MQP:Tool Use Cases
From JimboWiki
|
Definitions
- Tool
- Some user interface to the ResourceModel and AnalysisModel that provides useful data and functionalities.
- Code Group
- A container that allows the tool to sort information logically. Includes instances of actions, rules, and analysis results.
- Unmatched rule
- A rule that is present in a code group but is not used in any of the code group's actions
Setup
- U1: Starting the tool
- The user launches the tool
- The tool requests the location of the rule and action definition file from the user (possibly allows a "default" setting also)
- User specifies the definition file
- Tool loads the definition file
- Tool presents user with empty policy configuration
- U2: Specifying code groups (protection domains, code sources, etc)
- User specifies a name for the code group
- Tool creates new empty group
Analysis
- U3: Static Analysis
- User selects an analysis tool
- User specifies a set of classes to perform analysis on, along with any other tool-specific parameters
- User specifies which code group the analysis belongs to
- Tool runs analysis and populates code group with results
Action Manipulation
- U4: Adding an action to a code group (depends: U8)
- User specifies a code group
- User specifies action to add
- Tool presents action's parameters (possibly in some simplified format) to the user to be filled in
- User fills in the parameters
- Tool adds the action
- Tool recalculates rules (as specified in U8)
- U5: Removing an action from a code group (depends: U8)
- User specifies an action within a code group to be removed
- Tool eliminates action
- Tool recalculates rules (as specified in U8)
Rule Manipulation
- U6: Adding a rule to a code group (depends: U9)
- User specifies a code group
- User specifies rule to add
- Tool presents rule's parameters (possibly in some simplified format) to the user to be filled in
- User fills in the parameters
- Tool adds the rules
- Tool recalculates action (as specified in U9)
- U7: Removing a rule from a code group (depends: U9)
- User specifies a rule within a code group to be removed
- Tool eliminates rule
- Tool recalculates actions (as specified in U9)
Action/Rule Conversion
- U8: Convert actions to rules
- Tool converts all of a code group's defined actions into their specified rules
- Resolved rules that already exist in the code group's set of rules are discarded
- Resolved rules that do not exist in the code group's set of rules are added
- Each rule that exists in the code group's set of rules that does not appear in the set of resolved rules are removed, unless it is an unmatched rule
- U9: Convert rules to actions
- Tool converts all of a code group's defined rules into their specified action
- Resolved actions that already exist in the code group's set of actions are discarded
- Resolved actions that do not exist in the code group's set of rules are added
- Each action that exists in the code group's set of actions that does not appear in the set of resolved actions is removed
- Rules that exist but are not used in the creation of any action are mark as unmatched rules
Policy Export
- U10: Exporting policy to standard format
- U13: Exporting policy to other format
Policy Import
- U11: Importing policy from standard format
- U12: Importing policy from other format