edu.nyu.cs.pdsg.drbac
Class SearchEngine

java.lang.Object
  extended byedu.nyu.cs.pdsg.drbac.SearchEngine
Direct Known Subclasses:
SubjectSearchEngine, TwoWaySearchEngine

public abstract class SearchEngine
extends java.lang.Object

FORMERLY: DiscoveryEngine

Utlitity class: Used to look up credentials on remote hosts.


Constructor Summary
SearchEngine()
           
 
Method Summary
(package private) abstract  void answerRemoteQuery(java.io.InputStream is, java.io.OutputStream os)
          Internal:answer a remote query
protected abstract  Role findSearchableRole(SearchAccumulator subSearchAccum, SearchAccumulator objSearchAccum)
          One of these SearchAccumulators will be left null in subject and object searches.
protected abstract  boolean insertNewDelegations(java.util.ArrayList remDelegs, LocalProver subjProver, LocalProver objProver)
          Internal: insert remotely -received delegations into the local wallet
 Proof prove(Role subject, Role object, AttributeSet constraints)
          Method used by a client application to determine if a trust relationship holds.
 ProofMonitor prove(Role subject, Role object, AttributeSet constraints, ProofChangedListener caller)
          Method used by a client application to determine if a trust relationship holds.
protected abstract  java.util.ArrayList queryRemoteWallet(java.net.InetAddress ip, int port, RoleId walletRoleId, LocalProver prover, Role obj, AttributeSet oas)
          Internal: socket-level communication for querying a remote wallet
 Proof remSearch(Role s, AttributeSet sas, Role o, AttributeSet oas)
          Search for a subject to object relation
protected  void sendDelegationSet(java.io.ObjectInputStream ois, java.io.DataOutputStream dos, java.util.HashSet delegs)
          Internal: send a delegation set
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SearchEngine

public SearchEngine()
Method Detail

prove

public Proof prove(Role subject,
                   Role object,
                   AttributeSet constraints)
Method used by a client application to determine if a trust relationship holds. Constructs a Proof and returns it to a calling application on the local machine. Returns null if no proof is found.

Parameters:
subject - the role of the thing requesting authentication
object - the role with the rights that the application wants to authenticate
constraints - the minimum attributes the subject must have in order to be authenticated
Returns:
a Proof with support chains or null if the attempt was unsuccessful

prove

public ProofMonitor prove(Role subject,
                          Role object,
                          AttributeSet constraints,
                          ProofChangedListener caller)
Method used by a client application to determine if a trust relationship holds. Constructs a ProofMonitor and returns it to a calling application on the local machine. The proof will have valid or invalid status, which the application will need to check.

Parameters:
subject - the role of the thing requesting authentication
object - the role with the rights that the application wants to authenticate
constraints - the minimum attributes the subject must have in order to be authenticated
caller - the object which will be informed if the proof changes validity
Returns:
a ProofMonitor containing information about the proof, as well as current validity; or null if the proof was unsuccessful

findSearchableRole

protected abstract Role findSearchableRole(SearchAccumulator subSearchAccum,
                                           SearchAccumulator objSearchAccum)
One of these SearchAccumulators will be left null in subject and object searches. Both used by bi-directional searches. If you are doing a subject search, then you will look at all the reachable roles in subSearchAccumulator, pluck one that you have not searched yet, and subjectSearch on it... More comments in classes that implement this method.


remSearch

public Proof remSearch(Role s,
                       AttributeSet sas,
                       Role o,
                       AttributeSet oas)
Search for a subject to object relation

Parameters:
s - the subject of the search
sas - the attribute set of the subject
o - the target of the search
oas - the attribute constraints
Returns:
a proof of the requested relationship, or null if none is found

insertNewDelegations

protected abstract boolean insertNewDelegations(java.util.ArrayList remDelegs,
                                                LocalProver subjProver,
                                                LocalProver objProver)
Internal: insert remotely -received delegations into the local wallet


answerRemoteQuery

abstract void answerRemoteQuery(java.io.InputStream is,
                                java.io.OutputStream os)
Internal:answer a remote query


queryRemoteWallet

protected abstract java.util.ArrayList queryRemoteWallet(java.net.InetAddress ip,
                                                         int port,
                                                         RoleId walletRoleId,
                                                         LocalProver prover,
                                                         Role obj,
                                                         AttributeSet oas)
                                                  throws CredentialException,
                                                         java.io.IOException
Internal: socket-level communication for querying a remote wallet

Throws:
CredentialException
java.io.IOException

sendDelegationSet

protected void sendDelegationSet(java.io.ObjectInputStream ois,
                                 java.io.DataOutputStream dos,
                                 java.util.HashSet delegs)
Internal: send a delegation set



Copyright (c) 2002-2003 New York University RLAB