Inputs:specifications.mch,implementations.mch. |
Outputs: HiddenUsers, HiddenRoles,HiddenAUR, HiddenARR, HiddenAPR, HiddenACFlow, |
MissedUsers, MissedRoles, MissedAUR, MissedARR, MissedAPR, MissedACFlow, RenamedUsers, |
RenamedRoles, Redundancy, DacRedundancy, conformity. |
Begin |
read_specifications_machines (); |
read_implementations_machines (); |
conformity = true; |
// checking the equivalence between users |
HiddenUsers = calculate_hiddenusers (Users, Users_imp); |
MissedUsers = calculate_missedusers (Users, Users_imp); |
RenamedUsers = calculate_renamedusers (HiddenUsers, MissedUsers, AUR, AUR_imp, APR, APR_imp); |
if (HiddenUsers ≠ ∅ or MissedUsers ≠ ∅ or RenamedUsers ≠ ∅) then |
conformity = false; |
end if; |
// checking the equivalence between roles |
HiddenRoles = calculate_hiddenroles (Roles, Roles_imp); |
MissedRoles = calculate_missedroles (Roles, Roles_imp); |
RenamedRoles = calculate_renamedroles (HiddenRoles, MissedRoles, APR, APR_imp); |
if (HiddenRoles ≠ ∅ or MissedRoles ≠ ∅ or RenamedRoles ≠ ∅) then |
conformity = false; |
end if; |
// checking the equivalence between users-roles assignments |
HiddenAUR = calculate_hiddenAUR (AUR, AUR_imp); |
MissedAUR = calculate_missedAUR (AUR, AUR_imp); |
if (HiddenAUR ≠ ∅ or MissedAUR ≠ ∅) then |
conformity = false; |
end if; |
// checking the equivalence between hierarchies of roles |
HiddenARR = calculate_hiddenARR (ARR, ARR_imp); |
MissedARR = calculate_missedARR (ARR, ARR_imp); |
if (HiddenARR ≠ ∅ or MissedARR ≠ ∅) then |
conformity = false; |
end if; |
// checking the equivalence between permissions-roles assignments |
HiddenAPR = calculate_hiddenAPR (APR, APR_imp); |
MissedAPR = calculate_missedAPR (APR, APR_imp); |
if (HiddenAPR ≠ ∅ or MissedAPR ≠ ∅) then |
conformity = false; |
end if; |
// checking the equivalence between access flows |
HiddenACFlow = calculate_hiddenACFlow (HiddenAUR, HiddenARR, HiddenAPR); |
MissedACFlow = calculate_missedACFlow (HiddenAUR, HiddenARR, HiddenAPR); |
// checking redundancies |
Redundancy = verifyRED(); |
DacRedundancy = verifyDACRED(); |
if (Redundancy ≠ ∅ or DacRedundancy ≠ ∅) then |
conformity = false; |
end if; |
if (conformity = true) then |
return (conformity); |
else |
save_&_return_report (); |
return (non-conformity); |
end if; |
end. |