-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- GENIPUBLIC-COPYRIGHT
- Copyright (c) 2008-2009 University of Utah and the Flux Group.
- All rights reserved.
-
--->
-<!--
- ProtoGENI credential and privilege specification. The key points:
-
- * A credential is a set of privileges or a Ticket, each with a flag
- to indicate delegation is permitted.
- * A credential is signed and the signature included in the body of the
- document.
- * To support delegation, a credential will include its parent, and that
- blob will be signed. So, there will be multiple signatures in the
- document, each with a reference to the credential it signs.
-
- default namespace = "http://www.protogeni.net/resources/credential/0.1"
--->
-<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" xmlns:sig="http://www.w3.org/2000/09/xmldsig#">
- <xs:include schemaLocation="protogeni-rspec-common.xsd"/>
- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="sig.xsd"/>
- <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
- <xs:group name="anyelementbody">
- <xs:sequence>
- <xs:any minOccurs="0" maxOccurs="unbounded" processContents="skip"/>
- </xs:sequence>
- </xs:group>
- <xs:attributeGroup name="anyelementbody">
- <xs:anyAttribute processContents="skip"/>
- </xs:attributeGroup>
- <!-- This is where we get the definition of RSpec from -->
- <xs:element name="privilege">
- <xs:complexType>
- <xs:sequence>
- <xs:element ref="name"/>
- <xs:element name="can_delegate" type="xs:boolean"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="name">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:minLength value="1"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- <xs:element name="privileges">
- <xs:complexType>
- <xs:sequence>
- <xs:element minOccurs="0" maxOccurs="unbounded" ref="privilege"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="capability">
- <xs:complexType>
- <xs:sequence>
- <xs:element ref="name"/>
- <xs:element name="can_delegate">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="0"/>
- <xs:enumeration value="1"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="capabilities">
- <xs:complexType>
- <xs:sequence>
- <xs:element minOccurs="0" maxOccurs="unbounded" ref="capability"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="ticket">
- <xs:complexType mixed="true">
- <xs:sequence>
- <xs:element name="can_delegate" type="xs:boolean">
- <xs:annotation>
- <xs:documentation>Can the ticket be delegated?</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element ref="redeem_before"/>
- <xs:group ref="anyelementbody">
- <xs:annotation>
- <xs:documentation>A desciption of the resources that are being promised</xs:documentation>
- </xs:annotation>
- </xs:group>
- </xs:sequence>
- <xs:attributeGroup ref="anyelementbody"/>
- </xs:complexType>
- </xs:element>
- <xs:element name="redeem_before" type="xs:dateTime">
- <xs:annotation>
- <xs:documentation>The ticket must be "cashed in" by this date </xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="signatures">
- <xs:complexType>
- <xs:sequence>
- <xs:element maxOccurs="unbounded" ref="sig:Signature"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:complexType name="credentials">
- <xs:annotation>
- <xs:documentation>A credential granting privileges or a ticket.</xs:documentation>
- </xs:annotation>
- <xs:sequence>
- <xs:element ref="credential"/>
- </xs:sequence>
- </xs:complexType>
- <xs:element name="credential">
- <xs:complexType>
- <xs:sequence>
- <xs:element ref="type"/>
- <xs:element ref="serial"/>
- <xs:element ref="owner_gid"/>
- <xs:element minOccurs="0" ref="owner_urn"/>
- <xs:element ref="target_gid"/>
- <xs:element minOccurs="0" ref="target_urn"/>
- <xs:element ref="uuid"/>
- <xs:element ref="expires"/>
- <xs:choice>
- <xs:annotation>
- <xs:documentation>Privileges or a ticket</xs:documentation>
- </xs:annotation>
- <xs:element ref="privileges"/>
- <xs:element ref="ticket"/>
- <xs:element ref="capabilities"/>
- </xs:choice>
- <xs:element minOccurs="0" maxOccurs="unbounded" ref="extensions"/>
- <xs:element minOccurs="0" ref="parent"/>
- </xs:sequence>
- <xs:attribute ref="xml:id" use="required"/>
- </xs:complexType>
- </xs:element>
- <xs:element name="type">
- <xs:annotation>
- <xs:documentation>The type of this credential. Currently a Privilege set or a Ticket.</xs:documentation>
- </xs:annotation>
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="privilege"/>
- <xs:enumeration value="ticket"/>
- <xs:enumeration value="capability"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- <xs:element name="serial" type="xs:string">
- <xs:annotation>
- <xs:documentation>A serial number.</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="owner_gid" type="xs:string">
- <xs:annotation>
- <xs:documentation>GID of the owner of this credential. </xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="owner_urn" type="xs:string">
- <xs:annotation>
- <xs:documentation>URN of the owner. Not everyone can parse DER</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="target_gid" type="xs:string">
- <xs:annotation>
- <xs:documentation>GID of the target of this credential. </xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="target_urn" type="xs:string">
- <xs:annotation>
- <xs:documentation>URN of the target.</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="uuid" type="xs:string">
- <xs:annotation>
- <xs:documentation>UUID of this credential</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="expires" type="xs:dateTime">
- <xs:annotation>
- <xs:documentation>Expires on</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="extensions">
- <xs:annotation>
- <xs:documentation>Optional Extensions</xs:documentation>
- </xs:annotation>
- <xs:complexType mixed="true">
- <xs:group ref="anyelementbody"/>
- <xs:attributeGroup ref="anyelementbody"/>
- </xs:complexType>
- </xs:element>
- <xs:element name="parent" type="credentials">
- <xs:annotation>
- <xs:documentation>Parent that delegated to us</xs:documentation>
- </xs:annotation>
- </xs:element>
- <xs:element name="signed-credential">
- <xs:complexType>
- <xs:complexContent>
- <xs:extension base="credentials">
- <xs:sequence>
- <xs:element minOccurs="0" ref="signatures"/>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- </xs:element>
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>\r
+<!--\r
+ \r
+ Copyright (c) 2014 Raytheon BBN Technologies\r
+ \r
+ Permission is hereby granted, free of charge, to any person obtaining\r
+ a copy of this software and/or hardware specification (the "Work") to\r
+ deal in the Work without restriction, including without limitation the\r
+ rights to use, copy, modify, merge, publish, distribute, sublicense,\r
+ and/or sell copies of the Work, and to permit persons to whom the Work\r
+ is furnished to do so, subject to the following conditions:\r
+\r
+ The above copyright notice and this permission notice shall be\r
+ included in all copies or substantial portions of the Work.\r
+ \r
+ THE WORK IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS\r
+ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\r
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND\r
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT\r
+ HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,\r
+ WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\r
+ OUT OF OR IN CONNECTION WITH THE WORK OR THE USE OR OTHER DEALINGS\r
+ IN THE WORK.\r
+\r
+ Portions have this copyright:\r
+\r
+ GENIPUBLIC-COPYRIGHT\r
+ Copyright (c) 2008-2009 University of Utah and the Flux Group.\r
+ All rights reserved.\r
+ \r
+-->\r
+<!--\r
+ GENI credential and privilege specification. The key points:\r
+ \r
+ * A credential is a set of privileges or a Ticket, each with a flag\r
+ to indicate delegation is permitted. Or an ABAC RT0 statement.\r
+ * A credential is signed and the signature included in the body of the\r
+ document.\r
+ * To support delegation, a credential will include its parent, and that\r
+ blob will be signed. So, there will be multiple signatures in the\r
+ document, each with a reference to the credential it signs.\r
+ \r
+ Default namespace = "http://www.geni.net/resources/credential/2"\r
+-->\r
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" xmlns:sig="http://www.w3.org/2000/09/xmldsig#">\r
+ <xs:include schemaLocation="protogeni-rspec-common.xsd"/>\r
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="sig.xsd"/>\r
+ <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>\r
+ <xs:group name="anyelementbody">\r
+ <xs:sequence>\r
+ <xs:any minOccurs="0" maxOccurs="unbounded" processContents="skip"/>\r
+ </xs:sequence>\r
+ </xs:group>\r
+ <xs:attributeGroup name="anyelementbody">\r
+ <xs:anyAttribute processContents="skip"/>\r
+ </xs:attributeGroup>\r
+ <!-- This is where we get the definition of RSpec from -->\r
+ <xs:element name="privilege">\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element ref="name"/>\r
+ <xs:element name="can_delegate" type="xs:boolean"/>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="name">\r
+ <xs:simpleType>\r
+ <xs:restriction base="xs:string">\r
+ <xs:minLength value="1"/>\r
+ </xs:restriction>\r
+ </xs:simpleType>\r
+ </xs:element>\r
+ <xs:element name="privileges"> <!-- For type 'privilege' only -->\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="privilege"/>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="capability">\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element ref="name"/>\r
+ <xs:element name="can_delegate">\r
+ <xs:simpleType>\r
+ <xs:restriction base="xs:token">\r
+ <xs:enumeration value="0"/>\r
+ <xs:enumeration value="1"/>\r
+ </xs:restriction>\r
+ </xs:simpleType>\r
+ </xs:element>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="capabilities"> <!-- For type 'capability' only -->\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="capability"/>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="ticket"> <!-- For type 'ticket' only -->\r
+ <xs:complexType mixed="true">\r
+ <xs:sequence>\r
+ <xs:element name="can_delegate" type="xs:boolean">\r
+ <xs:annotation>\r
+ <xs:documentation>Can the ticket be delegated?</xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element ref="redeem_before"/>\r
+ <xs:group ref="anyelementbody">\r
+ <xs:annotation>\r
+ <xs:documentation>A desciption of the resources that are being promised</xs:documentation>\r
+ </xs:annotation>\r
+ </xs:group>\r
+ </xs:sequence>\r
+ <xs:attributeGroup ref="anyelementbody"/>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="redeem_before" type="xs:dateTime">\r
+ <xs:annotation>\r
+ <xs:documentation>The ticket must be "cashed in" by this date </xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+\r
+ <!-- Elements used for type 'abac'. See http://groups.geni.net/geni/wiki/TIEDABACCredential -->\r
+ <xs:element name="ABACprincipal">\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element name="keyid" type="xs:string"/> <!-- SHA1 hash of the principal's public key -->\r
+ <xs:element name="mnemonic" type="xs:string" minOccurs="0" maxOccurs="1"/> <!-- EG principal's URN -->\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <!-- A single rt0 element is required for creds of type 'abac'. Must have a single 'head'\r
+ and at least one 'tail'. -->\r
+ <xs:element name="rt0">\r
+ <xs:annotation>\r
+ <xs:documentation>An ABAC RT0 statement, used only for type 'abac'.</xs:documentation>\r
+ </xs:annotation>\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element name="version" type="xs:string" /> <!-- 1.1 for this schema -->\r
+ <xs:element name="head">\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element ref="ABACprincipal"/> <!-- Matching the cred signer -->\r
+ <xs:element name="role" type="xs:string"/>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="tail" minOccurs="1" maxOccurs="unbounded">\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element ref="ABACprincipal"/>\r
+ <xs:element name="role" type="xs:string" minOccurs="0" maxOccurs="1"/>\r
+ <xs:element name="linking_role" type="xs:string" minOccurs="0" \r
+ maxOccurs="1"/>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="abac">\r
+ <xs:annotation>\r
+ <xs:documentation>An ABAC assertion containing a single RT0 statement, used only for type 'abac'.</xs:documentation>\r
+ </xs:annotation>\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element minOccurs="1" maxOccurs="1" ref="rt0"/>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+\r
+ <xs:element name="signatures">\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element maxOccurs="unbounded" ref="sig:Signature"/>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:complexType name="credentials">\r
+ <xs:annotation>\r
+ <xs:documentation>A credential granting privileges or a ticket or making an ABAC assertion.</xs:documentation>\r
+ </xs:annotation>\r
+ <xs:sequence>\r
+ <xs:element ref="credential"/>\r
+ </xs:sequence>\r
+ </xs:complexType>\r
+ <xs:element name="credential">\r
+ <xs:complexType>\r
+ <xs:sequence>\r
+ <xs:element ref="type"/>\r
+ <xs:element ref="serial"/>\r
+ <xs:element ref="owner_gid"/>\r
+ <xs:element minOccurs="0" ref="owner_urn"/>\r
+ <xs:element ref="target_gid"/>\r
+ <xs:element minOccurs="0" ref="target_urn"/>\r
+ <xs:element ref="uuid"/>\r
+ <xs:element ref="expires"/>\r
+ <xs:choice>\r
+ <xs:annotation>\r
+ <xs:documentation>Privileges or a ticket or an ABAC assertion</xs:documentation>\r
+ </xs:annotation>\r
+ <xs:element ref="privileges"/>\r
+ <xs:element ref="ticket"/>\r
+ <xs:element ref="capabilities"/>\r
+ <xs:element ref="abac"/>\r
+ </xs:choice>\r
+ <xs:element minOccurs="0" maxOccurs="unbounded" ref="extensions"/>\r
+ <xs:element minOccurs="0" ref="parent"/>\r
+ </xs:sequence>\r
+ <xs:attribute ref="xml:id" use="required"/>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="type">\r
+ <xs:annotation>\r
+ <xs:documentation>The type of this credential. Currently a Privilege set or a Ticket or ABAC.</xs:documentation>\r
+ </xs:annotation>\r
+ <xs:simpleType>\r
+ <xs:restriction base="xs:token">\r
+ <xs:enumeration value="privilege"/>\r
+ <xs:enumeration value="ticket"/>\r
+ <xs:enumeration value="capability"/>\r
+ <xs:enumeration value="abac"/>\r
+ </xs:restriction>\r
+ </xs:simpleType>\r
+ </xs:element>\r
+ <xs:element name="serial" type="xs:string">\r
+ <xs:annotation>\r
+ <xs:documentation>A serial number.</xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element name="owner_gid" type="xs:string">\r
+ <xs:annotation>\r
+ <xs:documentation>GID of the owner of this credential. </xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element name="owner_urn" type="xs:string">\r
+ <xs:annotation>\r
+ <xs:documentation>URN of the owner. Not everyone can parse DER</xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element name="target_gid" type="xs:string">\r
+ <xs:annotation>\r
+ <xs:documentation>GID of the target of this credential. </xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element name="target_urn" type="xs:string">\r
+ <xs:annotation>\r
+ <xs:documentation>URN of the target.</xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element name="uuid" type="xs:string">\r
+ <xs:annotation>\r
+ <xs:documentation>UUID of this credential</xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element name="expires" type="xs:dateTime">\r
+ <xs:annotation>\r
+ <xs:documentation>Expires on in ISO8601 format but preferably RFC3339</xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element name="extensions">\r
+ <xs:annotation>\r
+ <xs:documentation>Optional Extensions</xs:documentation>\r
+ </xs:annotation>\r
+ <xs:complexType mixed="true">\r
+ <xs:group ref="anyelementbody"/>\r
+ <xs:attributeGroup ref="anyelementbody"/>\r
+ </xs:complexType>\r
+ </xs:element>\r
+ <xs:element name="parent" type="credentials">\r
+ <xs:annotation>\r
+ <xs:documentation>Parent that delegated to us</xs:documentation>\r
+ </xs:annotation>\r
+ </xs:element>\r
+ <xs:element name="signed-credential">\r
+ <xs:complexType>\r
+ <xs:complexContent>\r
+ <xs:extension base="credentials">\r
+ <xs:sequence>\r
+ <xs:element minOccurs="0" ref="signatures"/>\r
+ </xs:sequence>\r
+ </xs:extension>\r
+ </xs:complexContent>\r
+ </xs:complexType>\r
+ </xs:element>\r
+</xs:schema>\r