Instance of the flow family

An instance of the flow family is an implementation of a finite-state machine whose description is given in the family instance configuration.

Family instance configuration

A configuration can be defined as a JSON object or as a string containing the path to a file with a JSON object.

During configuration, the parser of the family takes the following elements:

states – set of internal states. This is specified as a JSON array.
initial – initial state represented by a string.
transitions – table of transitions between states. This is specified as a JSON object, where the key is the current state, and the value is the JSON array of states to which it may transition.

All configuration parameters are required when creating a policy family instance.

Example

security.cfg

...

#include "kss/server/flow.cfg"

/* service_flow – example implementation of an abstract service

with a configuration comprised of four states.

Further examples of using the flow policy are based on this example. */

use family service_flow = flow {

states : [sleep, started, stopped, finished],

initial : sleep,

transitions : {

sleep : [started],

started : [stopped, finished],

stopped : [started, finished]

}

};

...

kos_sdk_flow_example

Example of a finite-state machine used in this section