-
Task
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
Policy Sprint 1
Adding two use cases for Policy Guard:
- Frequency limiter. A user will be able to specify the maximal number of time over a specified time window that an operation can be performed. Frequency limiter policy can be applied to any operation carried out by any actor in any control loop. It also can be applied to any specific target (or all targets).
- Blacklist. A user will be able to specify a list of targets for which a specified operation will be denied.
These use cases involve the following components:
- Yaml SDK for creating guard policies
- Drools template that, prior to executing an operation, makes the call to XACML engine that applies the Guard policies and returns Permit/Deny response.
- Operation manager that writes to Operations History DB after every operation completion.
- XACML templates of the guard policies (freq limiter and blacklist).
- XACML PIP (Policy Information Point) that fetches the frequency information from Operations History DB.
- JUnit test for testing operation of policy guards.