org.objectweb.proactive.ext.security
Class ProActiveSecurityManager

java.lang.Object
  |
  +--org.objectweb.proactive.ext.security.ProActiveSecurityManager
All Implemented Interfaces:
java.io.Serializable
Direct Known Subclasses:
DefaultProActiveSecurityManager

public class ProActiveSecurityManager
extends java.lang.Object
implements java.io.Serializable

Author:
acontes To change this generated comment edit the template variable "typecomment": Window>Preferences>Java>Templates. To enable and disable the creation of type comments go to Window>Preferences>Java>Code Generation.
See Also:
Serialized Form

Field Summary
protected  java.security.cert.X509Certificate certificate
           
protected static org.apache.log4j.Logger logger
           
protected  UniversalBody myBody
           
protected  java.security.cert.X509Certificate parentCertificate
           
protected  XMLPropertiesStore policiesRules
           
protected  PolicyServer policyServer
           
protected  java.security.PrivateKey privateKey
           
protected  byte[] privateKeyEncoded
           
protected  java.security.PublicKey publicKey
           
protected  RandomLongGenerator randomLongGenerator
           
protected  java.util.Hashtable sessions
           
protected  java.security.cert.X509Certificate[] trustedCertificationAuthority
           
protected  java.lang.String VNName
           
 
Constructor Summary
ProActiveSecurityManager()
          This a the default constructor to use with the ProActiveSecurityManager
ProActiveSecurityManager(java.lang.String file)
           
ProActiveSecurityManager(java.security.cert.X509Certificate certificate, java.security.PrivateKey pk, PolicyServer ps)
          Method ProActiveSecurityManager.
 
Method Summary
 byte[] decrypt(long sessionID, byte[][] message)
          Method decrypt.
static java.lang.String displayByte(byte[] tab)
           
 byte[][] encrypt(long sessionID, java.lang.Object object)
          Method encrypt.
 java.security.cert.X509Certificate getCertificate()
           
 byte[] getCertificateEncoded()
           
 java.util.ArrayList getEntities()
           
 java.util.Hashtable getOpenedConnexion()
           
 SecurityContext getPolicy(SecurityContext securityContext)
          Method getPolicyTo.
 Communication getPolicyFrom(java.lang.String type, java.lang.String from, java.lang.String to)
           
 PolicyServer getPolicyServer()
           
 Communication getPolicyTo(java.lang.String type, java.lang.String from, java.lang.String to)
          Method getPolicyTo.
 Policy getPolicyTo(java.security.cert.X509Certificate certificate)
          Method getPolicyTo.
 java.security.PublicKey getPublicKey()
          Method getPublicKey.
 long getSessionIDTo(java.security.cert.X509Certificate cert)
           
 java.lang.String getVNName()
           
 void initiateSession(int type, UniversalBody distantBody)
          Method initiateSession.
 ConfidentialityTicket keyNegociationReceiverSide(ConfidentialityTicket confidentialityTicket, long randomID)
           
 boolean keyNegociationSenderSide(UniversalBody distantOA, long sessionID)
          Method keyNegociationSenderSide. starts the challenge to negociate a session key.
 AuthenticationTicket mutualAuthenticationReceiverSide(AuthenticationTicket authenticationTicket, long randomID)
           
 boolean mutualAuthenticationSenderSide(UniversalBody distantBody, java.security.cert.X509Certificate distantBodyCertificate)
           
 byte[][] publicKeyExchange(long sessionID, UniversalBody distantBody, byte[] pub_key, byte[] cert, byte[] sig_code)
           
 byte[] randomValue(long sessionID, byte[] cl_rand)
           
 byte[][] secretKeyExchange(long sessionID, byte[] aesKey, byte[] iv, byte[] macKey, byte[] lockData, byte[] signature)
          Method secretKeyExchange. exchamge secret between objects
 void setBody(UniversalBody body)
           
 void setParentCertificate(java.security.cert.X509Certificate certificate)
           
 void setPolicyServer(PolicyServer policyServer)
           
 void setVNName(java.lang.String string)
           
 long startNewSession(Communication po)
           
 void terminateSession(long sessionID)
           
 void terminateSession(UniversalBody body, long sessionID)
           
 AuthenticationTicket unilateralAuthenticationReceiverSide(long randomID, long rb, java.lang.String emittor)
           
 boolean unilateralAuthenticationSenderSide(UniversalBody distantBody)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

protected static org.apache.log4j.Logger logger

sessions

protected java.util.Hashtable sessions

randomLongGenerator

protected transient RandomLongGenerator randomLongGenerator

policyServer

protected PolicyServer policyServer

certificate

protected java.security.cert.X509Certificate certificate

privateKey

protected java.security.PrivateKey privateKey

parentCertificate

protected transient java.security.cert.X509Certificate parentCertificate

publicKey

protected java.security.PublicKey publicKey

privateKeyEncoded

protected byte[] privateKeyEncoded

trustedCertificationAuthority

protected java.security.cert.X509Certificate[] trustedCertificationAuthority

policiesRules

protected XMLPropertiesStore policiesRules

myBody

protected transient UniversalBody myBody

VNName

protected java.lang.String VNName
Constructor Detail

ProActiveSecurityManager

public ProActiveSecurityManager()
This a the default constructor to use with the ProActiveSecurityManager


ProActiveSecurityManager

public ProActiveSecurityManager(java.security.cert.X509Certificate certificate,
                                java.security.PrivateKey pk,
                                PolicyServer ps)
Method ProActiveSecurityManager.

Throws:
java.io.IOException - if the file doesn't exist

ProActiveSecurityManager

public ProActiveSecurityManager(java.lang.String file)
                         throws java.io.IOException
Method Detail

setBody

public void setBody(UniversalBody body)

getPolicy

public SecurityContext getPolicy(SecurityContext securityContext)
                          throws SecurityNotAvailableException
Method getPolicyTo.

Returns:
Policy policy attributes
SecurityNotAvailableException

getPolicyTo

public Policy getPolicyTo(java.security.cert.X509Certificate certificate)
Method getPolicyTo.

Parameters:
certificate - the object certificate we want to get the policy from
Returns:
Policy policy attributes

getPolicyTo

public Communication getPolicyTo(java.lang.String type,
                                 java.lang.String from,
                                 java.lang.String to)
                          throws SecurityNotAvailableException
Method getPolicyTo.

Returns:
Policy policy attributes
SecurityNotAvailableException

initiateSession

public void initiateSession(int type,
                            UniversalBody distantBody)
                     throws CommunicationForbiddenException,
                            AuthenticationException,
                            RenegotiateSessionException,
                            SecurityNotAvailableException
Method initiateSession. This method is the entry point for an secured communication. We get local and distant policies, compute it, and generate the result policy, then if needed, we start an symmetric key exchange to encrypt the communication.

Parameters:
distantBody -
Throws:
CommunicationForbiddenException
AuthenticationException
RenegotiateSessionException
SecurityNotAvailableException

getCertificate

public java.security.cert.X509Certificate getCertificate()

terminateSession

public void terminateSession(UniversalBody body,
                             long sessionID)

terminateSession

public void terminateSession(long sessionID)

startNewSession

public long startNewSession(Communication po)

encrypt

public byte[][] encrypt(long sessionID,
                        java.lang.Object object)
Method encrypt.

Parameters:
sessionID - the session we use to encrypt the Object
object - the object to encrypt
Returns:
byte[][] encrypted result

decrypt

public byte[] decrypt(long sessionID,
                      byte[][] message)
               throws RenegotiateSessionException
Method decrypt.

Parameters:
sessionID - the session we use to decrypt the message
message - the message to decrypt
Returns:
byte[] the decrypted message returns as byte array
RenegotiateSessionException

mutualAuthenticationSenderSide

public boolean mutualAuthenticationSenderSide(UniversalBody distantBody,
                                              java.security.cert.X509Certificate distantBodyCertificate)
                                       throws AuthenticationException
AuthenticationException

unilateralAuthenticationSenderSide

public boolean unilateralAuthenticationSenderSide(UniversalBody distantBody)
                                           throws AuthenticationException
AuthenticationException

keyNegociationSenderSide

public boolean keyNegociationSenderSide(UniversalBody distantOA,
                                        long sessionID)
                                 throws KeyExchangeException
Method keyNegociationSenderSide. starts the challenge to negociate a session key.

Parameters:
distantOA - distant active object we want to communicate to.
sessionID - the id of the session we will use
Returns:
boolean returns true if the negociation has succeed.
Throws:
KeyExchangeException

mutualAuthenticationReceiverSide

public AuthenticationTicket mutualAuthenticationReceiverSide(AuthenticationTicket authenticationTicket,
                                                             long randomID)
                                                      throws AuthenticationException
AuthenticationException

unilateralAuthenticationReceiverSide

public AuthenticationTicket unilateralAuthenticationReceiverSide(long randomID,
                                                                 long rb,
                                                                 java.lang.String emittor)
                                                          throws AuthenticationException
AuthenticationException

keyNegociationReceiverSide

public ConfidentialityTicket keyNegociationReceiverSide(ConfidentialityTicket confidentialityTicket,
                                                        long randomID)
                                                 throws KeyExchangeException
KeyExchangeException

randomValue

public byte[] randomValue(long sessionID,
                          byte[] cl_rand)
                   throws java.lang.Exception
java.lang.Exception

publicKeyExchange

public byte[][] publicKeyExchange(long sessionID,
                                  UniversalBody distantBody,
                                  byte[] pub_key,
                                  byte[] cert,
                                  byte[] sig_code)
                           throws java.lang.Exception
java.lang.Exception

displayByte

public static java.lang.String displayByte(byte[] tab)

secretKeyExchange

public byte[][] secretKeyExchange(long sessionID,
                                  byte[] aesKey,
                                  byte[] iv,
                                  byte[] macKey,
                                  byte[] lockData,
                                  byte[] signature)
Method secretKeyExchange. exchamge secret between objects

Parameters:
sessionID - the session
aesKey - the private key
iv -
macKey - the MAC key
lockData -
signature - signature of aesKey,iv, macKey and lockData
Returns:
byte[][]

getSessionIDTo

public long getSessionIDTo(java.security.cert.X509Certificate cert)

getPublicKey

public java.security.PublicKey getPublicKey()
Method getPublicKey.

Returns:
PublicKey the public key of the active object

setParentCertificate

public void setParentCertificate(java.security.cert.X509Certificate certificate)

getOpenedConnexion

public java.util.Hashtable getOpenedConnexion()

setVNName

public void setVNName(java.lang.String string)
Parameters:
string -

getVNName

public java.lang.String getVNName()
Returns:
virtual node name where object has been created

getPolicyServer

public PolicyServer getPolicyServer()
Returns:
policy server

getCertificateEncoded

public byte[] getCertificateEncoded()
Returns:
certificate as byte array

setPolicyServer

public void setPolicyServer(PolicyServer policyServer)

getPolicyFrom

public Communication getPolicyFrom(java.lang.String type,
                                   java.lang.String from,
                                   java.lang.String to)
Parameters:
type -
from -
to -
Returns:
communication attributes

getEntities

public java.util.ArrayList getEntities()
Returns:
entities that inforces security policy on the object


Copyright © April 2004 INRIA All Rights Reserved.