public class SecureProxy extends AgentProxy
SecureProxy
is a simple subclass of AgentProxy
created with the sole purpose of acting as a proxy between the agent that
it protects and all other agents. All messages that it recieves are first
filtered to determine if the message is to the proxy (based on the
ML.RECEIVER
parameter). If so, the message is processed by the
super class as a regular agent. Otherwise, the message is passed through
universallyAccepted()
and universallyDenied()
in
turn to determine if the message should be accepted or denied unequivically.
If neither of these functions returns true
, the message is
passed through the isSenderVerified()
and
isSenderAuthorized()
functions to determine if the message
should be passed along. If it is determined that the message should be
passed along, the message is then signed by signMessage()
(to
prove that the message really was from the proxy) and then passed along to
the protected agent by forwardMessage()
.
The signature (as a String
) for a given message is computed by
createSignature()
. The signature can then be checked by the
protected agent by calling the static function
verifySignature()
which returns true
or
false
depending on whether the message was received. The
actual signature method is described in the documentation for
createSignature()
and createHash()
.
Copyright: Copyright 2003-2014, Knowledge Science Group, University of Calgary. Permission to use, copy, modify, distribute and sell this software and its documentation for any purpose is hereby granted without fee, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation. The Knowledge Science Group makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty.
AgentProxy
TransientAgent.Conversations, TransientAgent.NewAgentLispCommand
AbstractProcess.Subthread
Thread.State, Thread.UncaughtExceptionHandler
Modifier and Type | Field and Description |
---|---|
private byte[] |
key
The private key that the proxy shares with the agent that it is
protecting.
|
private String |
protectedAgent
The name of the agent the new proxy is protecting.
|
private long |
uniqueNumber
The unique number that the next signature will use.
|
cacheKB, CDInvitedTo, CDinvitee, conversationData, defaultOntologyClassName, DEFER_ACTION, DROP_ACTION, kBase, lisp, lispEnvironment, ListOfArgs, methodMap, ontologyEngine, ontologyEngineCreateMethod, ontologyEngineLoadMethod, policies, policiesAlwaysApply, policiesLastResort, primaryUI, proxy, UIs, usingProxy
eventQueue, exitWaitCounter, heartbeat, huntForPort, initParams, ontology, ontologyShared, options, securityFilter, trace, TRACE_MONITOR, TRACE_OFF, TRACE_ON, TRACE_TO_FILE, TRACE_UNDEFINED, transformations, uniqueThreadName, waitingForAgentToStart, waitingForEvent, waitingForSocketServerToStart
MAX_PRIORITY, MIN_PRIORITY, NORM_PRIORITY
Constructor and Description |
---|
SecureProxy(ParamsMap params,
AgentUI ui)
Creates a new
SecureProxy that protects the given agent, uses
the given port, and uses the given secret key to sign the messages that
this proxy authorizes. |
Modifier and Type | Method and Description |
---|---|
private static byte[] |
createHash(MLMessage message,
byte[] key,
long uniqueNumber)
Creates a 20 byte hash from the given message, key, and unique number.
|
private String |
createSignature(MLMessage message)
Creates an signature for the given message.
|
protected Status |
handleForwardMessage(MLMessage message)
Handles all messages that are directed to the protected agent.
|
protected boolean |
isSenderAuthorized(MLMessage message)
Determines if the sender of the given message is authorized to send it to
the protected agent, returning
true if the sender is
authorized to send the given message to the protected agent;
false otherwise. |
protected boolean |
isSenderVerified(MLMessage message)
Verifies the sender of the given message, returning
true if
the sender is verified; false otherwise. |
protected void |
signMessage(MLMessage message)
Digitally signs the given message by creating a unique signature for the
given message and then attaching that signature to the message.
|
protected boolean |
universallyAccepted(MLMessage message)
Determines whether the given message is one that should be universally
accepted.
|
protected boolean |
universallyDenied(MLMessage message)
Determines whether the given message is one that should be universally
denied.
|
static long |
verifySignature(MLMessage message,
byte[] key)
Verifies the signature contained in the given message using the given key.
|
forwardMessage, handleEvent, pendingFinishRun_withdrawFromAllCDs, setLACPort
abclEval, abclEval, abclEval, accept_deleteCD, accept_exit, accept_forward_message, accept_LAC_closing, accept_new_MenuItem, accept_update, acceptDefault, addConversation, addJoinedCooperationDomain, addMembers, addSubscribeEvents, assembleDefault, assert_, assert_, authorizedByProxy, authorizeMessage, chooseSC, concludeDefault, consider_execute, consider_invite_to_cd, consider_new_MenuItem, consider_ping, consider_query_if, consider_query_ref, considerDefault, createCasaLispOperators, dispatchMsgHandlerMethod, doAddObserver, doAdvertise, doCDGetHistory_sync, doCDGetMembers, doCDPutData, doCDSubscribeMembership, doFindInstances_sync, doGetCooperationDomains, doGetOnology, doInviteToCD, doJoinCD, doPing_sync, doPing, doRegisterAgentInstance, doRegisterAgentInstance, doResolveURL, doSearchYP, doUnadvertise, doUnregisterAgentInstance, doUnregisterAgentType, doWithdrawCD, evaluateDefault, evesdrop, executeCommand, findFileResourcePath, findFileResourcePath, getAgentForThread, getAlwaysApplyPolicies, getBanner, getCachedKnowledgeBase, getChosenCommitment, getCommitmentProcessor, getConversation, getConversations, getConversationsReport, getDefaultBanner, getDefFileSystemLocations, getEventForThread, getField, getInstancesFound, getJoinedCooperationDomain, getJoinedCooperationDomains, getKnowledgeBase, getLACURL, getLastResortPolicies, getMembers, getMsgForThread, getObjectsForThread, getOntology, getOntologyEngine, getOntologyFileSuffix, getPolicies, getPrimaryUI, getProxy, getSCStore, getSerializedOntology, getStrategy, getStrategyGUI, getSubscribeEvents, getSubscribeEvents, getTermsFromContent, getUI, getUIForThread, getUIs, getUnfulfilledSocialCommitments, getUnfulfilledSocialCommitments, handleErrorReplies, handleLACClosing, hasActiveCommitments, hasConversation, hasStrategyGUI, initializeAfterRegistered, initializePolicies, initializeThread, initJADE, initUI, isEventQueueReady, isRegistered, isRegisteredWithLAC, isStoppable, isTrusted, isTrusted, isUsingProxy, kb_get_value, makeDefaultGUI, makeDefaultInterface, makeDefaultInternalFrame, makeDefaultTextInterface, monitorDefault, notifySendingMessage, optionsToString, parseJADENode, pendingFinishRun_unregisterAgentInstance, pendingFinishRun, perform_execute, perform_FIPAStyle, perform_get_name, perform_get_ontology, perform_invite_to_cd, perform_method_call, perform_query_if, perform_query_if, perform_query_ref, perform_query_ref, performDefault, processCommitment, processCommitments, processObserverNotification, putExtendedOntology, putPolicy, putPolicyAlwaysApply, putPolicyLastResort, putReplacementOntology, putUI, query_ref, query_toString, query, queryIf, queryRef_toIntegerList, queryRef_toString, queryRef_toStringList, queryRef_toTermList, queryRef, queryRef, queryRefAIDs, queryRefURLs, querywithFilter, realizeAgentBehaviourFromOptions, recursiveParent, recursivePermutations, release_execute, release_FIPAStyle, release_get_agents_registered, release_get_agents_running, release_get_members, release_get_ontology, release_join_cd, release_ping, release_query_if, release_query_ref, release_resolve_url, release_unregister_agentType, release_unregister_instance, release_withdraw_cd, releaseDefault, removeConversation, removeCooperationDomains, removeJoinedCooperationDomain, removeSubscribeEvents, requestInstances, resolveConnectException, retrieveReturnedData, saveReturnedData, searchOntology, searchOntology1, setBanner, setCommitmentProcessor, setField, setInstancesFound, setOntology, shouldDoExecuteRequest, template_handleNewOntologyInfo, update, updateConversationProtocolType, verifyCD, verifyDefault, verifyMessage
addObserver, addObserver, addObserver, addObserver, addTraceTags, addTransformation, bump, clearAllTraceTags, closePort, compareTo, countObservers, defer, defer, deleteObserver, deleteObserver, deleteObservers, dequeueEvent, equals, eventBufferLoopBody, eventBufferLoopPeriodic, eventQueuePeek, existed, exit, finalize, finishRun, fixupMessage, getAgent, getAgentName, getEventQueue, getInitParams, getNewMessage, getNewMessage, getOptions, getPort, getSocketServer, getTrace, getTraceTags, getTransformationFor, getUniqueRequestID, getURL, getUseAckProtocol, getUsePriority, hasChanged, hasOpenPort, in, initializeConstructor, initializeURL, isA, isA, isA, isA, isAAct, isAAct, isAgentThread, isAPerformative, isAPerformative, isExiting, isInitialized, isLoggingTag, isObserveMessages, isPaused, isThisMyAddress, isTracing, loadClass, makeOptions, makeSubthread, makeSubthread, makeTraceParam, notifyObservers, notifyObservers, notifyObserversWithNoArg, notifyObserversWithTop, out, println, println, println, println, println, queueEvent, queueEventIf, removeTraceTags, resetRuntimeOptionsFromCommandLine, resetSecurityPackage, resetTraceOptions, revTransform, revTransform, run, sendMessage_primitive, sendMessage, sendMessage, sendMessageAndWait, sendQueryAndWait, sendRequestAndWait, sendRequestAndWait, setAllTraceTags, setObserveMessages, setOptions, setPause, setTraceTags, setTracing, setURL, setUseAckProtocol, setUsePriority, startSocketServer, startTraceMonitor, step, transform, transform, unhandledMessage, updateOptions
activeCount, checkAccess, clone, countStackFrames, currentThread, destroy, dumpStack, enumerate, getAllStackTraces, getContextClassLoader, getDefaultUncaughtExceptionHandler, getId, getName, getPriority, getStackTrace, getState, getThreadGroup, getUncaughtExceptionHandler, holdsLock, interrupt, interrupted, isAlive, isDaemon, isInterrupted, join, join, join, resume, setContextClassLoader, setDaemon, setDefaultUncaughtExceptionHandler, setName, setPriority, setUncaughtExceptionHandler, sleep, sleep, start, stop, stop, suspend, toString, yield
getClass, hashCode, notify, notifyAll, wait, wait, wait
doAdvertise, doCDGetHistory_sync, doCDGetMembers, doCDPutData, doFindInstances_sync, doGetCooperationDomains, doGetOnology, doInviteToCD, doJoinCD, doPing_sync, doPing, doRegisterAgentInstance, doRegisterAgentInstance, doSearchYP, doUnadvertise, doUnregisterAgentInstance, doUnregisterAgentType, doWithdrawCD, executeCommand, getInstancesFound, getJoinedCooperationDomains, getLACURL, getMembers, getOntology, getOptions, getSerializedOntology, getStrategyGUI, hasStrategyGUI, isAAct, isInitialized, isRegistered, makeDefaultInterface, putExtendedOntology, putReplacementOntology, putUI, release_get_ontology, removeCooperationDomains, requestInstances, setOptions, updateOptions
addObserver, addObserver, closePort, deleteObserver, deleteObserver, exit, getAgentName, getName, getNewMessage, getPort, getStrategy, getTrace, getUniqueRequestID, getURL, getUseAckProtocol, hasOpenPort, isA, isAPerformative, isExiting, isLoggingTag, isStoppable, isTracing, println, println, println, realizeAgentBehaviourFromOptions, sendMessage, setTracing, setUseAckProtocol, startTraceMonitor
addObserver, addObserver, countObservers, deleteObservers, hasChanged, notifyObservers, notifyObservers, notifyObserversWithNoArg, notifyObserversWithTop
abclEval, abclEval, abclEval, addTransformation, bump, chooseSC, defer, dequeueEvent, dispatchMsgHandlerMethod, evesdrop, getKnowledgeBase, getName, getSCStore, getSubscribeEvents, getTransformationFor, getUniqueRequestID, getURL, getUseAckProtocol, isA, isA, isA, isA, isAPerformative, isAPerformative, isLoggingTag, notifyObservers, println, println, println, queueEvent, queueEventIf, revTransform, revTransform, sendMessage, transform, transform
private byte[] key
private long uniqueNumber
private String protectedAgent
public SecureProxy(ParamsMap params, AgentUI ui) throws Exception
SecureProxy
that protects the given agent, uses
the given port, and uses the given secret key to sign the messages that
this proxy authorizes.agentName
- The name of the agent the new proxy is protecting.proxyPort
- The port that the new proxy should use for
communications.agentPort
- The port that the agent uses for communications.key
- The key that the new proxy will use to sign messages that it
authorizes for the agent.IPSocketException
- If an Agent attempts to bind to an IPSocket
(port) that doesn't exist or is in use.Exception
protected Status handleForwardMessage(MLMessage message)
universallyAccepted()
to
determine if the message is one which should always be accepted. If so,
the message is accepted and step 6 is executed.isSenderVerified()
to determine if the sender has
been or can be verified as who he or she claims to be.isSenderAuthorized()
to determine if the specified agent is
allowed to send the message to the protected agent.signMessage()
and then forwarded to the
protected agent by forwardMessage()
. A status of 0 is then
returned.handleForwardMessage
in class AgentProxy
message
- The incoming message to be evaluated and possibly forwarded
to the protected agent.Status
describing if the message was forwarded:
protected boolean universallyAccepted(MLMessage message)
true
if the message should be universally
accepted; false
otherwise. There are no universally accepted
messages by default.message
- The message to check.true
if the message should be universally accepted;
false
otherwise.protected boolean universallyDenied(MLMessage message)
true
if the message should be universally
denied; false
otherwise. By default, any message with the
act "exit" are denied, since this message is sent by agents as they shut
down.message
- The message to check.true
if the message should be universally denied;
false
otherwise.protected boolean isSenderVerified(MLMessage message)
true
if
the sender is verified; false
otherwise. All senders are
automatically verified by default.message
- The message containing the sender that should be verified.true
if the sender is verified; false
otherwise.protected boolean isSenderAuthorized(MLMessage message)
true
if the sender is
authorized to send the given message to the protected agent;
false
otherwise. All senders are authorized to send any
message by default.message
- The message containing the sender that should be
authorized.true
if the sender is authorized to send the given
message to the protected agent; false
otherwise.protected void signMessage(MLMessage message)
createSignature()
and then attached
to the message as theML.SIGNATURE
parameter.message
- The message to sign.private String createSignature(MLMessage message)
String
with a space between
each. The first number is a positive long
that should be
unique for each message that is sent with the same key. In this
implimentation this is increased by one for each message that is sent.
The remaining 20 numbers are the byte array returned by
createHash()
with each byte as a seperate number in the
String
.message
- The message for which we are creating a signature.String
.public static long verifySignature(MLMessage message, byte[] key)
ML.SIGNATURE
parameter). If the signature does not exist in
the message, -1 is returned. Next, the first number is converted from a
String
to a long
and is used as the unique
number for this signature. Next, the rest of the signature is calculated
by createHash()
. Then each number (byte
) in the
actual signature is compared to the expected signature. If they match and
there is not extra data in the given message's signature, the unique
number is returned. Otherwise, -1 is returned to indicate that the
message has an invalid signature.message
- The message containing the signature to verify.key
- The secret key that the message should have been signed with.private static byte[] createHash(MLMessage message, byte[] key, long uniqueNumber)
ML.PERFORMATIVE
ML.ACT
ML.SENDER
message
- The message for which we are creating a signature.key
- The secret key that the message should have been signed with.uniqueNumber
- A positive long
that should be unique for
each message that is sent with the same key.