1. Home
  2. Lainnya

Rights refering to certain machines Rights refering to certain services

OGC 11-086r1r1 Copyright © 2012 Open Geospatial Consortium 47

8.2.1 Rights refering to certain machines

Assuming that some machine specific attributes are included under the recipient- subject; category i.e. the implementation of the service entity type of the SSME model in the evaluation contexts, one can define rights that refer to machines with specific properties. Listing 2 shows an XACML v3.0 encoded condition expression that describes the test whether the IP-address of the machine the subjects wants to interact with equals “123.123.123.123”. Match MatchId=string-equal; AttributeValue DataType=string;123.123.123.123AttributeValue AttributeDesignator Category=recipient-subject; AttributeId=ip- address; DataType=string; MustBePresent=true Match Listing 2: Condition expression that refers to machines with a specific IP-address Listing 3 presents another XACML v3.0 condition expression that demonstrates how to check if the machines, the subjects want to interact with, have less than one gigabyte main memory and are running under a Windows operating system. AllOf Match MatchId=string-equal; AttributeValue DataType=string;windowsAttributeValue AttributeDesignator Category=recipient-subject; AttributeId=os- recipient-host; DataType=string; MustBePresent=false Match Match MatchId=integer-greater-than; AttributeValue DataType=integer;1.000.000.000 AttributeValue AttributeDesignator Category=recipient-subject; AttributeId=mem- recipient-host; DataType=integer; MustBePresent=false Match AllOf Listing 3: Condition expression that refers to machines with a specific hardware and software configuration

8.2.2 Rights refering to certain services

Context Handlers that conform to the guidelines defined in the core requirement class xop;RC1.1 of the XACML v3.0 OWS profile include the service-type; and service-url; XACML Attribute elements under the recipient-subject; category. Listing 4 contains the definition of a condition expression that tests if the subject intends to interact with a specific WFS 1.1 service instance. Match MatchId=string-equal; 48 Copyright © 2012 Open Geospatial Consortium AttributeValue DataType=string;http:domainA.comwfsAttributeValue AttributeDesignator Category=recipient-subject; AttributeId=service- url; DataType=string; MustBePresent=false Match Listing 4: Condition expression that refers to a specific service instance In contrast the condition expression defined in Listing 5 evaluates if the subject wants to communicate with any instance of the WFS 1.1 service class. Match MatchId=string-equal; AttributeValue DataType=string;WFS-1.1;AttributeValue AttributeDesignator Category=recipient-subject; AttributeId=service- type; DataType=string; MustBePresent=false Match Listing 5: Condition expression that refers to a specific service class

8.2.3 Rights refering to certain subjects

Dokumen yang terkait

OWS-9 Aviation Architecture Engineering Report

0 1 147

OWS-9 Aviation Portrayal Engineering Report

0 0 42

OWS-8 AIXM Metadata Guidelines Engineering Report

0 0 21

OWS-8 Aviation: Guidance for Retrieving AIXM 5.1 data via an OGC WFS 2.0

0 0 56

OWS-8 Aviation - WXXM Engineering Report

0 1 68

OWS-8 Aviation Architecture Engineering Report

0 0 126

OWS-8 Geoprocessing for Earth Observations Engineering Report

0 0 18

OWS-8 CCI Schema Automation Engineering Report

0 0 67

OWS-8 Engineering Report - Guidelines for International Civil Aviation Organization (ICAO) portrayal using SLD SE

0 2 61

OWS-8 CCI Portrayal Registries Engineering Report

0 0 53