Context Navigation

source: fedd/abac-src/ttg/trust/LinkingGoalNode.java @ 8780cbec

axis_examplecompt_changesinfo-opsversion-1.30version-2.00version-3.01version-3.02

Last change on this file since 8780cbec was 8780cbec, checked in by Jay Jacobs <Jay.Jacobs@…>, 15 years ago
ABAC sources from Cobham
Property mode set to `100644`
File size: 8.1 KB

Line
1	/*
2	* Copyrighted (C) 2002, Networks Associates Technology, Inc.
3	* All rights reserved
4	*/
5	package com.nailabs.abac.trust;
6
7	import com.nailabs.abac.process.*;
8	import com.nailabs.abac.test.*;
9	import edu.stanford.peer.rbtm.credential.*;
10	import java.util.*;
11	import java.io.*;
12
13	/**
14	* A trust target graph node, representing a linking goal. This node has a
15	* triplet uniqueness based on the verifier, rolename, and subject. It can
16	* have multiple parents (via linking monintor edges) and multiple childen
17	* (via linking solution edges).
18	*/
19	public class LinkingGoalNode extends TTGNode implements SatisfactionListener {
20
21	// Node state information constants
22
23	/** Reserved for future use */
24	public static final String OPAQUE = "opaque";
25
26	private CompletionState state = new CompletionState();
27
28	private int completionCount = 0;
29
30	/** string constructor */
31	public LinkingGoalNode(String goal)
32	throws TrustTargetParsingException, CredentialParsingException {
33	this(new LinkingGoal(goal));
34	}
35
36	/** parsed object constructor */
37	public LinkingGoalNode(Entity verifier, RoleName target, Entity subject)
38	throws TrustTargetParsingException, CredentialParsingException {
39	this(new LinkingGoal(verifier, target, subject));
40	}
41
42	/** default constructor */
43	public LinkingGoalNode(LinkingGoal goal) {
44	super(goal);
45	subName = "LinkingGoal";
46	state.addObserver(this);
47	}
48
49	/**
50	* Notify observers that this node's completion state has been changed.
51	*/
52	public void update(Observable obs, Object obj) {
53	if(obs == state) {
54	setChanged();
55	notifyObservers(state);
56	} else {
57	super.update(obs, obj);
58	}
59	}
60
61
62	/**
63	* Each distinct node type should know how to process itself, so this
64	* method should be overridden in subclasses.
65	* @param context A context w/helper functions required for processing
66	*/
67	public void verifierProcess(NegotiationContext context) {
68	//this case should not occur
69	}
70
71	/**
72	* Each distinct node type should know how to process itself, so this
73	* method should be overridden in subclasses.
74	* @param context A context w/helper functions required for processing
75	*/
76	public void opponentProcess(NegotiationContext context) {
77	TTG graph = context.getGraph();
78	LinkingGoal goal = (LinkingGoal)getGoal();
79	FrontierManager f = context.getFrontier();
80	Entity verifier = goal.getVerifier();
81	EntityExpression subject = goal.getSubject();
82	HashSet solutions = new HashSet();
83
84	debug("linking-goal", "Opponent processing " + goal);
85	// (1) O adds a linking solution edge G <--< <V: A.r2 <<-?- S>, for
86	// any A.r2 which is an element of sensitiveRole(O) or
87	// A.r2 defined by a credentials in CsuperS(O)
88
89	// collect the sensitive roles which match with r2
90	Iterator sensitiveRoles =
91	f.getAckPolicy().getSensitiveRoles().iterator();
92	while(sensitiveRoles.hasNext()) {
93	Role sensitive = (Role)sensitiveRoles.next();
94	if(sensitive.getName().equals(getTargetRoleName())) {
95	solutions.add(sensitive);
96	debug("linking-goal", "found sensitive role = " + sensitive);
97	}
98	}
99	// add the roles (r2) where it is definied by a credential
100	Iterator defined = f.getCredentialsDefiningRole(getTargetRoleName());
101	if(!defined.hasNext()) {
102	debug("linking-goal", "no credentials foudn defining role: " +
103	getTargetRoleName());
104	}
105	while(defined.hasNext()) {
106	StaticCredential credential = (StaticCredential)defined.next();
107	Role solution = credential.getDefinedRole();
108	solutions.add(solution);
109	debug("linking-goal", "found matching r2 = " + solution);
110	}
111	// iterate through the solution and add the linking solution edges
112	Iterator i = solutions.iterator();
113	while(i.hasNext()) {
114	try {
115	Role solution = (Role)i.next();
116	TrustTarget child =
117	new TrustTarget(verifier, solution, subject);
118	graph.addLinkingSolutionEdge(goal, child);
119	} catch(Exception ex) {
120	ex.printStackTrace();
121	}
122	}
123	// (2) O can mark this node opponent-processed only after (1) is done.
124	graph.setOpponentProcessed(goal);
125	}
126
127	public void addLinkingImplicationEdges(TrustTarget target) {
128	NegotiationContext context = getContext();
129	FrontierManager fm = context.getFrontier();
130
131	Entity v = getVerifier();
132	Entity b = ((Role)target.getTargetRole()).getBase();
133	TTG graph = getContext().getGraph();
134	Iterator i = parents.values().iterator();
135
136	while(i.hasNext()) {
137	try {
138	LinkTTNode parent = (LinkTTNode)i.next();
139	RoleName r1 = parent.getFirstRole().getName();
140	boolean subjectTraceable = fm.isSubjectTraceable(r1);
141	if(context.getSelf().equals(getVerifier())) {
142	// if we're the verifier
143	if(!subjectTraceable) {
144	// check r1 that is not subject traceable
145	TrustTarget parentTarget =
146	(TrustTarget)parent.getGoal();
147	TrustTarget child =
148	new TrustTarget(v, parent.getFirstRole(), b);
149	graph.addLinkingImplicationEdge(parentTarget, child);
150	}
151	} else {
152	// else we are the opponent
153	if(subjectTraceable) {
154	// check r1 that is not subject traceable
155	TrustTarget parentTarget =
156	(TrustTarget)parent.getGoal();
157	TrustTarget child =
158	new TrustTarget(v, parent.getFirstRole(), b);
159	graph.addLinkingImplicationEdge(parentTarget, child);
160	}
161	}
162	} catch(Exception ex) {
163	ex.printStackTrace();
164	}
165	}
166	}
167
168	/**
169	* A linking goal uses this interface to act as a monitor for its own
170	* completion state and to add linking-implication edges
171	*/
172	public TTGNodeSet receive(TrustTarget target, SatisfactionState state) {
173	// a satisfied linking solution does step 2 in linked role processing
174	if(state.getState() == SatisfactionState.SATISFIED) {
175	debug("linking-goal", "received SATISFIED from " + target);
176	addLinkingImplicationEdges(target);
177	}
178	// Just in case we get unknown satisfaction state propagation check
179	//for it here to make certain we have an accurate completion count
180	if(state.getState() != SatisfactionState.UNKNOWN) {
181	completionCount++;
182	if(completionCount <= children.size()) {
183	this.state.setComplete(true);
184	}
185	}
186	// if this node is complete, we should notify the parent(s)
187	if(isComplete()) {
188	Iterator i = parents.values().iterator();
189	notifyObservers(this.state);
190
191	while(i.hasNext()) {
192	LinkTTNode parent = (LinkTTNode)i.next();
193	parent.receive((LinkingGoal)getGoal(),
194	new CompletionState(true) );
195	}
196	}
197	return new TTGNodeSet();
198	}
199
200	public boolean isComplete() {
201	return state.isComplete();
202	}
203
204	/** convenience method for extracting the target role name for this node */
205	public RoleName getTargetRoleName() {
206	return ((LinkingGoal)getGoal()).getTargetRoleName();
207	}
208
209	public String toXML() {
210	// Add node state here (eg. in/complete, etc.)
211	StringBuffer state = new StringBuffer("state=\"");
212	state.append(this.state);
213	// Add linking solutions if any */
214	return toXML(state.toString(), "");
215	}
216
217	}
218
219
220

Note: See TracBrowser for help on using the repository browser.

Download in other formats: