Context Navigation

source: fedd/abac-src/ttg/trust/LinkingGoalNode.java @ bc24428

version-1.30

Last change on this file since bc24428 was 8780cbec, checked in by Jay Jacobs <Jay.Jacobs@…>, 15 years ago
ABAC sources from Cobham
Property mode set to `100644`
File size: 8.1 KB

Rev	Line
[8780cbec]	1	/*
	2	* Copyrighted (C) 2002, Networks Associates Technology, Inc.
	3	* All rights reserved
	4	*/
	5	package com.nailabs.abac.trust;
	6
	7	import com.nailabs.abac.process.*;
	8	import com.nailabs.abac.test.*;
	9	import edu.stanford.peer.rbtm.credential.*;
	10	import java.util.*;
	11	import java.io.*;
	12
	13	/**
	14	* A trust target graph node, representing a linking goal. This node has a
	15	* triplet uniqueness based on the verifier, rolename, and subject. It can
	16	* have multiple parents (via linking monintor edges) and multiple childen
	17	* (via linking solution edges).
	18	*/
	19	public class LinkingGoalNode extends TTGNode implements SatisfactionListener {
	20
	21	// Node state information constants
	22
	23	/** Reserved for future use */
	24	public static final String OPAQUE = "opaque";
	25
	26	private CompletionState state = new CompletionState();
	27
	28	private int completionCount = 0;
	29
	30	/** string constructor */
	31	public LinkingGoalNode(String goal)
	32	throws TrustTargetParsingException, CredentialParsingException {
	33	this(new LinkingGoal(goal));
	34	}
	35
	36	/** parsed object constructor */
	37	public LinkingGoalNode(Entity verifier, RoleName target, Entity subject)
	38	throws TrustTargetParsingException, CredentialParsingException {
	39	this(new LinkingGoal(verifier, target, subject));
	40	}
	41
	42	/** default constructor */
	43	public LinkingGoalNode(LinkingGoal goal) {
	44	super(goal);
	45	subName = "LinkingGoal";
	46	state.addObserver(this);
	47	}
	48
	49	/**
	50	* Notify observers that this node's completion state has been changed.
	51	*/
	52	public void update(Observable obs, Object obj) {
	53	if(obs == state) {
	54	setChanged();
	55	notifyObservers(state);
	56	} else {
	57	super.update(obs, obj);
	58	}
	59	}
	60
	61
	62	/**
	63	* Each distinct node type should know how to process itself, so this
	64	* method should be overridden in subclasses.
	65	* @param context A context w/helper functions required for processing
	66	*/
	67	public void verifierProcess(NegotiationContext context) {
	68	//this case should not occur
	69	}
	70
	71	/**
	72	* Each distinct node type should know how to process itself, so this
	73	* method should be overridden in subclasses.
	74	* @param context A context w/helper functions required for processing
	75	*/
	76	public void opponentProcess(NegotiationContext context) {
	77	TTG graph = context.getGraph();
	78	LinkingGoal goal = (LinkingGoal)getGoal();
	79	FrontierManager f = context.getFrontier();
	80	Entity verifier = goal.getVerifier();
	81	EntityExpression subject = goal.getSubject();
	82	HashSet solutions = new HashSet();
	83
	84	debug("linking-goal", "Opponent processing " + goal);
	85	// (1) O adds a linking solution edge G <--< <V: A.r2 <<-?- S>, for
	86	// any A.r2 which is an element of sensitiveRole(O) or
	87	// A.r2 defined by a credentials in CsuperS(O)
	88
	89	// collect the sensitive roles which match with r2
	90	Iterator sensitiveRoles =
	91	f.getAckPolicy().getSensitiveRoles().iterator();
	92	while(sensitiveRoles.hasNext()) {
	93	Role sensitive = (Role)sensitiveRoles.next();
	94	if(sensitive.getName().equals(getTargetRoleName())) {
	95	solutions.add(sensitive);
	96	debug("linking-goal", "found sensitive role = " + sensitive);
	97	}
	98	}
	99	// add the roles (r2) where it is definied by a credential
	100	Iterator defined = f.getCredentialsDefiningRole(getTargetRoleName());
	101	if(!defined.hasNext()) {
	102	debug("linking-goal", "no credentials foudn defining role: " +
	103	getTargetRoleName());
	104	}
	105	while(defined.hasNext()) {
	106	StaticCredential credential = (StaticCredential)defined.next();
	107	Role solution = credential.getDefinedRole();
	108	solutions.add(solution);
	109	debug("linking-goal", "found matching r2 = " + solution);
	110	}
	111	// iterate through the solution and add the linking solution edges
	112	Iterator i = solutions.iterator();
	113	while(i.hasNext()) {
	114	try {
	115	Role solution = (Role)i.next();
	116	TrustTarget child =
	117	new TrustTarget(verifier, solution, subject);
	118	graph.addLinkingSolutionEdge(goal, child);
	119	} catch(Exception ex) {
	120	ex.printStackTrace();
	121	}
	122	}
	123	// (2) O can mark this node opponent-processed only after (1) is done.
	124	graph.setOpponentProcessed(goal);
	125	}
	126
	127	public void addLinkingImplicationEdges(TrustTarget target) {
	128	NegotiationContext context = getContext();
	129	FrontierManager fm = context.getFrontier();
	130
	131	Entity v = getVerifier();
	132	Entity b = ((Role)target.getTargetRole()).getBase();
	133	TTG graph = getContext().getGraph();
	134	Iterator i = parents.values().iterator();
	135
	136	while(i.hasNext()) {
	137	try {
	138	LinkTTNode parent = (LinkTTNode)i.next();
	139	RoleName r1 = parent.getFirstRole().getName();
	140	boolean subjectTraceable = fm.isSubjectTraceable(r1);
	141	if(context.getSelf().equals(getVerifier())) {
	142	// if we're the verifier
	143	if(!subjectTraceable) {
	144	// check r1 that is not subject traceable
	145	TrustTarget parentTarget =
	146	(TrustTarget)parent.getGoal();
	147	TrustTarget child =
	148	new TrustTarget(v, parent.getFirstRole(), b);
	149	graph.addLinkingImplicationEdge(parentTarget, child);
	150	}
	151	} else {
	152	// else we are the opponent
	153	if(subjectTraceable) {
	154	// check r1 that is not subject traceable
	155	TrustTarget parentTarget =
	156	(TrustTarget)parent.getGoal();
	157	TrustTarget child =
	158	new TrustTarget(v, parent.getFirstRole(), b);
	159	graph.addLinkingImplicationEdge(parentTarget, child);
	160	}
	161	}
	162	} catch(Exception ex) {
	163	ex.printStackTrace();
	164	}
	165	}
	166	}
	167
	168	/**
	169	* A linking goal uses this interface to act as a monitor for its own
	170	* completion state and to add linking-implication edges
	171	*/
	172	public TTGNodeSet receive(TrustTarget target, SatisfactionState state) {
	173	// a satisfied linking solution does step 2 in linked role processing
	174	if(state.getState() == SatisfactionState.SATISFIED) {
	175	debug("linking-goal", "received SATISFIED from " + target);
	176	addLinkingImplicationEdges(target);
	177	}
	178	// Just in case we get unknown satisfaction state propagation check
	179	//for it here to make certain we have an accurate completion count
	180	if(state.getState() != SatisfactionState.UNKNOWN) {
	181	completionCount++;
	182	if(completionCount <= children.size()) {
	183	this.state.setComplete(true);
	184	}
	185	}
	186	// if this node is complete, we should notify the parent(s)
	187	if(isComplete()) {
	188	Iterator i = parents.values().iterator();
	189	notifyObservers(this.state);
	190
	191	while(i.hasNext()) {
	192	LinkTTNode parent = (LinkTTNode)i.next();
	193	parent.receive((LinkingGoal)getGoal(),
	194	new CompletionState(true) );
	195	}
	196	}
	197	return new TTGNodeSet();
	198	}
	199
	200	public boolean isComplete() {
	201	return state.isComplete();
	202	}
	203
	204	/** convenience method for extracting the target role name for this node */
	205	public RoleName getTargetRoleName() {
	206	return ((LinkingGoal)getGoal()).getTargetRoleName();
	207	}
	208
	209	public String toXML() {
	210	// Add node state here (eg. in/complete, etc.)
	211	StringBuffer state = new StringBuffer("state=\"");
	212	state.append(this.state);
	213	// Add linking solutions if any */
	214	return toXML(state.toString(), "");
	215	}
	216
	217	}
	218
	219
	220

Note: See TracBrowser for help on using the repository browser.

Download in other formats: