Tree: ACL
From RFID Wiki
[edit] ACL
The Guardian's operation is controlled via an Access Control List. The ACL has a number of components:
- tags
- tag sets (e.g. ownership list)
- roles
- readers: a reader proves its role membership using well-known crypto techniques
- contexts: allows the user to select the ruleset appropriate to the current situation
- rules: rules are expressed in terms of:
- role
- context
- current RFID query
The grammar for the ACL is given in ~MRG/src/acl/parse/grammar.g. ToDo: make an informal, documented version of the grammar (a la JavaDocs?).
Operation: an ACL is selected by specifying a directory that contains files that define tags/tag sets, readers/roles, contexts and rules, see Tutorial:_ACL. The Guardian program reads these files. Its operation can be steered via the Guardian User interface, e.g. by setting the current context, or by hand-adding a reader to a role.
Applications:
