User Guide

Overview
- BGM
- Main Page More
  - About
  - Help
  - Functionality
  - Learn
  - Reset
  - Share
- The Scene
  - People
  - Buildings
  - Levels
Quiz
Level 01
- Functionality Introduction
  - Capability overview
  - Role
  - House
  - Bank
- House Feature
  - Blacklist
  - Whitelist
  - Note
Level 02
Level 03
Have Fun

Overview

This app is a simulator to demonstrate how capability based access control works.

BGM

In the toolbar (purple bar at the top of main page), click the “mute” icon to start BGM.

When the BGM is turned on, you can click the “music note” icon at the same position to stop the BGM.

Main Page More

Next to the “mute / music note” icon, you can click “…” to view more options, here are some of the options you might want to know:

About

Briefly introduces some information about this app.

Clicking the “AC Demo” floating action button will bring you to the home web page of this app.

Help

Introduces the functionality of this app.

You can always get to the “Help” page through the main page by clicking the “…” icon and then select the “Help” option!

To view an online version of the help page, click “…” and select “Online Version”.

Functionality

Provides an overview of the functionality of this app, you are strongly recommended to have a look after reading this “Help” page.

Learn

Teaches some basic access control concepts and operations on capabilities together with their implementation in the House and Bank features.

Reset

Reset the demo , clear all the data and progresses.

Share this app by sending a text message containing the website where this app can be downloaded and installed on an Android phone.

The Scene

There are three people and two buildings in the scene.

People

[Owner]: the owner of the house
[Servant]: the servant of the [Owner]
[Friend]: the friend of the [Owner]

Note: There is also a [Stranger] who is not authenticated in the scene. The stranger cannot have any capability as he is not authenticated, so he is ignored in the context.

Buildings

House : the Owner’s house
Bank : the bank where people could do some basic services such as open an account, delegate the account access and view the account

Levels

There are three levels in this app and you can progress through answering quiz questions.

The higher the level, the more features will be unblocked.

Quiz

By clicking the quiz image in the main page, you would enter the quiz page.

Clicking the “user” floating action button at the right bottom of the quiz page will show you the achievements you have got ( your current points and current level ).

There are 5 quiz questions in total and you can only progress to next question when you have answered the current one.

By giving the correct answer, you can get 20 points for each question, otherwise you get 0.

Each question can only be answered ONCE.

Level 01 : the level you initially in
Level 02 : get 20 points ( get 1 correct answer )
Level 03 : get 60 points ( answer 3 questions correctly )

Level 01

In Level 01, the feature unblocked is the House .

Functionality Introduction

There are few buttons you may want to know in the main page:

Capability overview

Shows the capabilities of all the three persons.

If you want to see the individual capabilities, you can click each person’s image.

The capability is shown like this, for example house (infinite) means one person has infinite capability of entering the House.

There are three types of capabilities:

infinite capability by the word infinite
the number of capabilities shown by a number, which specifies the number of times the person can use this capability
the time period capability by the word period, which mean the person can have that capability within a given time period

Role

You can switch your role, in default, the role is set to be the [Owner].

House

You can click the house image , if you have the capability to enter the house, you will directly enter the house.

Bank

Go to the bank by clicking the bank image , however it’s currently blocked, you will need to reach Level 03 to unblock this feature.

House Feature

Once you enter the house, you can leave it by clicking the “leave” button.

Note that the Blacklist and Whitelist button can only be used by the [Owner] and the “issue capability” function will be unblocked in next level.

Blacklist

As the [Owner], you can decide the person to be added into the blacklist , the person in the blacklist will have all their house capability removed.

You can also find “blacklist” option when you select “…” on top right of the house page.

Whitelist

When you put the person in whitelist as the [Owner], the person would have infinite house capability.

When you put a person in the whitelist you could also choose where to allow the person further delegates your house capability.

You can also find “whitelist” option when you select “…” on top right of the house page.

Note

One person can not be in the white and black list spontaneously!

Level 02

The capability issuing for house is unblocked!

Notice

Note that, from now on, the “blacklist” and “whitelist” options can only been view when select “…” on top right of the house page!

Their functionality remains the same, the only change is that, the previous two buttons will no longer appear at the house page.

Issue House Capability

In this level, you can issue capability for House entry when you are in the role of [Owner] or you are given the right to further delegate your capability.

There are two types of capability you can issue: capability by number of times and the capability by a period of time.

Note

for the demonstrate purpose, there are limits for you to set the capabilities, for example the maximum time capability issued is 120 seconds
the person who received that capability should in neither black nor white list
if the person already got the house capability, you cannot issue him house capability again until the previous one is used up, expired or been removed

Revoke House Capability

Of course, as the [Owner], you can revoke all the capabilities issued no matter by yourself or by other users.

By clicking “revoke all” button, all the issued capabilities except those issued using whitelist will be removed.

Note that, for those people in the whitelist, you have to remove them in the “whitelist” page!

Level 03

The bank feature is unblocked!

Congratulations! You unblocked all the features in this app!

There are seven buttons which you can use inside the bank page, their functionality will be introduced in this section.

Open Account & Delete Account

Each person can open or delete his bank account by clicking these two buttons.

View Owner Account & View Servant Account & View Friend Account

Three buttons to view user accounts.

If the user does not have an account, it will show some random data indicating the resources is NOT protected.

If the user has an account, you will need corresponding capability to view his account.

Delegate My Account

The owner of the account can delegate the capability to view his account to other people.

This is similar to the issue capability in the Level 02 feature, and you will find that they have the same layout.

Revoke Delegation

There are two modes to revoke the delegation

revoke all the delegations the owner of the account issued (default)
revoke one specific delegation by selecting a specific person

Have fun

And that’s it! That is basic all the functionality of this app, thanks for reading!

Wish you like this app and have fun exploring it!

AC Demo

A simulator to demonstrate an access control process