Release Notes for Aglets Software Development Kit

These are the release notes for Aglets Software Development Kit version 1.1 beta1. Below you will find a list of changes made since the ASDK 1.0.

What is 1.1?
What's new
Experimental features
Expected Changes in the future release
Fixed bugs
Known Issues

What is the 1.1 release?

The 1.1 release is the next major release of ASDK. This beta package includes some of new features planned for 1.1 such as SecurityAPI and MASIF interface. It may also include more features in the future beta releases, which is not listed here. Note that new features in the beta packages are subject to change.

What's new?

Finder and aglet server's cooperation is added as an experimental feature. See this document for detail.

The security mechanism is reformed.
JDK 1.2-like authorization is introduced. A aglets security policy is used for fine grained access control. The policy description language is an extention of Java security policy description language in JDK 1.2. Here is an example of aglets security policy file:
grant
    // the class file is loaded from any host in ibm.com,
    // on port 0 upto 1023, with any protocol
    codeBase "*://*.ibm.com:0-1023/",
    // the class file is included in jar file signed by "alan" and "bob"
    signedBy "alan, bob",
    // the aglet object is instantiated by "charlie" or "diana"
    ownedBy "charlie, diana"
{
    // the aglet can send system messages (DISPATCH, DISPOSE, and CLONE) to any owner's aglets
    permission com.ibm.aglets.security.AgletPermission "*", "dispatch,dispose,clone";
    // the aglet can send system messages (DISPATCH and DEACTIVATE) to edward's aglets
    permission com.ibm.aglets.security.AgletPermission "edward", "dispatch,deactivate";

    // the aglet can read and write any file under /tmp/aglets,
    permission java.io.FilePermission "/tmp/aglets/-", "read,write";
    // the aglet can read any file under /tmp.
    permission java.io.FilePermission "/tmp/-", "read";

    // the aglet can connect to any host in ibm.com on any port with Socket API
    permission java.net.SocketPermission "*.ibm.com:*", "connect";
};
Aglet servers will authenticate each other when ATP connection is established between them. Authentication is based on security domain concept. Security domain is collection of aglet servers, and every aglet server belongs some security domains. A server can establish ATP connection only to the other servers who belong to the same security domain. The protocol of domain authentication between aglet servers uses a challenge-response way. The protocol is mutual, and requires that both of aglet server as sender and receiver share a "secret". According to the protocol, sender and receiver exchange challenge between them, calculate MAC (Message Authentication Code) with the challenge and shared secret, answer the MAC as response, and verify it. The shared secret is stored in the file "secrets.dat". For the feature, tahiti provides the following options:

-noauthentication

-authentication

-pseudoseed

-secureseed

Protection of aglet object from outside world.

An user who wants to use aglet server is authenticated on "login" process. And then the user owns the aglet server. Aglets created on the aglet server are owned by the user. Those aglets run with the owner's authorization.

Ticket is introduced. Tickets denote destination and way of the aglet trip. Tickets can be used as substitutes for URLs on dispatching. A ticket consists of an URL and a QoC. A QoC defines the required quality of the aglet communication; integrity of the aglet's byte stream, confidentiality of the aglet object data, and timeout for the aglet communication. Here is an example to dispatch an aglet with a ticket:
import com.ibm.aglet.Aglet;
import com.ibm.aglet.QoC;
import com.ibm.aglet.Ticket;
import java.net.MalformedURLException;

public class MyAglet extends Aglet {
    public void onCreation(Object init) {
        // Integrity: normal
        // Confidentiality: nothing
        // Time-out: nothing
        QoC qoc = new QoC(QoC.NORMALINTEGRITY, QoC.NOCONFIDENTIALITY);
        // Ticket
        Ticket ticket = null;
        try {
            ticket = new Ticket("atp://foo.bar.com:434/", qoc);
        } catch(MalformedURLException excpt) {
            return;
        }
        // dispatch
        if (ticket != null) {
            try {
                dispatch(ticket);
            } catch(Exception excpt) {
                excpt.printStackTrace();
            }
        }
    }
}
Communiation Layer has been re-implemented to use MASIF (Mobile Agent System Interoperability Facility) - like interface. Note that the current implementation is preliminary. It uses ATP or RMI as a transport protocol, but not CORBA. Thus, it does not work with other MASIF complient system for the time being.

The Aglets now caches the bytecodes being transfered.
Experimental Features
These are experimental functions which are in the design phase and may possibly be removed in the future.

Snapshot. Simple and light weight mechanism to recover an aglet's state in case of server crash. When the server crashes and you had a snapshot created before by using the Aglet.snapshot() method call, the aglet is activated again (with the same state at the point in time of the snapshot creation).

HTTP messaging.

Finder. Registration server for aglets servers, aglet contexts, and aglets. Though the interface of Finder is compliant with the one defined in MASIF, it is a RMI server, not a CORBA server. Current version of Finder is standalone, thus it does not federate other Finders. If the aglets server started with finder properties set, the semantics of the API com.ibm.aglet.AgletContext#getAgletProxy(AgletID) will change. Without Finder, this API returns null if such aglet was not in the context. But with Finder, the server will try to ask the locatoin of the aglet to Finder and get an AgletProxy for it.

Expected changes in the future release.

Exceptions defined in the J-AAPI will be redesigned.

You will have to explicitly "export" Aglet and AgletContext objects in order to make them remotely accessible/visible.

Server Development API and Client API may have to be polished.
Current sample program for client API is not complete. Please wait for the time being.

Integrity check of transferred aglet byte stream and messages.

Confidentiality of transferred aglet byte stream and messages.

Bugs fixed since 1.0

Changes to J-AAPI (Since 1.0)

Added APIs

Classes

com.ibm.aglet.Ticket

com.ibm.aglet.QoC

com.ibm.aglet.security.AgletProtection

com.ibm.aglet.security.MessageProtection

Methods

com.ibm.aglet.Aglet#dispatch(Ticket)

com.ibm.aglet.Aglet#setProtections

com.ibm.aglet.Aglet#getProtections

com.ibm.aglet.AgletProxy#dispatch(Ticket)

com.ibm.aglet.event.MobilityEvent#getTicket

com.ibm.aglet.system.AgletRuntime#authenticate

com.ibm.aglet.system.AgletRuntime#getOwnerIdentity

com.ibm.aglet.system.AgletRuntime#getOwnerName

Removed APIs

Methods

com.ibm.aglet.AgletContext#activateAglet

Changed APIs

Methods

com.ibm.aglet.system.AgletRuntime#init

com.ibm.aglet.system.AgletRuntime#getServerURL -> getServerAddress

Deprecated/Obsolete APIs

These remain in the APIs only for the purpose of backward compatibility. Please do not use these methods.
Methods

com.ibm.aglet.AgletID#constructor

com.ibm.aglet.AgletID#toByteArray()

com.ibm.aglet.AgletContext#getAgletProxies()

com.ibm.aglet.AgletContext#getAgletProxy(URL, AgletID id)

com.ibm.aglet.AgletContext#retractAglet(URL)

Experimental features

snapshot

HTTP messaging

Finder

[ TRL home page | IBM Research home page ]
[ IBM home page | IBM Japan | Order | Search | Contact | Legal ]