75 lines
3.4 KiB
Plaintext
75 lines
3.4 KiB
Plaintext
section signature:
|
|
|
|
user_to_role : user * role -> fact
|
|
poto : userORrole * taskName -> fact
|
|
task_to_data : taskName * set * set -> fact
|
|
aknows : entity * data -> fact
|
|
mc_pair : data * data -> data
|
|
contains : set * data -> fact
|
|
task : taskName * nat -> taskInstance
|
|
canExecute : user * role * humanTaskName -> fact
|
|
granted : user * role * taskInstance -> fact
|
|
executed : user * taskInstance -> fact
|
|
ready : taskInstance -> fact
|
|
done : taskInstance -> fact
|
|
entity > organization
|
|
entity > user
|
|
data > object
|
|
data > set
|
|
userORrole > user
|
|
userORrole > role
|
|
taskName > automatedTaskName
|
|
taskName > humanTaskName
|
|
|
|
section types:
|
|
|
|
start_event_startevent1,parallelgateway1_to_usertask2,parallelgateway1_to_usertask3,parallelgateway2_to_servicetask1: fact
|
|
HT,usertask1,usertask2,usertask3: humanTaskName
|
|
IN,OUT,in_usertask1,out_usertask1,in_usertask2,out_usertask2,in_usertask3,out_usertask3,in_servicetask1,out_servicetask1: set
|
|
manager,supervisor,clerk,R: role
|
|
N,N0,N1,N2,N3,N4,N5,N6,N7,N8,N9,N10,N11,N12: nat
|
|
AT,servicetask1: automatedTaskName
|
|
user1_manager,user2_manager,user1_supervisor,user2_supervisor,user1_clerk,user2_clerk,A,U0: user
|
|
|
|
section inits:
|
|
|
|
initial_state init_1 :=
|
|
|
|
user_to_role(user1_manager,manager).
|
|
user_to_role(user2_manager,manager).
|
|
user_to_role(user1_supervisor,supervisor).
|
|
user_to_role(user2_supervisor,supervisor).
|
|
user_to_role(user1_clerk,clerk).
|
|
user_to_role(user2_clerk,clerk).
|
|
start_event_startevent1.
|
|
task_to_data(usertask1,in_usertask1,out_usertask1).
|
|
task_to_data(usertask2,in_usertask2,out_usertask2).
|
|
task_to_data(usertask3,in_usertask3,out_usertask3).
|
|
task_to_data(servicetask1,in_servicetask1,out_servicetask1)
|
|
|
|
section hornClauses:
|
|
|
|
hc rbac_ac (A,R,HT) := canExecute(A,R,HT) :- user_to_role(A,R), poto(R,HT)
|
|
hc direct_ac (A,R,HT) := canExecute(A,R,HT) :- user_to_role(A,R), poto(A,HT)
|
|
hc poto_usertask1:= poto(clerk,usertask1)
|
|
hc poto_usertask2:= poto(manager,usertask2)
|
|
hc poto_usertask3:= poto(manager,usertask3)
|
|
|
|
section rules:
|
|
|
|
step authorizeTaskExecution(A,R,HT,N) := canExecute(A,R,HT). ready(task(HT,N)) => granted(A,R,task(HT,N))
|
|
step h_taskExecution(A,R,HT,N,IN,OUT) := granted(A,R,task(HT,N)). task_to_data(HT,IN,OUT) => executed(A,task(HT,N)). done(task(HT,N)). task_to_data(HT,IN,OUT). aknows(A,IN). aknows(A,OUT)
|
|
step atask_execution(AT,N,IN,OUT) := ready(task(AT,N)). task_to_data(AT,IN,OUT) => done(task(AT,N)). task_to_data(AT,IN,OUT)
|
|
step w_usertask1(N0) := start_event_startevent1=[exists N0] => ready(task(usertask1,N0))
|
|
step w_parallelgateway1(N1) := done(task(usertask1,N1)) => parallelgateway1_to_usertask2. parallelgateway1_to_usertask3
|
|
step w_usertask2(N2) := parallelgateway1_to_usertask2=[exists N2] => ready(task(usertask2,N2))
|
|
step w_usertask3(N3) := parallelgateway1_to_usertask3=[exists N3] => ready(task(usertask3,N3))
|
|
step w_parallelgateway2(N4,N5) := done(task(usertask2,N4)). done(task(usertask3,N5)) => parallelgateway2_to_servicetask1
|
|
step w_servicetask1(N6) := parallelgateway2_to_servicetask1=[exists N6] => ready(task(servicetask1,N6))
|
|
|
|
section goals:
|
|
|
|
attack_state sod_securitySod1_1(U0,N7,N8):= executed(U0,task(usertask2,N7)). executed(U0,task(usertask3,N8))
|
|
attack_state sod_securitySod2_1(U0,N9,N10):= executed(U0,task(usertask1,N9)). executed(U0,task(usertask3,N10))
|
|
attack_state sod_securitySod3_1(U0,N11,N12):= executed(U0,task(usertask1,N11)). executed(U0,task(usertask2,N12))
|