This repository contains two versions of CPPL. The first is the version used for the original paper at ACM WPES 2016 with some extensions. The second version is the library form libcppl which is built in policy-decision-point and provided the basis for several integration concepts presented in the paper at IEEE IC2E 2018. We suggest the use of the latter if not explicitly pointed to otherwise.

Tested with Ubuntu 14.04

See debug.hh and options.hh, e.g., #define DEBUG_POLICY_GENERATION 1 enables output of the policy generation including the compressed policy. For libcppl see the corresponding files in policy-decision-point.

If you want to use CPPL from a python project you may use the available python module, which is built with

This will produce cppl_cpp_python_bridge.so and cppl.py in python-module/build/lib.<architecture>. You should only use cppl.py in your python project, but still need to make cppl_cpp_python_bridge.so and policy-decision-point/libcppl.so available for the python interpreter, e.g., by setting LD_LIBRARY_PATH accordingly.

If your system provides the jsoncpp library in version smaller 0.7.0 the compiling process will encounter errors such as undefined reference to `Json::Value::isInt64() const'. In such a case, please set USE_SYSTEM_JSONCPP in Makefile and policy-decision-point/Makefile to 0 to use the jsoncpp version included in this repository.

For additional options, e.g., output of reasons for the result, have a look at the options of the binaries (--help).

The API of libcppl is available from policy-decision-point/libcppl.hh.

NOTE: You may need to adapt lib.linux-x86_64-2.7 in the following commands according to your architecture.

In real use cases, compression and evaluation take place on different machines. More specifically, compression takes place at the client and evaluation takes place at policy decision points, e.g., routers, load balancers, or cloud servers. The following binaries separate compression and evaluation of a policy:

Furthermore, the server needs to know which parts of the policy it has to apply, i.e., which of his attributes fulfill the formula. To this end, the option --print-reason FILE of cppl_evaluate outputs these attributes as a JSON file.

This repository contains a small example implementation for a policy decision point (PDP) and minimal examples for client and server functionality. Note that this example PDP does not proceed beyond cppl results, i.e., a fully implemented PDP additionally needs to select an appropriate server (depending on cloud operator specific key performance indicators) and forward the request. Similarly, the server would need to check evaluation results (reasons given as json string) and handle data according to these policy evaluation results, e.g., set up triggers for deletion at a specific point in time. As this is use case specific, it must be implemented by the systems integrating CPPL.

The compressed policy is a binary file. To compare it with the readable debugging output it is helpful to print it as a bitstream

The following research papers present CPPL and it's underlying concepts: