ABLE 2.0.0 07/02/2003 10:25:01

com.ibm.able.platform
Class AbleSecureKey

java.lang.Object
  |
  +--com.ibm.able.platform.AbleSecureKey
All Implemented Interfaces:
java.io.Serializable

public final class AbleSecureKey
extends java.lang.Object
implements java.io.Serializable

In a secure platform, VerifiableAgentNames will be used to authenticate the caller when calling secure methods. When calling a secure method a VAN would be passed along. The secure method would go the the V-ANS with this VAN and make sure it is a valid untampered VAN that it can trust. So now the seucre method will know that this VAN is valid, but how does it know that this call was make by the holder of this VAN? That is where this class comes into play. When something wants to call a secure method, it will create an AbleSecureKey to sign the the caller's VAN, and hold an expiration ID. It will wrapper this signed VAN along with the VAN of the one calling this secure method, and also the expirationID. When the secure method gets this AbleSecureKey it will first verify the visible VAN and expirationID of the key. The expiration ID is used to guarantee that this key is only used once, and only by the VAN that created the key. It will then use this verified VAN to unsign the signed VAN and expirationID inside the key. If the unsigned VAN and expiraiton ID matches the verified VAN and expiration ID, then the method continue. The secure method can then grab the VAN from the key to authorize, or do whatever it wants, knowing that this call came from the trusted entity that the V-ANS gave this verified VAN to.

See Also:
Serialized Form

Constructor Summary
AbleSecureKey(VerifiableAgentName van, java.lang.String expirationID, java.security.PrivateKey privateKey)
          This constructor will use the provider and algorithm specified in the preferences file.
AbleSecureKey(VerifiableAgentName van, java.lang.String expirationID, java.security.PrivateKey privateKey, java.lang.String algorithm, java.lang.String provider)
          This constructor take in the provider and algorithm used for signing Objects..
 
Method Summary
 java.lang.String getExpriationID()
          Getter method to return the expirationID of this AbleSecureKey
 VerifiableAgentName getVan()
          Getter method to return the VAN of this AbleSecureKey
 void verifyKey(VerifiableAgentNamingService ans)
          This method will verify the visible unsigned VAN and make sure that this key has not already been used.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AbleSecureKey

public AbleSecureKey(VerifiableAgentName van,
                     java.lang.String expirationID,
                     java.security.PrivateKey privateKey)
              throws javax.agent.service.naming.NamingException
This constructor will use the provider and algorithm specified in the preferences file. It will also sign and set the VAN that this AbleSecureKey will hold.
Parameters:
van - The VerifiableAgentName for this key
expirationID - An ID that will be used to guarantee this key expires after being used.
privateKey - The private key used to sign objects in this key
Throws:
javax.agent.service.naming.NamingException -  

AbleSecureKey

public AbleSecureKey(VerifiableAgentName van,
                     java.lang.String expirationID,
                     java.security.PrivateKey privateKey,
                     java.lang.String algorithm,
                     java.lang.String provider)
              throws javax.agent.service.naming.NamingException
This constructor take in the provider and algorithm used for signing Objects.. It will also sign and set the VAN that this AbleSecureKey will hold.
Parameters:
van - The VerifiableAgentName for this key
expirationID - An ID that will be used to guarantee this key expires after being used.
privateKey - The private key used to sign objects in this key
Throws:
javax.agent.service.naming.NamingException -  
Method Detail

getVan

public VerifiableAgentName getVan()
Getter method to return the VAN of this AbleSecureKey
Returns:
The VerifiableAgentName of this AbleSecureKey

getExpriationID

public java.lang.String getExpriationID()
Getter method to return the expirationID of this AbleSecureKey
Returns:
The expirationID of this AbleSecureKey

verifyKey

public void verifyKey(VerifiableAgentNamingService ans)
               throws javax.agent.service.naming.NamingException
This method will verify the visible unsigned VAN and make sure that this key has not already been used. It will then unsign the signed VAN and make sure they match.

Parameters:
ans - The VerifiableAgentNamingService that can be used when verifying the VAN. Setting

ABLE 2.0.0 07/02/2003 10:25:01

(C) Copyright IBM Corporation 1999, 2003