Security Policy Assertion Language

UPDATED WIKI: Home

jasonhogg — Mon, 27 Aug 2007 16:49:22 GMT

Project Description
Security Policy Assertion Language (SecPAL) provides a flexible and robust declarative authorization language developed for large-scale Grid Computing Environments.

Project Home Page
Welcome to the SecPAL Research Workspace. We have set this workspace up to support community members who may have questions relating to the preview release of SecPAL which is available from http://research.microsoft.com/projects/secpal. From time to time we may also post additional samples which will also demonstrate other aspects of SecPAL that were not covered in the initial preview release.

Downloading SecPAL
This CodePlex site is intended to support evaluation of SecPAL - it does not include a copy of the .NET implementation of SecPAL. The .NET implementation (and associated design papers is available from this site: http://research.microsoft.com/projects/secpal/

News

August 27, 2007 SecPAL Parser sample available from http://www.codeplex.com/secpal/Release/ProjectReleases.aspx?ReleaseId=6667
July, 2007 "Fine Grained Access Control for GridFTP using SecPAL" accepted for 8th IEEE/ACM International Conference on Grid Computing (Grid 2007) http://www.cs.virginia.edu/~humphrey/papers/GridFTP_SecPAL_2007.pdf
May 15, 2007 "SecPAL: A security policy language to support grid on demand" presented at Software as a Service Architecture Forum - Presentation is available in the "Releases" section SecPAL Presentation for SaaS Conference
May 07, 2007 GridToday Special Feature "Access Control in Grid Computing Environments" http://www.gridtoday.com/grid/1546527.html
Apr 30, 2007 Linux Insider "Microsoft Invites Collaboration With Grid Computing Research" http://www.linuxinsider.com/story/sjtdPLOzASp203/Microsoft-Invites-Collaboration-With-Grid-Computing-Research.xhtml
Mar 02,2007 SecPAL preview release available
Feb 08,2007 An updated version of the SecPAL Formal Model is available at http://research.microsoft.com/projects/secpal
Sept 13,2006 eWeek article "Microsoft building Security Language for Grids" http://www.eweek.com/article2/0,1895,2015846,00.asp

Questions
If you have downloaded the SecPAL MSI from the MSR site and have any questions about our API's or scenario coverage please feel free to post a question in the Discussions section.

Frequently Asked Questions
Click FAQ to see our FAQ's
For Questions about our 1.1 release, click ResearchRelease1.1

Bugs
Heaven forbid! While we have tried hard to test SecPAL as we developed it, we are a small "incubation" team with limited resources so it is possible that you will find bugs! Please post bugs, along with detailed reproduction steps in the Issuer Tracker section. As these releases are simply for research purposes we are tentatively planning an update in / around July depending if bugs are actually found or not. We will consider the community bug scores to help us prioritize which bugs to focus on.

UPDATED RELEASE: SecPAL Parser Sample (Aug 26, 2007)

Sun, 26 Aug 2007 21:29:26 GMT

One of the great strengths of SecPAL is its unique support for multiple representations of a security policy; XML for interoperability; and a simplified English grammar for human readbility. The SecPAL v1.1 Research Release (available from [url:http://research.microsoft.com/projects/secpal]) allows SecPAL assertions to be created using the rich and flexible.NET object model or deserialized from (or serialized into XML) XML according to the SecPAL Schema Specification.

This sample includes a parser that allows SecPAL policies and authorization queries to be specified using a simplified English Grammar and then translated into the SecPAL object model. This allows policies to be specified declaratively in a human readable form. Full source code is included. The parser is written using F# and the Lexx and Yacc tools that accompany F#.

Please follow the instructions in the "Getting Started" documentation carefully!

UPDATED RELEASE: SecPAL Parser Sample (Aug 26, 2007)

Sun, 26 Aug 2007 21:28:25 GMT

NEW POST: Sample Parser for SecPAL Simplified English Grammar Now Available!

jasonhogg — Sun, 26 Aug 2007 21:16:53 GMT

One of the great strengths of SecPAL is its unique support for multiple representations of a security policy; XML for interoperability; and a simplified English grammar for human readbility. The SecPAL v1.1 Research Release (available from http://research.microsoft.com/projects/secpal) allows SecPAL assertions to be created using the rich and flexible.NET object model or deserialized from (or serialized into XML) XML according to the SecPAL Schema Specification.

This sample includes a parser that allows SecPAL policies and authorization queries to be specified using a simplified English Grammar and then translated into the SecPAL object model. This allows policies to be specified declaratively in a human readable form. Full source code is included. The parser is written using F# and the Lexx and Yacc tools that accompany F#.

Use this thread as a starting point in case you have any questions / suggestions...

Available from here: http://www.codeplex.com/secpal/Release/ProjectReleases.aspx?ReleaseId=6667

UPDATED RELEASE: SecPAL Parser Sample (Aug 26, 2007)

Sun, 26 Aug 2007 21:14:14 GMT

UPDATED WIKI: FAQ

jasonhogg — Fri, 27 Jul 2007 20:07:54 GMT

Frequently Asked Questions

API Questions

How do I use KeyHolderPrincipal with persistent keys? http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId=13106
What is the difference between Fact Qualifiers and Constraints? http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId=8186
How do I turn audit logging on? http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId11187
How do I use the audit log viewer? http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId11187
How do I use the graphical proof viewer shown in the documentation? http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId11187

Release Questions

The release tab is currently showing no stable releases. What gives? Our main binaries are available from http://release.microsoft.com/projects/secpal and we are planning on using the CodePlex releases capability for posting some additional samples to help get you started. The first sample we are frantically working on is a query editor that demonstrates how to build and evaluate queries in a GUI environment. We will provide the source code so you can modify it yourself as well...

Installation Questions

If you try to run the samples from a network share you must first be sure to grant appropriate policies via caspol.exe. If you do not you will receive the following exception:

_System.IO.FileLoadException was unhandled
Message: Could not load file or assembly 'AuditLogViewer, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Failed to grant minimum permission requests. (Exception from HRESULT: 0x80131417)_

Uninstall Information

When you uninstall the MSI certain files are not removed. Our MSI only removes the files that we installed. Files that you create such as the executable that is created in /bin/debug when you compile the samples will be left behind.

NEW POST: Use of the RSACryptoServiceProvider in our Samples

jasonhogg — Fri, 27 Jul 2007 19:59:04 GMT

I have had a couple of people ask about how our use of the KeyHolderPrincipal works in the SecPAL samples. Our samples use code similar to this for creating KeyHolderPrincipals:
private static KeyHolderPrincipal userPrincipal =
new KeyHolderPrincipal(new RSACryptoServiceProvider(), "K-User");

In this case the .NET Framework gives you a randomly-generated key pair in a random (and transient) key container. But if you provide a key container name then the .NET Framework will access the key that’s present in the container (and if the container doesn’t exist it’ll create it and randomly generate a persistent key in that container for you). I have included a code sample below that shows how to create and persist a key. As a side note, the CspParameters class also allows a provider to be specified, which could allow you to access keys stored on a smart card or in a crypto hardware module (etc).

using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography;

namespace RSATest
class Program
{
static void Main(string[] args)
{

string publicKey = InitializeKey();
Console.WriteLine("The RSA key {0} was persisted in the container JasonsTest.", publicKey);
Console.WriteLine(publicKey);
// LOGOFF / REBOOT / etc
LoadKey(publicKey);
Console.ReadLine();
}

private static string InitializeKey()
{
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = "JasonsTest";
RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);
string publicKey = RSAalg.ToXmlString(false);
return publicKey;
}

private static void LoadKey(string publicKey)
{
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = "JasonsTest";
RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider(cspParams);
rsaCSP.FromXmlString(publicKey);
publicKey = rsaCSP.ToXmlString(false);
Console.WriteLine("Key {0} was read successfully", publicKey);
}
}
}

UPDATED WIKI: Home

jasonhogg — Thu, 05 Jul 2007 18:10:13 GMT

July, 2007 "Fine Grained Access Control for GridFTP using SecPAL" accepted for 8th IEEE/ACM International Conference on Grid Computing (Grid 2007) http://www.cs.virginia.edu/~humphrey/papers/GridFTP_SecPAL_2007.pdf
May 15, 2007 "SecPAL: A security policy language to support grid on demand" presented at Software as a Service Architecture Forum - Presentation is available in the "Releases" section SecPAL Presentation for SaaS Conference
May 07, 2007 GridToday Special Feature "Access Control in Grid Computing Environments" http://www.gridtoday.com/grid/1546527.html
Apr 30, 2007 Linux Insider "Microsoft Invites Collaboration With Grid Computing Research" http://www.linuxinsider.com/story/sjtdPLOzASp203/Microsoft-Invites-Collaboration-With-Grid-Computing-Research.xhtml
Mar 02,2007 SecPAL preview release available
Feb 08,2007 An updated version of the SecPAL Formal Model is available at http://research.microsoft.com/projects/secpal
Sept 13,2006 eWeek article "Microsoft building Security Language for Grids" http://www.eweek.com/article2/0,1895,2015846,00.asp

UPDATED RELEASE: SecPAL QueryEditor (Jun 21, 2007)

Thu, 21 Jun 2007 22:12:39 GMT

Sample Application that demonstrates how to use the SecPAL authorization engine. The sample is deployed as a Visual Studio 2005 project with full source code. The QueryEditor also uses the Sample Authorization Scenarios that are included in the SecPal Research Release. Please see the QueryEditor-ReadMe.html file included in this release for more information.

UPDATED RELEASE: SecPAL QueryEditor (Jun 21, 2007)

Thu, 21 Jun 2007 21:49:28 GMT

NEW POST: SecPAL QueryEditor

Lon28Wall — Thu, 21 Jun 2007 19:56:10 GMT

We've just added a QueryEditor to the Releases section that demonstrates how to use the SecPAL authorization engine. The QueryEditor is deployed as a Visual Studio 2005 project with full source code.

The QueryEditor allows you to create authorization policies and examine how policies are created using the Microsoft.Research.SecPal assembly. The QueryEditor will also load Sample Authorization Scenarios that are included with the SecPal Research Release.

Download the QueryEditor today and give it a try. If you have any questions or issues with this release please use this discussion to provide feedback.

Thanks!

NEW POST: Where do I download SecPAL from?

jasonhogg — Fri, 15 Jun 2007 20:17:20 GMT

This site is intended to help support people evaluating SecPAL. The .NET implementation of SecPAL and associated design papers can be found at our main research site http://research.microsoft.com/projects/secpal/.

The releases section does not currently contain anything to download, but hopefully in the next couple of days Lonnie is going to post source code for a query editor that I think people will find very interesting...

UPDATED WIKI: Home

jasonhogg — Fri, 15 Jun 2007 20:16:27 GMT

May 15, 2007 "SecPAL: A security policy language to support grid on demand" presented at Software as a Service Architecture Forum - Presentation is available in the "Releases" section SecPAL Presentation for SaaS Conference
May 07, 2007 GridToday Special Feature "Access Control in Grid Computing Environments" http://www.gridtoday.com/grid/1546527.html
Apr 30, 2007 Linux Insider "Microsoft Invites Collaboration With Grid Computing Research" http://www.linuxinsider.com/story/sjtdPLOzASp203/Microsoft-Invites-Collaboration-With-Grid-Computing-Research.xhtml
Mar 02,2007 SecPAL preview release available
Feb 08,2007 An updated version of the SecPAL Formal Model is available at http://research.microsoft.com/projects/secpal
Sept 13,2006 eWeek article "Microsoft building Security Language for Grids" http://www.eweek.com/article2/0,1895,2015846,00.asp

NEW POST: SecPAL v1.1 Is Now Available!

jasonhogg — Wed, 13 Jun 2007 23:37:29 GMT

We have just released a point release of SecPAL which you should definitely take a look at. In addition to a couple of minor bug fixes there are two features that we think you will be interested in:

We have implemented a new grammar which makes it much simpler to understand conditions and constriants within policies
The graphical proof graph viewer now works from within the audit log viewer

If you do already have SecPAL v1.0 installed you should ensure you remove the first version before you try to install the new version. More information is available here: http://www.codeplex.com/secpal/Wiki/View.aspx?title=Installingv1.1&referringTitle=ResearchRelease1.1.

For a complete description of what is new take a look at http://www.codeplex.com/secpal/Wiki/View.aspx?title=SecPALv1.1Summary.

UPDATED WIKI: SecPALv1.1Summary

jasonhogg — Wed, 13 Jun 2007 23:35:35 GMT

Summary of New Features in the SecPAL Research Release v1.1

SecPAL v1.1 is a minor release of SecPAL that maintains compability with our first reasearch release of SecPAL. Changes for v1.1 include:
New / Upgraded Features

We have updated the SecPAL grammar to a new and much more readable grammar. I will post a longer explanation in the coming weeks, but in short when you read a SecPAL policy conditions will now be prefaced by an "IF" statement, and constriaints will now be prefaced by a "WHERE" statement. These changes along with improved readibility of fact qualifiers should make the English representation of your policies / assertions much simpler to read. Note: This change should have no impact on existing policies, as it only affects the output of policies / tokens when you call .ToString() on them.
The 'CanActAs' predicate can now be used as a conditional fact within an assertion.
No breaking changes were made to API's so any SecPAL dependent code that you have written should behave the same.

Bug Fixes

A bug that was preventing the graphical proof graph viewer from working has now been fixed, so you can now obtain a graphical view of your proof graphs from within the Audit Log viewer. For instructions on how to use the Audit Log viewer see http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId=11187
It was not possible to generate the English representation for a Policy by calling .ToString(). This has now been fixed.
The v1.0 release required the TemporalConstraint and the DurationConstraints to act only on variables. This has now been fixed so you can use a mixture of variables or concrete values.

UPDATED WIKI: Installingv1.1

jasonhogg — Tue, 12 Jun 2007 21:00:34 GMT

Installing SecPAL v1.1

Option 1 - If you do not have another version of SecPAL installed

Download the SecPAL MSI
Double click on the MSI and follow its installation instructions.
SecPAL will appear as ""Microsoft SecPAL Research Version" in both the start menu and within your My Documents folder.
A "Getting Started" document provides an overview of how to get started with SecPAL.

There are some minor caveats that you should be aware of if you installed the earlier 1.0 version of SecPAL (ie - a version released prior to June 11th 2007).

Option 2 - Uninstalling via the Control Panel (Recommended Option)

Prior to installing the v1.1 release of SecPAL you should go to Control Panel / Add Remove Programs (Programs and Features in Vista) and then select the "Microsoft SecPAL Preview Version" and then select Uninstall. This will uninstall the v1.0 version of SecPAL. Note that the uninstallation process will only remove code that our installer installed - so new code such as compiled versions of the samples (etc) will remain.
At this point you can double click on the new SecPAL MSI and follow its installation instructions. The new version has a slightly different name in the Start menu and as the path within your documents directory - it is now called "Microsoft SecPAL Research Version".

Option 3 - Uninstalling via the MSI

If you double click on the new MSI and you already have an older version of SecPAL installed, you will be prompted to "Repair" or "Remove" SecPAL. At this point you can simply click "Remove" and the old version of SecPAL will be removed.
Once uninstalled, the MSI wizard will now complete - so you actually have to double click on the new MSI one more time, at which point it will install the new v1.1 version of SecPAL.
The Repair button is currently not functional.

UPDATED WIKI: SecPALv1.1Summary

jasonhogg — Tue, 12 Jun 2007 03:53:17 GMT

Summary of New Features in the SecPAL Research Release v1.1

SecPAL v1.1 is a minor release of SecPAL that maintains compability with our first reasearch release of SecPAL. Changes for v1.1 include:
New / Upgraded Features

We have updated the SecPAL grammar to a new and much more readable grammar. I will post a longer explanation in the coming weeks, but in short when you read a SecPAL policy conditions will now be prefaced by an "IF" statement, and constriaints will now be prefaced by a "WHERE" statement. These changes along with improved readibility of fact qualifiers should make the English representation of your policies / assertions much simpler to read. Note: This change should have no impact on existing policies, as it only affects the output of policies / tokens when you call .ToString() on them.
The 'CanActAs' predicate can now be used as a conditional fact within an assertion.

Bug Fixes

A bug that was preventing the graphical proof graph viewer from working has now been fixed, so you can now obtain a graphical view of your proof graphs from within the Audit Log viewer. For instructions on how to use the Audit Log viewer see http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId=11187
It was not possible to generate the English representation for a Policy by calling .ToString(). This has now been fixed.
The v1.0 release required the TemporalConstraint and the DurationConstraints to act only on variables. This has now been fixed so you can use a mixture of variables or concrete values.

UPDATED WIKI: Installingv1.1

jasonhogg — Tue, 12 Jun 2007 03:53:03 GMT

Installing SecPAL v1.1

Option 1 - If you do not have another version of SecPAL installed

Download the SecPAL MSI
Double click on the MSI and follow its installation instructions.
SecPAL will appear as ""Microsoft SecPAL Research Version" in both the start menu and within your My Documents folder.
A "Getting Started" document provides an overview of how to get started with SecPAL.

Prior to installing the v1.1 release of SecPAL you should go to Control Panel / Add Remove Programs (Programs and Features in Vista) and then select the "Microsoft SecPAL Preview Version" and then select Uninstall. This will uninstall the v1.0 version of SecPAL. Note that the uninstallation process will only remove code that our installer installed - so new code such as compiled versions of the samples (etc) will remain.
At this point you can double click on the new SecPAL MSI and follow its installation instructions. The new version has a slightly different name in the Start menu and as the path within your documents directory - it is now called "Microsoft SecPAL Research Version".

Option 3 - Uninstalling via the MSI

If you double click on the new MSI and you already have an older version of SecPAL installed, you will be prompted to "Repair" or "Remove" SecPAL. At this point you can simply click "Remove" and the old version of SecPAL will be removed.
Once uninstalled, the MSI wizard will now complete - so you actually have to double click on the new MSI one more time, at which point it will install the new v1.1 version of SecPAL.
The Repair button is currently not functional.

UPDATED WIKI: ResearchRelease1.1

jasonhogg — Tue, 12 Jun 2007 03:52:51 GMT

SecPAL Research Release v1.1

For instructions on installing v1.1 please click on Installingv1.1. This is important if you already have an older version of SecPAL installed.

For a summary of changes in the v1.1 research release please click on SecPALv1.1Summary

UPDATED WIKI: SecPALv1.1Summary

jasonhogg — Tue, 12 Jun 2007 00:12:30 GMT

Summary of New Features in the SecPAL Research Release v1.1

SecPAL v1.1 is a minor release of SecPAL that maintains compability with our first reasearch release of SecPAL. Changes for v1.1 include:
New / Upgraded Features

We have updated the SecPAL grammar to a new and much more readable grammar. I will post a longer explanation in the coming weeks, but in short when you read a SecPAL policy conditions will now be prefaced by an "IF" statement, and constriaints will now be prefaced by a "WHERE" statement. These changes along with improved readibility of fact qualifiers should make the English representation of your policies / assertions much simpler to read. Note: This change should have no impact on existing policies, as it only affects the output of policies / tokens when you call .ToString() on them.
The 'CanActAs' predicate can now be used as a conditional fact within an assertion.

Bug Fixes

A bug that was preventing the graphical proof graph viewer from working has now been fixed, so you can now obtain a graphical view of your proof graphs from within the Audit Log viewer. For instructions on how to use the Audit Log viewer see http://www.codeplex.com/secpal/Thread/View.aspx?ThreadId=11187
It was not possible to generate the English representation for a Policy by calling .ToString(). This has now been fixed.
The v1.0 release required the TemporalConstraint and the DurationConstraints to act only on variables. This has now been fixed so you can use a mixture of variables or concrete values.