Agent System POND 1.2 (28.2.2002)

PkgAgentSystem
Class PolicyByValue

java.lang.Object
  |
  +--java.security.Policy
        |
        +--PkgAgentSystem.PolicyByValue
Direct Known Subclasses:
AgentPolicy

public abstract class PolicyByValue
extends Policy

A policy where the permissions have to be bought. The price is different for agents, according to their identification (certificates, CA-check successful, ...). The price might be infinite (not available at all), negative (always assigned, or 0 if the permission is free but must be acquired).

Version:
1.0, 1.7.2000
Author:
Michael Sonntag

Field Summary
protected  AgentSystem agentSystem
           
static byte CHALLENGE_ERROR
          State of challenging for knowledge of the private key: Error during challenging
static byte CHALLENGE_FAILED
          State of challenging for knowledge of the private key: Challenge failed
static byte CHALLENGE_SUCCESS
          State of challenging for knowledge of the private key: Challenge completed successfully
static byte NOT_CHALLENGED
          State of challenging for knowledge of the private key: Not yet challenged
 
Constructor Summary
protected PolicyByValue(AgentSystem agentSystem)
           
 
Method Summary
 DynamicPermissions getAdditionalPermissions(AgentData data)
          Evaluates the global policy and returns a DynamicPermissions object specifying the set of optional permissions for code from the specified code source.
 DynamicPermissions getBasicPermissions(AgentData data)
          Evaluates the global policy and returns a DynamicPermissions object specifying the set of permissions always allowed for code from the specified code source.
 Permission getCheapestPermission(AgentData data, Permission perm)
          Returns the cheapest permission for a certain agent.
 PermissionCollection getCheapestPermissionSet(AgentData data, PermissionCollection perms)
          Returns the cheapest price of a set of permissions for a certain agent.
Is not an optimal solution (NP-complete problem), but will find a solution if one exists.
 double getCheapestPrice(AgentData data, Permission perm)
          Returns the cheapest price of a permission for a certain agent.
 double getCheapestSetPrice(AgentData data, PermissionCollection perms)
          Returns the cheapest price of a set of permissions for a certain agent.
abstract  int getGroup(AgentData data)
          Get the group of permissions and agent belongs to.
 PermissionCollection getPermissions(CodeSource codesource)
          Evaluates the global policy and returns a PermissionCollection object specifying the set of permissions allowed for code from the specified code source.
Throws a RuntimeException if certain conditions are not met: The calling method has AllPermissionThe package, from where it should be loaded is marked as privileged
protected  double getSetPrice(AgentData data, PermissionCollection set)
          Calculates the price of a set of permissions for a certain agent.
 void setPermissionsForGroup(int group, ValuedPermissions perms)
          Sets the permissions for a group.
 
Methods inherited from class java.security.Policy
getPolicy, getPolicyNoCheck, isSet, refresh, setPolicy
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

NOT_CHALLENGED

public static final byte NOT_CHALLENGED
State of challenging for knowledge of the private key: Not yet challenged

CHALLENGE_ERROR

public static final byte CHALLENGE_ERROR
State of challenging for knowledge of the private key: Error during challenging

CHALLENGE_FAILED

public static final byte CHALLENGE_FAILED
State of challenging for knowledge of the private key: Challenge failed

CHALLENGE_SUCCESS

public static final byte CHALLENGE_SUCCESS
State of challenging for knowledge of the private key: Challenge completed successfully

agentSystem

protected AgentSystem agentSystem
Constructor Detail

PolicyByValue

protected PolicyByValue(AgentSystem agentSystem)
Method Detail

getGroup

public abstract int getGroup(AgentData data)
Get the group of permissions and agent belongs to. Must be overridden to implement the actual policy.
Parameters:
data - the management data of the agent to sort into a group
Returns:
the number of the group this agent belongs to

setPermissionsForGroup

public void setPermissionsForGroup(int group,
                                   ValuedPermissions perms)
Sets the permissions for a group. The old sets with the same number will be overwritten. Removing a group is not supported (place an empty set there).

getBasicPermissions

public DynamicPermissions getBasicPermissions(AgentData data)
Evaluates the global policy and returns a DynamicPermissions object specifying the set of permissions always allowed for code from the specified code source.
Parameters:
data - the management data of the agent for which these shall be retrieved
Returns:
the set of permissions always allowed for this agent
Throws:
SecurityException - if the current thread does not have permission to call getPermissions on the policy object.

getAdditionalPermissions

public DynamicPermissions getAdditionalPermissions(AgentData data)
Evaluates the global policy and returns a DynamicPermissions object specifying the set of optional permissions for code from the specified code source.
Parameters:
data - the management data of the agent for which these shall be retrieved
Returns:
the set of optional permissions for this agent
Throws:
SecurityException - if the current thread does not have permission to call getPermissions on the policy object.

getPermissions

public PermissionCollection getPermissions(CodeSource codesource)
Evaluates the global policy and returns a PermissionCollection object specifying the set of permissions allowed for code from the specified code source.
Throws a RuntimeException if certain conditions are not met:
Overrides:
getPermissions in class Policy
Parameters:
codesource - the CodeSource associated with the caller.
Returns:
the set of permissions allowed for code from codesource according to the policy.
Throws:
SecurityException - if the current thread does not have permission to call getPermissions on the policy object.
See Also:
AgentSystem.isPrivilegedSource(CodeSource)

getCheapestPrice

public double getCheapestPrice(AgentData data,
                               Permission perm)
Returns the cheapest price of a permission for a certain agent.
Parameters:
data - management data of the agent for which the price shall be determined
perm - the permission for which the price is requested
Returns:
the price of the permission (Double.POSITIVE_INFINITY if not allowed for this agent)
See Also:
getCheapestPermission(AgentData,Permission)

getCheapestSetPrice

public double getCheapestSetPrice(AgentData data,
                                  PermissionCollection perms)
Returns the cheapest price of a set of permissions for a certain agent.
Parameters:
data - management data of the agent for which the price shall be determined
perms - the set of permissions for which the price is requested
Returns:
the price of the set (Double.POSITIVE_INFINITY if any of them is not allowed for this agent)
See Also:
getCheapestPermissionSet(AgentData,PermissionCollection)

getSetPrice

protected double getSetPrice(AgentData data,
                             PermissionCollection set)
Calculates the price of a set of permissions for a certain agent. Permissions not allowed are ignored.
Parameters:
data - management data of the agent for which the price shall be determined
perms - the set of permissions for which the price is requested
Returns:
the price of the set (Double.POSITIVE_INFINITY if none of them is allowed for this agent)

getCheapestPermission

public Permission getCheapestPermission(AgentData data,
                                        Permission perm)
Returns the cheapest permission for a certain agent. Might not be exactly the same as the one requested, as only a superset might exist. Finds only single permissions (will not combine two permissions to fulfill the required one; should never happen with java permissions anyway).
Parameters:
data - management data of the agent for which the price shall be determined
perm - the permission for which the cheapest permission is requested
Returns:
the cheapest permission implying the requested permission
See Also:
getCheapestPrice(AgentData,Permission)

getCheapestPermissionSet

public PermissionCollection getCheapestPermissionSet(AgentData data,
                                                     PermissionCollection perms)
Returns the cheapest price of a set of permissions for a certain agent.
Is not an optimal solution (NP-complete problem), but will find a solution if one exists.
Parameters:
data - management data of the agent for which the price shall be determined
perms - the set of permissions for which the cheapest subset is requested
Returns:
the cheapest subset implying all permissions of the set
See Also:
getCheapestSetPrice(AgentData,PermissionCollection)

Agent System POND 1.2 (28.2.2002)

Submit a bug

Copyright 2001,2002 Michael Sonntag & Institute for Information Processing and Microprocessor Technology (FIM), Johannes-Kepler-University Linz, Altenbergerstr. 69, A-4040 Linz, Austria.