Class semper.access.AccessMan
All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.access.AccessMan

java.lang.Object
   |
   +----semper.access.AccessMan

public class AccessMan
extends Object
SEMPER Access Control Manager Class. Implements the Access Control Manager (ACM) [as a class for which no objects will be created]. The ACM's sole responsiblity is to verify whether a capability is valid. We choose _not_ to define a verify() method directly in the Capability class, because in the (near) future capabilities will be passed to the managers from outside which cannot be trusted to contain a reasonable definition of the verify() method.
Version:
$Revision: 1.5 $ $Date: 1996/09/24 12:28:10 $
Author:
Jaap-Henk Hoepman (jhh@cwi.nl)
See Also:
RoleTest, Capability

Variable Index

 o HighTrustRole
 o LowTrustRole
 o MaintenanceRole
 o MediumTrustRole
 o NoTrustRole
Standard SEMPER roles as described in activity paper 221CW041.

Constructor Index

 o AccessMan()

Method Index

 o exit()
Finalize the access control manager, and release its resources.
 o init()
Initialise the access manager.
 o isInitialised()
Check whether the access manager has been initialised.
 o verifyCapability(Capability)
Verify whether a capability is valid.

Variables

 o NoTrustRole
  public static OrdinaryRole NoTrustRole
Standard SEMPER roles as described in activity paper 221CW041.
 o LowTrustRole
  public static OrdinaryRole LowTrustRole
 o MediumTrustRole
  public static SecureRole MediumTrustRole
 o HighTrustRole
  public static SecureRole HighTrustRole
 o MaintenanceRole
  public static SecureRole MaintenanceRole

Constructors

 o AccessMan
  public AccessMan()

Methods

 o init
  public static void init()
Initialise the access manager.
 o exit
  public static void exit()
Finalize the access control manager, and release its resources.
 o isInitialised
  public static boolean isInitialised()
Check whether the access manager has been initialised.
 o verifyCapability
  public static boolean verifyCapability(Capability c)
Verify whether a capability is valid. Check whether the capability belongs to any unlocked role, and if so, perform additional checks for the particular type of capabilty. If this checks fails, verifyCapability() returns false, otherwise it returns true. If the capability does not belong to an unlocked role, the user is first prompted to unlock one of the roles the capability belongs to. If the user does not unlock any of these roles, verifyCapability() returns false. If the capability does not belong to any roles, it is not valid.
Parameters:
c - capability to verify
Returns:
true if the capability is valid, false if not.
See Also:
Capability, Role

All Packages  Class Hierarchy  This Package  Previous  Next  Index