all the points you will deserve foryour hard work. Please be advised that any deviations from theexpected behavior of your code, e.g., it fails to compile orimplement this command line interface correctly, will result invaluable points being deducted from your final assignment grade.Overall, the following commands must be supported: load-policypolicy-file-name Parses a text file identified by policy-file-name,containing an RBAC policy in the format shown in the class slides,and loads it into the internal data structures implemented by yourengine. You should be able to load any policy that implements sucha format, and you can expect all policies to be syntacticallycorrect, that is, there is no need to implement an advanced parserthat can detect and react to formatting issues withinpolicy-file-name. If a given policy has syntax errors, you can justabort execution gracefully. In case the command succeeds or fails,no message must be shown to the screen. show-policy Displays analready-loaded policy into the screen. For simplicity, you can usethe same format as shown in class, or implement your own. If nopolicy has been loaded beforehand, no output will be produced byyour engine. Since this is just an auxiliary command, there is noneed for the format displayed by this command to match exactly theone contained in a text file containing the RBAC policy that wasloaded beforehand. check-permission user-name permission-nameChecks if the permission identified by permission-name, can begranted to the user identified by user-name. If the permission canbe granted, a message of the form: Permission Granted! should beoutputted to the screen. Otherwise, the message Permission Denied!should be shown. Both messages should terminate with a carriagereturn (n). No need to include any extra information in yourresponse message. add-user user-name Adds a user identified byuser-name to a previously-loaded policy. In case the commandsucceeds, or in case the command fails, e.g., no policy has beenloaded, or user-name is already defined in the policy, no messagemust be shown to the screen. remove-user user-name Removes a useridentified by user-name to a previously-loaded policy. In case thecommand succeeds, or in case the command fails, e.g., no policy hasbeen loaded, or user-name was not listed in the policy, no messagemust be shown to the screen. add-role role-name Adds a roleidentified by role-name to a previously-loaded policy. In case thecommand succeeds, or in case the command fails, e.g., no policy hasbeen loaded, or role-name is already defined in the policy, nomessage must be shown to the screen. remove-role role-name Removesa role identified by role-name to a previously-loaded policy. Incase the command succeeds, or in case the command fails, e.g., nopolicy has been loaded, or role-name was not defined in the policy,no message must be shown to the screen. add-permissionpermission-name Adds a permission identified by permission-name toa previously-loaded policy. In case the command succeeds, or incase the command fails, e.g., no policy has been loaded, orpermission-name is already defined in the policy, no message mustbe shown to the screen. remove-permission permission-name Removes apermission identified by permission-name to a previously-loadedpolicy. As with all previous commands, the command should returnquietly, that is, no message must be outputted to the screen if itsucceeds or fails. add-permission-to-role permission-name role-nameAssigns the permission identified by permission-name to the roleidentified by role-name, thus modifying the PA relationconsequently. As with all previous commands, the command shouldreturn quietly, that is, no message must be outputted to the screenif it succeeds or fails. remove-permission-from-rolepermission-name role-name Removes the assignment of the permissionidentified by permission-name to the role identified by role-name,thus modifying the PA relation consequently. In case the commandsucceeds, or in case it fails, e.g., permission-name and role-namewere not related, or one of the two is missing in the policy, nomessage must be shown to the screen. add-role-to-user role-nameuser-name Assigns the role identified by role-name to the useridentified by user-name, thus modifying the RA relationconsequently. As with all previous commands, the command shouldreturn quietly, that is, no message must be outputted to the screenif it succeeds or fails. remove-role-from-user role-name user-nameRemoves the assignment of the role identified by role-name to theuser identified by user-name, thus modifying the RA relationconsequently. As with all previous commands, the command shouldreturn quietly, that is, no message must be outputted to the screenif it succeeds or fails. add-senior-role senior-role-namejunior-role-name Adds the role identified by senior-role-name as asenior role of the role identified by junior-role-name, thusmodifying the RH as a consequence. As with all previous commands,the command should return quietly, that is, no message must beoutputted to the screen if it succeeds or fails. remove-senior-rolesenior-role-name junior-role-name Removes the role identified bysenior-role-name as a senior role of the role identified byjunior-role-name, thus modifying the RH as a consequence. As withall previous commands, the command should return quietly, that is,no message must be outputted to the screen if it succeeds or fails.Sample Command Line Execution The aforementioned commands will beexecuted in sequence, separated by a semicolon, producing a singleoutput to the screen as a result of invoking the checkpermissioncommand at the end. In the following example, a policy calledExampleASU.txt, similar to the one listed in the class slides, isfirst loaded, and a permission on a user called “Josie” is checkednext. Once a response message is shown to the screen, your engineshould terminate quietly. You are expected to parse the sequence ofcommands, separate each command, and execute it subsequently. Also,you should make sure your RBAC Engine can be called by therbacmonitor name in the command line, by properly customizing thesample make file that will be provided in the class Blackboardsite. > rbacmonitor “load-policy Example-ASU.txt;check-permission Josie p1” Permission DENIED! In another example,the sample Example-ASU.txt policy is first loaded, a permission isadded to the Student role, and then the same permission is checkedfor the user “Josie”. The result of executing the command differsfrom the previous example as a resulting of adding a new permissionto the Student role. > rbacmonitor “load-policy Example-ASU.txt;add-permission-torole p1 Student; check-permission Josie p1”Permission GRANTED! . . .

"Order a similar paper and get 15% discount on your first order with us
Use the following coupon
"GET15"

Order Now