Tutorial
Creating an Asset
- Using the Sidebar, select
Add Asset
.
- You will see an Asset Creation form where you can provide details about your new Asset:
- At a minimum, you will need to add an Asset Name, Asset Type, and your choice of Proof Mechanism when using the UI to create an Asset:
Asset Name
- This is the unique name of the Asset i.e. ‘My Bike’Asset Type
- This is the type of Asset - while arbitrary, it is best to have consistency amongst the Assets you use i.e. if it is a bike, the type could beBike
which will then be pre-populated for future Assets to use.Proof Mechanism
- This identifies how frequently Asset history information is committed to the blockchain.Khipu
- or ‘Transactional Immutability’ - indicates that every Event is committed through smart contracts and immediately committed to the chain.Simple Hash
- or ‘Batched Immutability’ - indicates that Events are processed in the RKVST tenancy and then periodically collected together and committed to the chain as a batch.
- You may wish to add other details to your Asset, including Attachments and Extended Attributes.
Extended Attributes are user-defined and added per unique Asset.
To add a new Attribute to an Asset select Add Attribute
and then enter your key-value pair.
For Example:
To add an attachment, such as an image of your asset, select Add Attachment
and then select the plus symbol.
- Once complete, click
Create Asset
.
Manage Assets
(default view) is where you may view a list of your Assets within the UI.
- To view a detailed history of your Asset, click the Asset row.
Here you will see the details entered earlier: The Extended Attributes and the history of any Events recorded on the Asset.
The first Event in an Asset’s Lifecycle will always be the ‘Asset Creation’ Event. In the next section, you will find out how to create your own events against an Asset.
Creating Events
- When viewing your Asset, click the
Record Event
button.
- You will see the following form, where you can enter an Event
Type
andDescription
.
- Using the Tabs enables you to then enter both Event and Asset attributes.
Event Attributes
- Attributes specific to an Event i.e. signifying when a new frame was orderedAsset Attributes
- Attributes of the Asset that may change as a result of the Event i.e. the color of the new frame
Select the Add Attribute
button on each field to add your own custom Key-Value pairs.
For example:
Here you see that someone noted a new frame has been ordered in the Event, and has also recorded the color of the frame using a newly defined Frame Color
Asset Attribute.
Note that every Event will always have a timestamp_accepted
and principal_accepted
Event Attributes once created, which records when who performed what, as submitted to RKVST; this is added automatically at Event Creation.
Similarly, PDFs or images can also be attached to an Event in the same way as an Asset.
Attaching files is beneficial when storing contextual and associated material for posterity. For example, each Frame Order
Event may have a copy of the invoice for the new frame and a datasheet attached ready for historical inspection and compliance checking.
- Once you have entered your data, click the
Record Event
Button, to add the Event to your Asset.
You will see that the Asset Attribute that changed is recorded in the Asset View.
- You can click the Event row to inspect the Event:
Here are the details entered earlier and also a tab that will show both the Event Attributes and Asset Attributes:
Adding External Organizations to Allow Sharing
A key aspect of RKVST is the ability to share specific information with multiple external parties, in order to achieve this, you must first import the ID of the External Organization.
Finding Your Own ID
- As a Root User, navigate to
Access Policies
.
- Select the Subjects Tab, where your own Organization’s ID will be located in the
Self
box.
Caution: Please do not use the subject info obtained from the copy menu on the login button.
This string is the one you should share with a 3rd Party who wants to share their data with you.
Importing External Organization’s ID
Once you have an Asset defined, it can be shared both within your department or even to another organization, enhancing the multi-party sharing experience.
Note: You must request that any external organization you wish to share with find their own Organization’s ID using the steps above and share it with you before you can begin sharing Asset data with them.
- As a Root User, navigate to
Access Policies
.
- Select the Subjects Tab and then
Import Subject
.
- You will be presented with a new form:
Subject String
is the ID of the Organization that you wish to share Asset evidence with,Name
is a Friendly Name for you to label the imported organization.
Creating an OBAC Sharing Policy
- Navigate to the
Access Policies
section in the Sidebar.
- Here you can manage your existing policies, but for now select
Add Policy
.
- When you add a policy the following form will appear:
- You should begin applying filters to your Policy so it applies to the correct assets. Following the example let’s filter for
Bike
type Assets in theJitsuin Paris
Location.
Note: The applied filters should be an exact match to what has been recorded. Following the above example, there should be an Asset Type ofBike
and location ofJitsuin Paris
within RKVST.
- Select the
Permissions
Tab and define which Organizations can read and write which Attributes and Events.
- In the example let’s use the
Organization
actor, implying OBAC (Organization Based Access Control).
Enter the Friendly Name of the Organization you wish to share with and a pre-populated, drop-down search of the Organizations you have already imported should appear.
Note: You will need to have imported another Organization’s ID before you can specify a policy to share information with that Organization.
- Once the relevant details are complete, add the Permission Group to the policy by selecting
Add Permission Group
.
Note that the examples includes RKVST-significant attributes: arc_display_name
and arc_display_type
which allows visibility to the External Organization of the Name and Type of Asset being shared.
- Once complete, select
Create Policy
and check the Asset is shared appropriately.
Mandy should be able to see only the Name
and Type
of Asset and the Asset’s custom Frame Color
attribute.
By comparison our own Tenancy’s Root User, Jill, can see the full details of the Asset:
- If Mandy wishes to then share what she can with Non-Root Users in her organization, it is her responsibility to create an ABAC Policy as she would any other Asset.
ABAC and OBAC Policy Creation has many fine-grained controls, head over to the IAM Policies API Reference to find out more.