com.ibm.able.platform.AbleSecureKey
|
ABLE 2.3.0 07/13/2005 14:21:00 | |||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||||
java.lang.Object
In a secure platform, VerifiableAgentNames will be used to authenticate the caller when calling secure methods. When calling a secure method a VAN would be passed along. The secure method would go the the V-ANS with this VAN and make sure it is a valid untampered VAN that it can trust. So now the seucre method will know that this VAN is valid, but how does it know that this call was make by the holder of this VAN? That is where this class comes into play. When something wants to call a secure method, it will create an AbleSecureKey to sign the the caller's VAN, and hold an expiration ID. It will wrapper this signed VAN along with the VAN of the one calling this secure method, and also the expirationID. When the secure method gets this AbleSecureKey it will first verify the visible VAN and expirationID of the key. The expiration ID is used to guarantee that this key is only used once, and only by the VAN that created the key. It will then use this verified VAN to unsign the signed VAN and expirationID inside the key. If the unsigned VAN and expiraiton ID matches the verified VAN and expiration ID, then the method continue. The secure method can then grab the VAN from the key to authorize, or do whatever it wants, knowing that this call came from the trusted entity that the V-ANS gave this verified VAN to.
| Constructor Summary | |
|---|---|
AbleSecureKey(VerifiableAgentName van,
java.lang.String expirationID,
java.security.PrivateKey privateKey)
This constructor will use the provider and algorithm specified in the preferences file. |
|
AbleSecureKey(VerifiableAgentName van,
java.lang.String expirationID,
java.security.PrivateKey privateKey,
java.lang.String algorithm,
java.lang.String provider)
This constructor take in the provider and algorithm used for signing Objects.. |
|
| Method Summary | |
|---|---|
java.lang.String |
getExpriationID()
Getter method to return the expirationID of this AbleSecureKey |
VerifiableAgentName |
getVan()
Getter method to return the VAN of this AbleSecureKey |
void |
verifyKey(VerifiableAgentNamingService ans)
This method will verify the visible unsigned VAN and make sure that this key has not already been used. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
public AbleSecureKey(VerifiableAgentName van,
java.lang.String expirationID,
java.security.PrivateKey privateKey)
throws javax.agent.service.naming.NamingException
van - The VerifiableAgentName for this keyexpirationID - An ID that will be used to guarantee this key expires after being used.privateKey - The private key used to sign objects in this key
javax.agent.service.naming.NamingException
public AbleSecureKey(VerifiableAgentName van,
java.lang.String expirationID,
java.security.PrivateKey privateKey,
java.lang.String algorithm,
java.lang.String provider)
throws javax.agent.service.naming.NamingException
van - The VerifiableAgentName for this keyexpirationID - An ID that will be used to guarantee this key expires after being used.privateKey - The private key used to sign objects in this key
javax.agent.service.naming.NamingException| Method Detail |
public VerifiableAgentName getVan()
public java.lang.String getExpriationID()
public void verifyKey(VerifiableAgentNamingService ans)
throws javax.agent.service.naming.NamingException
ans - The VerifiableAgentNamingService that can be used when verifying the VAN. Setting
javax.agent.service.naming.NamingException
|
ABLE 2.3.0 07/13/2005 14:21:00 | |||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||||