TRUST

Trust is a suite of interfaces and utilities that allow Switchboard, DisCo, and our demo applications to express authorization and authentication issues without the use of any one access-control system. dRBAC provides implementations of the Trust interfaces. The API for the package edu.nyu.cs.pdsg.trust.* can be viewed here.

Interfaces

The key interfaces in Trust are the following:

Credentials An interface to represent credentials used throughout DisCo. The dRBAC class ProofCredentials implements this interface (as does Role for historical reasons, but this should be removed in future revisions).
Authorizer An interface to a class that is responsible for authorization of Credentials objects. The implementation expects objects of type Credentials, and casting to specific implementations of Credentials is left to the Authorizer implementation.
AuthorizationMonitor An interface to an object that will monitor the continued validity of a set of Credentials. Monitoring mechanisms are provided by the particular implementation.
AuthorizationMonitorCallback An interface that can be registered with an AuthorizationMonitor to receive callbacks when the state of a Credential changes. Depending on implementtation multiple AuthorizationMonitorCallbacks should be allowed register with a single AuthorizationMonitor.

Provided implementations

Trust provides simple and dummy implementations of its interfaces for testing and scenarios where authorization and authentication are necessary. These include the following:

NullCredentials A dummy Credentials implementation.
AllAuthorizerImpl A permissive Authorizer that returns AllAuthorizationMonitors. Get a reference to the singleton through AllAuthorizationMonitor.instance().
AllAuthorizationMonitorImpl A permissive AuthorizationMonitor that always returns true.
SimpleAuthorizatonMonitor A basic implementation of AuthorizationMonitor, meant to be extended as it is by DrbacAllAuthorizationMonitor.