MACOW Ξ Mandatory Access Control on Open Worlds

PDP Server Description

This distribution contains the PDP entity available on MACOW. This entity is a policy decision point in charge of deciding if an access attempt is authorized or not. The distribution contains the following files inside:

(1) \libs\
(2) \vocabulary\
(3) log4j.properties
(4) pellet.properties
(5) PDPconfig.xml
(6) rules.jena
(7) PDPServer.jar

(1) \libs\ folder contains all the library dependences for the correct PDP server execution.

(2) \vocabulary\ contains the ontologies which has been “buffered” on the server in order to ensure their “found” even in case that the server in which they are available is shutdown. It is worth mentioning that this folder contain CIM ontology used on MACOW.

(3) and (4) There are config files for logging proposed. It just should be on the working directory.

(5) It is the file used to configure PDP server. This files enable to specify the following parameters:

Parameter Default Value Description
PDP_URL_IP localhost This is useful in case the server has more that one IPs. This parameter will specify the IP in which the Service will be accessible. By default localhost.
PDP_URL_PORT 9191 This is the port in which PDP Server will be available.
PIP_SERVICENAME PIPServiceService Fixed
PIP_NAMESPACE http://pip.macow.umu.org/ Fixed
PIP_URL http://localhost:9000/PIPServiceService?wsdl This is the URL which PDP will used to find PIP server Web Service. Bold letters should be changed on production scenarios.
PDP_URL_SERVICENAME PDPServiceService Fixed
SEMANTIC_RULES_PATH ./rules.jena This is the path the semantic rules used to determine the MACOW behaviour.

(6) This file contains all the semantic rules that will determine the MACOW behaviour. In case you want to add some additional functionality on MACOW you could insert new semantic rules on this file.

(7) This is the PDP Server executable file. In order to wake up the service, user just should do double click on this file or write the following line on CMD:

java –jar PDPServer.jar

Additionally, in case you do not want to show any uncomfortable log message, user can specify the following two parameters in order to avoid log messages on screen.

java -Dpellet.configuration=file: pellet.properties -Dlog4j.configuration=file: log4j.properties –jar PDPServer.jar