example set up

3965c062 · Lars Hermerschmidt · 1ecd809e · 3965c062 · 3965c062 · 3965c062
Commit 3965c062 authored Mar 26, 2015 by Lars Hermerschmidt
67 changed files
--- a/doc/MA-Markus-Paff.pdf
+++ b/doc/MA-Markus-Paff.pdf
--- a/doc/README
+++ b/doc/README
+Folders in this repository:
+core     - the MontiSecArc language and analysis tools source code
+doc      - documentation for MontiSecArc
+examples - example projects for the MontiSecArc tools  <------------ start here
--- a/examples/montiSecArcAnalysis/README
+++ b/examples/montiSecArcAnalysis/README
+Start the analysis tool by executing the script startExample.sh.
+This will analyze the MontiSecArc Model in src/test/resources/secarc/seccds/fe/Store.secarc, which uses different files in src/test/resources/.
+
+The impact of the individual analysis can be adjusted in src/main/conf/Analysis_Conf.txt
+
+In case you want to change the analysises implemented in MontiSecArcAnalysis, run mvn install in the ../../core folder and change the script startExample.sh to point at the resulting jar ../../core/montiSecArcAnalysis/target/montiSecArcAnalysis.jar.
--- a/examples/montiSecArcAnalysis/montiSecArcAnalysis-0.0.16.jar
+++ b/examples/montiSecArcAnalysis/montiSecArcAnalysis-0.0.16.jar
--- a/examples/montiSecArcAnalysis/src/main/conf/Analysis_Conf.txt
+++ b/examples/montiSecArcAnalysis/src/main/conf/Analysis_Conf.txt
+L01-List-Filters 1
+L02-List-Critical-Ports 1
+L03-List-Incoming-Ports 1
+L04-List-Outgoing-Ports 1
+L05-List-Ports-String 1
+L06-List-Third-Party-Components 2
+L07-List-Not-Reviewed-Configuration 1
+D01-Derive-Role-Component 1
+D02-Derive-Role-Port 1
+D03-Derive-Role-Third-Party-Component 1
+D04-Derive-Trustlevel-Component 1
+E01-Unencrypted-Connector-In-Path 1
+E02-Unencrypted-Connector-Low-Trustlevel 1
+E03-Encrypted-Path-Continues-Unencrypted 1
+E04-Unencrypted-Path-End-In-Low-Trustlevel 1
+E05-Trustlevel-Connector-Higher 1
+I01-Encrypted-Connector 1
+I02-Trustlevel-Client-Server 1
+I03-Roles-Defined 1
+F01-Taint-Tracking 1
+F02-High-Trustlevel 1
+T01-Reason-Trustlevel 1
+T02-High-Trustlevel 1
+WI01-Access-Roles 1
+WI02-Third-Party-Component-Security 1
+WI03-Low-Trustlevel 1
+WI04-Critical-Ports 1
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/main/java/montiSecArcAnalysisExample/Test.java
+++ b/examples/montiSecArcAnalysis/src/main/java/montiSecArcAnalysisExample/Test.java
+/*
+ * Copyright (c) 2015 RWTH Aachen. All rights reserved.
+ *
+ * http://www.se-rwth.de/ 
+ */
+package montiSecArcAnalysisExample;
+
+/**
+ * TODO: Write me!
+ *
+ * @author  (last commit) $Author$
+ * @version $Revision$, $Date$
+ * @since   TODO: add version number
+ *
+ */
+public class Test {
+  public static void main(String[] arguments) {
+    System.out.println(arguments.length);
+  }
+}
--- a/examples/montiSecArcAnalysis/src/main/secarc/example/Store.secarc
+++ b/examples/montiSecArcAnalysis/src/main/secarc/example/Store.secarc
+package example;
+
+// import message types
+import secarc.seccds.msg.*;
+
+component Store {
+	
+		accesscontrol on;
+		autoconnect port;
+		
+		access stockManager, storeManager, cashier;
+	
+		trustlevel +2;
+
+		port
+			in String inIdentifier,
+			out ProductData outPData;
+		
+		port
+			in SaleInformation;
+			
+		connect storeServer.productData -> outPData;
+			
+		component StoreServer storeServer {
+		
+			autoconnect port;
+		
+			configuration confName;
+			cpe "cpeName";
+				
+			port 
+				in String inIdentifier,
+				in SaleInformation,
+				out ProductData;
+					
+			component (filter fString) FilterIdentifier filterIdentifier {
+				port
+					in String inIdentifier,
+					out Identifier;
+			}
+				
+			component DataProcessor dataProcessor {
+				
+				port 
+					out ProductData,
+					in Identifier,
+					(filter fInformation) in SaleInformation filterInfo;
+				
+			}
+			
+			connect saleInformation -> dataProcessor.filterInfo;
+					
+		}
+
+}
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/configuration/ConfigurationNotReviewed.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/configuration/ConfigurationNotReviewed.secarc
+package secarc.analysis.configuration;
+
+component ConfigurationNotReviewed {
+	
+	accesscontrol off;
+	
+	trustlevel +1;
+		
+	component Help help {
+	
+		trustlevel +1;
+	
+	}
+	
+	component TargetHelp targetHelp {
+		cpe "1.2";
+		
+		configuration conf;
+		
+		trustlevel +1;
+	}
+		
+	component SubEncryptedConnector subEncryptedConnector{
+	
+		trustlevel +1;
+		
+	}
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/configuration/ConfigurationReviewed.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/configuration/ConfigurationReviewed.secarc
+package secarc.analysis.configuration;
+
+component ConfigurationReviewed {
+	
+	accesscontrol off;
+	
+	trustlevel +1;
+		
+	component Help help {
+	
+		trustlevel +1;
+		
+	}
+	
+	component TargetHelp targetHelp {
+		cpe "1.2";
+		
+		configuration conf_reviewed;
+		
+		trustlevel +1;
+	
+	}
+		
+	component SubEncryptedConnector subEncryptedConnector {
+	
+		trustlevel +1;
+	}
+
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/EncryptedPathEndInLowTrustlevel.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/EncryptedPathEndInLowTrustlevel.secarc
+package secarc.analysis.connector;
+
+component EncryptedPathEndInLowTrustlevel {
+	
+	accesscontrol off;
+	
+	trustlevel +2;
+		
+	component Help help {
+	
+		trustlevel +1;
+	}
+	
+	component TargetHelp targetHelp {
+		cpe "1.2";
+		
+		port in int inputTarget;
+		
+		configuration conf_reviewed;
+		
+		trustlevel +1;
+	}
+	
+	connect encrypted subEncryptedConnector.inputSub2 -> targetHelp.inputTarget;
+		
+	component SubEncryptedConnector subEncryptedConnector {
+	
+		trustlevel +2;
+		
+		port
+			out int inputSub2;
+
+	}
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/EncryptedPathWithLowerTrustlevel.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/EncryptedPathWithLowerTrustlevel.secarc
+package secarc.analysis.connector;
+
+component EncryptedPathWithLowerTrustlevel {
+	
+	accesscontrol off;
+	
+	trustlevel +1;
+		
+	component Help help {
+	
+		trustlevel +1;
+	}
+	
+	component TargetHelp targetHelp {
+		trustlevel +0;
+		
+		port in int inputTarget;
+		
+	}
+		
+	connect encrypted subEncryptedConnector.inputSub2 -> targetHelp.inputTarget;
+		
+	component SubEncryptedConnector subEncryptedConnector {
+	
+		trustlevel +0;
+		
+		port
+			out int inputSub2;
+	
+	}
+
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/EncryptedPathWithUnencryptedPart.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/EncryptedPathWithUnencryptedPart.secarc
+package secarc.analysis.connector;
+
+component EncryptedPathWithUnencryptedPart {
+	
+	accesscontrol off;
+	
+	trustlevel +0;
+	
+	port
+		in int input;
+		
+	component Help help {
+	
+		trustlevel +1;
+	}
+	
+	component TargetHelp targetHelp {
+		cpe "1.2";
+		
+		port in int inputTarget;
+		
+		configuration conf_reviewed;
+		
+		trustlevel +1;
+	}
+		
+	component SubEncryptedConnector subEncryptedConnector {
+	
+		trustlevel +1;
+		
+		port
+			in int inputSub,
+			out int inputSub2;
+	
+	}
+	
+	connect subEncryptedConnector.inputSub2 -> targetHelp.inputTarget;
+
+	connect encrypted input -> subEncryptedConnector.inputSub;
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/ListEncryptedData.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/ListEncryptedData.secarc
+package secarc.analysis.connector;
+
+component ListEncryptedData {
+	
+	accesscontrol off;
+	
+	trustlevel +1;
+	
+	port
+		in String input;
+		
+	component Help help {
+	
+		trustlevel +1;
+	}
+	
+	component TargetHelp targetHelp {
+		trustlevel +1;
+	}
+		
+	component SubEncryptedConnector {
+	
+		trustlevel +1;
+		
+		port
+			in String inputSub;
+			
+		connect encrypted input -> inputSub;
+		
+	}
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/UnencryptedPathThroughLowTrustlevel.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/UnencryptedPathThroughLowTrustlevel.secarc
+package secarc.analysis.connector;
+
+component UnencryptedPathThroughLowTrustlevel {
+	
+	accesscontrol off;
+	
+	trustlevel +0;
+		
+	component Help help {
+	
+		trustlevel +1;
+	}
+	
+	component TargetHelp targetHelp {
+		cpe "1.2";
+		
+		port in int inputTarget;
+		
+		configuration conf_reviewed;
+		
+		trustlevel +1;		
+	}	
+		
+	component SubEncryptedConnector subEncryptedConnector {
+	
+		trustlevel +1;
+		
+		port
+			out int inputSub2;
+	
+	}
+	
+	connect subEncryptedConnector.inputSub2 -> targetHelp.inputTarget;
+
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/criticalport/CriticalPort.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/criticalport/CriticalPort.secarc
+package secarc.analysis.criticalport;
+
+component CriticalPort {
+	
+	accesscontrol on;
+	
+	trustlevel +1;
+	
+	port
+		critical in String input;
+	
+	identity weak help -> targetHelp;
+		
+	component Help help {
+		port out int output; 
+		trustlevel +1;
+	}
+	
+	component TargetHelp targetHelp {
+		access user;
+	}
+	
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/FilterComponent.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/FilterComponent.secarc
+package secarc.analysis.filter;
+
+component FilterComponent {
+	
+	accesscontrol off;
+	
+	trustlevel +1;
+	
+	component Help help {
+	
+		trustlevel +1;
+	}
+	
+	component TargetHelp targetHelp {		
+		port out int output;
+		
+		trustlevel +2;
+	}
+		
+	component (filter url) FilterURL filterURL {
+	
+		trustlevel +1;
+		
+		port in int input;
+		
+	}
+	
+	connect encrypted targetHelp.output -> filterURL.input;
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/FilterPort.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/FilterPort.secarc
+package secarc.analysis.filter;
+
+component FilterPort {
+	
+	accesscontrol off;
+	
+	trustlevel +1;
+	
+	component Help help {
+	
+		trustlevel +1;
+		
+		port 
+			out int output;
+		
+	}
+	
+	component TargetHelp targetHelp {
+	
+		trustlevel +2;		
+	
+		port
+			(filter sql) in int input;
+	}
+	
+	connect encrypted help.output -> targetHelp.input;
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/FilterWithLowerTrustlevel.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/FilterWithLowerTrustlevel.secarc
+package secarc.analysis.filter;
+
+component FilterWithLowerTrustlevel {
+	
+	accesscontrol off;
+	
+	trustlevel +1;
+	
+	component Help help {
+	
+		trustlevel +1;
+	}
+	
+	component TargetHelp targetHelp {		
+		port out int output;
+		
+		trustlevel +2;
+	}
+		
+	component (filter url) FilterURL filterURL {
+	
+		port in int input;
+	
+	}
+	
+	connect encrypted targetHelp.output -> filterURL.input;
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/InputString.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/InputString.secarc
+package secarc.analysis.filter;
+
+component InputString {
+	
+	accesscontrol off;
+	
+	trustlevel +1;
+	
+	port in String input;
+	
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/identity/IdentityWithEncryption.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/identity/IdentityWithEncryption.secarc
+package secarc.analysis.identity;
+
+component IdentityWithEncryption {
+	
+	accesscontrol on;
+	
+	trustlevel +1;
+		
+	component Help help {
+	
+		trustlevel +1;
+		
+	}
+	
+	identity weak targetHelp -> subEncryptedConnector;
+	
+	component TargetHelp targetHelp {
+		
+		port out int inputTarget;
+		
+		trustlevel +1;
+	
+	}
+		
+	component SubEncryptedConnector subEncryptedConnector {
+	
+		trustlevel +2;
+		
+		access user;
+		
+		port
+			in int inputSub;
+	}
+	
+	connect encrypted targetHelp.inputTarget -> subEncryptedConnector.inputSub;
+
+}
\ No newline at end of file
--- a/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/identity/IdentityWithoutConnector.secarc
+++ b/examples/montiSecArcAnalysis/src/test/resources/secarc/analysis/identity/IdentityWithoutConnector.secarc
+package secarc.analysis.identity;
+
+component IdentityWithoutConnector {
+	
+	accesscontrol on;
+	
+	trustlevel +1;
+		
+	component Help help {
+	
+		trustlevel +1;
+		
+	}
+	
+	identity weak targetHelp -> subEncryptedConnector;
+	
+	component TargetHelp targetHelp {