Public Member Functions | Protected Member Functions | Private Attributes | Friends

wosh::SecurityManager Class Reference
[Core-Modules]

CoreModule which cares of system security and auditing. More...

#include <H:/WOSH/win32_vc2010/src/core/SecurityManager.h>

List of all members.

Public Member Functions

virtual ~SecurityManager ()
 Destructor. Events dataset is destroyed.
Message Events (incoming message)
void busMessage (const Message &message, const Bus *source)
 Method raised by the Bus when it processes a new message. Implementations will probably analyze the message and perform actions.

Static Public Member Functions

Public methods (bundles)
static WRESULT isAuthorized (const std::string &wosh_username, const SecurityAuthenticationSecret *secret, SecurityAuthenticationProvider *provider, const Object *source)
static WRESULT isAuthenticated (const std::string &wosh_username, SecurityAuthenticationProvider *provider, const Object *source)
static bool isTrustedHost (const WoshHost *)
 @ todo how to do AUDITING (tracing which clients accessed which resources and how)
static WRESULT validate (const WoshHost *source, const WoshHost *target, const NetworkChannel *channel)
static WRESULT validate (const Message *message, const NetworkChannel *channel)
static WRESULT validate (const Message *message, const Bus *source, const Bus *target)
static bool compareMask (short mask_pattern, short operation)
static bool evalAuthorization (const SecurityToken *security, const Permission *permissions, Permission::PERMISSION_TYPE operation)
static WRESULT validateToken (const SecurityToken *security)

Protected Member Functions

 SecurityManager (const WoshKernel *parent=NULL)
 Default constructor. Call base constructor and initialize some properties and hosted methods.
WRESULT onKernelInitializing ()
 Call base class implementation and create the Security Bus (wosh.Bus.Security).
IPropertiesProviderListener interface
bool updatingProperty (bool &do_update, const Variant &value_proposed, Property &property_current, const PropertiesProvider *source)

Private Attributes

BusConnector BusSecurity
 Bus of Security, network-shared, created by myself on kernel-init.
tMessageList eventsLog
 cache of last events (Message.Fact) monitored on Security bus.
long eventLogMaxSize
 size of the EventLog cache. 0 will disable logging
bool eventLogLocallyOnly
 when enabled (default), filter only local events

Friends

class wosh::WoshKernel

Internal Mehods and Events management

static SecurityManagergetInstance ()
 Access the SecurityManager singleton. Gamma Pattern. Static reference is allocated and detroyed by WoshKernel on constructor/destructor respectively.
void logEvent (const Message &message)
 Append a device-event to event-log cache. Reentrant.

Detailed Description

CoreModule which cares of system security and auditing.

-------------------------------------------------------------------------- Auditing ========= SecurityAuditingEngine (implemented within wosh::security) monitors security events and may apply countermeasures..

-------------------------------------------------------------------------- Authorization =============

idea: un component che fa da trust=> genera securitytoken criptato con dentro le info quindi un messaggio da communicator ha le info necessarie x valutare che sessione aprire e ereditare le credenziali

gli oggetti hanno permission ma legata a credenziali? hanno anche riferimento e credenziali? ---------------------------------------------------------------------------

OTTIMO: http://msdn.microsoft.com/en-us/library/ms788756.aspx

Identity and access management (IAM) remains a challenge in distributed systems. Security tokens are used to prove one's identity electronically (as in the case of a customer trying to access their bank account). The token is used in addition to or in place of a password to prove that the customer is who they claim to be. The token acts like an electronic key to access something. Use brokered authentication with a security token (ref http://msdn.microsoft.com/en-us/library/aa480563.aspx) PAM (Pluggable authentication modules)

----------------------------------

SecurityManager.png

wosh::SecurityManager UML diagram

Initialization:
inline_mscgraph_6
Version:
0.6.030
Id:
SecurityManager.h 3775 2011-01-01 16:38:17Z alex
Author:
Alessandro Polo

Definition at line 155 of file SecurityManager.h.


Constructor & Destructor Documentation

wosh::SecurityManager::SecurityManager ( const WoshKernel parent = NULL ) [protected]

Default constructor. Call base constructor and initialize some properties and hosted methods.

Parameters:
parent[in] WoshKernel singleton, passed to WoshModule constructor
Note:
Called by WoshKernel only. Static getter (gamma singleton) will return NULL until kernel is created.

Definition at line 68 of file SecurityManager.cpp.

References wosh::LOG_DEBUG.

wosh::SecurityManager::~SecurityManager (  ) [virtual]

Destructor. Events dataset is destroyed.

Definition at line 94 of file SecurityManager.cpp.

References wosh::LOG_DEBUG, and wosh::LOG_VERBOSE.


Member Function Documentation

void wosh::SecurityManager::busMessage ( const Message message,
const Bus source 
) [virtual]

Method raised by the Bus when it processes a new message. Implementations will probably analyze the message and perform actions.

Parameters:
[in]messagethe incoming message
[in]sourcethe source Bus of the incoming message
Warning:
The current thread is own and managed by the caller Bus. Heavy, dangerous or time expensive operations should be executed asynchronously and not inline!

Reimplemented from wosh::WoshModule.

Definition at line 167 of file SecurityManager.cpp.

References BusCore, wosh::Message::getContent(), wosh::Message::getSourceBus(), wosh::Message::isEmpty(), wosh::MessageContent::isFact(), and wosh::MessageContent::isRequest().

bool wosh::SecurityManager::compareMask ( short  mask_pattern,
short  operation 
) [static]

Todo:
using bitset

Definition at line 228 of file SecurityManager.cpp.

SecurityManager * wosh::SecurityManager::getInstance (  ) [static, private]

Access the SecurityManager singleton. Gamma Pattern. Static reference is allocated and detroyed by WoshKernel on constructor/destructor respectively.

Returns:
pointer to SecurityManager singleton. May be NULL (if kernel has not been allocated yet)

Definition at line 57 of file SecurityManager.cpp.

static bool wosh::SecurityManager::isTrustedHost ( const WoshHost  ) [inline, static]

@ todo how to do AUDITING (tracing which clients accessed which resources and how)

Definition at line 195 of file SecurityManager.h.

void wosh::SecurityManager::logEvent ( const Message message ) [private]

Append a device-event to event-log cache. Reentrant.

Parameters:
message[in] the message representing the devic-event (from Device bus, containing Fact)
See also:
eventsLog

Definition at line 183 of file SecurityManager.cpp.

References wosh::ISerializable::clone(), and wosh::Message::getSource().

WRESULT wosh::SecurityManager::onKernelInitializing (  ) [protected, virtual]

Call base class implementation and create the Security Bus (wosh.Bus.Security).

Returns:
result of WoshModule::onKernelInitializing() + bus-creation result

Reimplemented from wosh::WoshModule.

Definition at line 114 of file SecurityManager.cpp.

References wosh::LOG_CRITICAL, wosh::LOG_INFO, wosh::LOG_VERBOSE, wosh::Bus::setName(), and WRET_ERR_INTERNAL.


Member Data Documentation

Bus of Security, network-shared, created by myself on kernel-init.

Definition at line 258 of file SecurityManager.h.

when enabled (default), filter only local events

Definition at line 274 of file SecurityManager.h.

size of the EventLog cache. 0 will disable logging

Definition at line 273 of file SecurityManager.h.

cache of last events (Message.Fact) monitored on Security bus.

Definition at line 272 of file SecurityManager.h.


The documentation for this class was generated from the following files:

Generated on Tue Feb 8 2011 09:33:32 for WOSH system 0.8.888 [wolf] by Alessandro Polo, using DoxyGen 1.7.2 hosted by WOSH Framework