Jump to: navigation, search

Security:Alert

Overview

Some use case has the requirements to use the same brandable alert UI pop-up dialog in the following situations: OSGI tries to load untrusted bundles, connecting to a https server that has untrusted server certificate, and a component within the system tries to delete files that has not permission. Below is our draft of UI mockup.

UI Mockup

Alertui1025.jpg


The Alert UI is a composite of content information and a set of alert status. The content information and alert status box will contain different based on the alert context. For example, in the load time scenario that OSGI tries to load an untrusted bundle, the content information box will contain bundle information and selecting the advanced button will show user more information such as certificate chain and their expiration date. The Operation Message will contain string like "Loading Bundle", "Making SSL Conection" and "Performing non-privileged action." The Operation Specfics will contain a string that could be bundle name or ssl server name.

Each alert status can contain a set of alert options that user can select and there is no limitations on the number of selected alert options. Some of the alert options are like "Remember this answer the next time I use!" and "Persist the signer certificates." Each alert status box can also contain a set of alert action but users can only select ONE alert action.

Design

The goal is to design a alert framework to fulfil the requirements mentioned as above. However, the design should be flexible enough to extend the functionality into different context. for example, executing Javascript at Java runtime requires user to grant. Below are the interfaces that we come up w/.

AlertContext

It contains all the information that Alert UI needs to present to the user. An alert context will contain a IContentInfo and 0 or more IAlertStatus.

IContentInfo

It contains the content information that is specific to each context. It also contains the overall icon for the context. The operation msg will indicate the operation (loadtime, runtime, ssl and etc) that is executing within the context.

IAlertResponse

After a end user press 'Done' or 'Ok' on the alert UI dialog, the result will be turned into a IAlertResponse object will be handled to a appropriate IAlertResponseCallbackHandler.

IAlertStatus

It represents a alert status within a context. Each instance contains 0 or more IAlertAction or IAlertOption. However, only one IalertAction can be selected and 0 or more IAlertOption can be selected.

IAlertAction

It just model the alert action within a alert context. It contains a unique string representation of itself. An example of IAlertAction could be 'Allow' and 'Deny'.

IAlertOption

It models the alert options that are associated with each IalertStatus. Some of the IAlertOption are like 'trust this bundle permanently' or 'trust this bundle for this session only.'

IResponseCallbackHandler

An instance of this interface will know how to handle set AlertAction and AlertOption. Default LoadTimeStatusCallbackHandler will call the default LoadTime CertificateTrustAuthority for persisting the chain of Certificate.

ISecurityPolicyEngine

continue...