Agent System POND 1.0 (1.7.2000)

PkgAgentSystem
Class AgentPolicy

java.lang.Object
  |
  +--java.security.Policy
        |
        +--PkgAgentSystem.PolicyByValue
              |
              +--PkgAgentSystem.AgentPolicy

public class AgentPolicy
extends PolicyByValue

The default policy for the agent system. Agent may NEVER get the following permissions (or security may be forfeit!):

Agent SHOULD not get access (to be on the safe side) for agent security reasons to the following permissions: Agents SHOULD not get access for general security considerations to the following permissions:

Version:
1.0, 1.7.2000
Author:
Michael Sonntag

Fields inherited from class PkgAgentSystem.PolicyByValue
CHALLENGE_ERROR, CHALLENGE_FAILED, CHALLENGE_SUCCESS, NOT_CHALLENGED
 
Constructor Summary
AgentPolicy(String homedir, Certificate systemOwner, PersonalSecurityStore secStore)
          Creates a new policy.
AgentPolicy(String homedir, Certificate systemOwner, PersonalSecurityStore secStore, double priceScale)
          Creates a new policy.
 
Method Summary
protected  boolean checkCA(Certificate[] cert)
          Check a chain of certificates for validity and if the last one is a trusted certificate.
 boolean checkCertificate(Certificate cert)
          Checks whether a certificate is valid and trusted.
 int getGroup(AgentData data)
          Returns the group an agent is in.
 double getPriceScale()
          Returns the global price scale.
 void refresh()
          Refreshes/reloads the policy configuration.
 
Methods inherited from class PkgAgentSystem.PolicyByValue
getAdditionalPermissions, getBasicPermissions, getCheapestPermission, getCheapestPermissionSet, getCheapestPrice, getCheapestSetPrice, getPermissions, getSetPrice, setPermissionsForGroup
 
Methods inherited from class java.security.Policy
getPolicy, getPolicyNoCheck, isSet, setPolicy
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AgentPolicy

public AgentPolicy(String homedir,
                   Certificate systemOwner,
                   PersonalSecurityStore secStore,
                   double priceScale)
Creates a new policy.
Parameters:
homedir - the home directory of the system
systemOwner - certificate of the owner of the system (might be null
secStore - security store where the trusted certificates are stored
priceScale - scale for the price must be larger than 0.0

AgentPolicy

public AgentPolicy(String homedir,
                   Certificate systemOwner,
                   PersonalSecurityStore secStore)
Creates a new policy.
Parameters:
homedir - the home directory of the system
systemOwner - certificate of the owner of the system (might be null
secStore - security store where the trusted certificates are stored
Method Detail

getPriceScale

public double getPriceScale()
Returns the global price scale.
Returns:
the scale for all prices

checkCertificate

public boolean checkCertificate(Certificate cert)
Checks whether a certificate is valid and trusted.
Parameters:
cert - the certificate to check
Returns:
true if the certificate is valid and trusted

getGroup

public int getGroup(AgentData data)
Returns the group an agent is in.
Parameters:
data - the information on this agent
Returns:
the number of the security group the agent is in
Overrides:
getGroup in class PolicyByValue

refresh

public void refresh()
Refreshes/reloads the policy configuration.
Throws:
SecurityException - if the current thread does not have permission to refresh this Policy object.
Overrides:
refresh in class Policy

checkCA

protected boolean checkCA(Certificate[] cert)
Check a chain of certificates for validity and if the last one is a trusted certificate. Verifies that all certificates are in their valid timespan, each is signed by one other or by a trusted one. Currently ALL certificates must be of class X509Certificate.
Parameters:
cert - list of certficates. Must be ordered in the correct chain (each is signed by the public key of certificate with the next higher index)
Returns:
true if the verification succeeded
See Also:
X509Certificate

Agent System POND 1.0 (1.7.2000)

Submit a bug

Copyright 2000 Michael Sonntag & Institute for Information Processing and Microprocessor Technology (FIM), Johannes-Kepler-University Linz, Altenbergerstr. 69, A-4040 Linz, Austria.