Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python3
- # -*- coding: utf-8 -*-
- """
- @author: ahnaqvi
- """
- # take grant rules to check for info sharing
- def create(subject, created_entity_type, rights_of_subject_over_created_entity, initial_graph):# rights of sub over created is a string
- created_entity_type.append(len(initial_graph[0])+1)
- initial_graph[subject].append(rights_of_subject_over_created_entity)
- for i in graph.keys():
- if i != subject:
- graph[i].append("")
- def tg_connected(nodeA, nodeB, graph):
- visited = [False]*len(graph.keys())
- queue = []
- queue.append(nodeA)
- visited[nodeA] = True
- while queue:
- n = queue.pop()
- if n == nodeB:
- return True
- for i,x in enumerate(graph[n]):
- print(i,x)
- if 't' in x or 'g' in x:
- if visited[i] == False:
- queue.append(i)
- visited[i] = True
- return False
- def can_share(graph, right, x, p, subjects): # x and p are nodes. right is a character for eg. 'x' or 'w'
- if p not in subjects:
- return False
- if right in graph[p][x] or graph[x][p]:
- return True
- for subject in subjects:
- if right in graph[subject][x]:
- if tg_connected(subject,p) or tg_connected(p,subject):
- return True
- return False
- def remove(right, s, x, graph, subjects):
- if s in subjects:
- if right in graph[s][x]:
- new_rights = graph[s][x]
- new_rights = new_rights.replace(right, "")
- graph[s][x] = new_rights
- # an example graph is given at the top. The function can_share checks if sharing is allowed between two nodes or not. One can use to check if a system is safe or not with regards to a given access profile, for eg a company policy. This system does not deal with theft of rights/flow.
- graph = dict()
- users = [0,1,2]
- files = [3,4,5]
- # define initial graph
- graph[0] = ["","r","","rwx","",""]
- graph[1] = ["","","","","",""]
- graph[2] = ["","","","","t","r"]
- graph[3] = ["","","","","",""]
- graph[4] = ["","g","","","",""]
- graph[5] = ["","","","","",""]
- print(can_share(graph, "r", 1, 4, users)) # should return False
- print(can_share(graph, "r", 1, 0, users)) # should print True
- #################################################################
- # Addendum: The original report stated that Dijkstras and Floyd's algorithm were used. Dijstra's can be used here to find the shortest path to share info. However, it is not needed to KNOW if sharing can happen between two nodes, which is what we're after.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement