CreDB Documentation

Note: The documentation is still being updated and will be extended over the next weeks

We provide a quick introduction on this page and refer to the full documentations at the bottom for more detailed explanations.

Quickstart

We assume that you have installed the software after downloading it. Servers can be started from the commandline.

./credb testserver

Once the server is started successfully, we can connect a client to it using CreDB’s Python API.

import credb

conn = credb.create_client('test_client', 'testserver', 'localhost')

c = conn.get_collection('foo')
c.put('bar', 42)

Policy Language

One of the main features of CreDB is secure policy enforcement. Policies are written in a subset of Python and have access to several modules that serve as source of information for their access decision.

Policies are conveniently set using the put_code functionality. In this simple example we set a policy that prevents any modifications to the object.

policy = """import op_info
            return not op_info.is_modification()"""

c.put("object", {"value", "read_only value"})

# Compile and set the policy
c.put_code("object.policy", policy)

# This will fail
c.put("object.value", "new value")

Transactions and Witnesses

CreDB supports ACID transactions that can generate self-standing witnesses as a result.

conn = credb.create_client('test', 'testserver', 'localhost')

tx = conn.init_transaction()
tc = tx.get_collection('default')

tc.put('foo', 'bar')

success, witness = tx.commit(True)

if not success:
    exit(-1) # Transaction failed to commit

# Print witness to stdout
print(witness.pretty_str())

Full Documentation

We provide API bindings for both C++ and Python. For both, an extensive documentation can be found below.