策略引擎>> policy-enforcement-engine>> 返回
项目作者: DITAS-Project

项目描述 :
当VDC访问其数据源时,策略实施引擎会强制执行数据访问策略。
高级语言: Scala
项目地址: git://github.com/DITAS-Project/policy-enforcement-engine.git
创建时间: 2018-02-26T07:58:07Z
项目社区:https://github.com/DITAS-Project/policy-enforcement-engine
开源协议:Other
下载


License

Copyright 2018 IBM

Licensed under the Apache License, Version 2.0 (the “License”); you may not
use this file except in compliance with the License. You may obtain a copy of
the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an “AS IS” BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations under
the License.

This is being developed for the DITAS Project: https://www.ditas-project.eu/

policy-enforcement-engine

Policy enforcement engine enforces data access policies when VDC accesses its data sources.
policy-enforcement-engine-api is a Play Framework application, which uses an enforcement engine that implements policy-enforcement-engine-interface.

Description

Returns a rewritten query and a set of corresponding data tables to retrieve the compliant data.

Functionalities

POST /rewrite-sql-query

  • description: Returns a rewritten query and a set of corresponding data tables to
    retrieve the compliant data.
  • caller eHealth VDC
  • input: Application requirements JSON file which includes the access type, purpose, requesterId and blueprint number
  • output: JSON response as described above

Installation

  1. Clone repository

  2. Create the policy-enforcement-interface with:

    1. cd policy-enforcement-engine-interface
    2. mvn clean install

  3. Implement the policy-enforcement-engine-interface:
    Create a lib folder inside the imeplemation of policy-enforcement-engine-interface and put there a jar of policy-enforcement-engine-interface.
    dummy-policy-enforcement-engine/ folder can be used as an example for implementation of the policy-enforcement-engine-interface. Here is how it is created:

    1. cd dummy-policy-enforcement-engine
    2. sbt package

  1. Create a lib folder inside policy-enforcement-engine-api, and put there a jar of implementation of the policy-enforcement-engine-interface.

  2. Create distribution with:

    1. cd policy-enforcement-engine-api
    2. sbt universal:packageZipTarball

  3. Unzip the archive in target/universal/:

    1. tar xvfz policy-enforcement-engine-1.0.tgz

Execution:

The conf/reference.conf file provides default configuration parameters; they are overridden by any settings defined in the conf/application.conf file. Please, copy the contents of the file conf/reference.conf to conf/application.conf and replace with the correct values of your runtime.

  • Use the following command to run the application.
  1. app/policy-enforcement-engine-1.0/bin/policy-enforcement-engine  -Dplay.http.secret.key='your-secret' -Dconfig.file='\/conf\/application.conf'
  • Example call:
    1. curl -X POST "http://<hostname>:9000/rewrite-sql-query" -H "accept: application/json" -H "Content-Type: application/json" --data {"query": "SELECT patientId, date, cholesterol.hdl.value FROM blood_tests", "purpose": "MedicalTreatment", "access": "read", "blueprintId": "2", "requesterId": <RequesterId>}

Documentation:

  1. Go to http://<hostname>:9000/docs/swagger.json

For Swagger UI - Go to 

  1. http://<hostname>:9000/docs/

and paste the url path to your swagger.json in the text box.