Commit 81f7ee6c authored by Paff's avatar Paff
Browse files

transformations trustlevel and critical port

changes caused by cpe
config for analysis
tool 
parent af6915d0
L01-List-Filters 1
L02-List-Critical-Ports 1
L03-List-Incoming-Ports 1
L04-List-Outgoing-Ports 1
L05-List-Ports-String 1
L06-List-Third-Party-Components 1
L07-List-Not-Reviewed-Configuration 1
D01-Derive-Role-Component 1
D02-Derive-Role-Port 1
D03-Derive-Role-Third-Party-Component 1
D04-Derive-Trustlevel-Component 1
E01-Unencrypted-Connector-In-Path 1
E02-Encrypted-Path-Continues-Unencrypted 1
E03-Enrypted-Path-continues-Unencrypted 1
E04-Trustlevel-Unencrypted-Path-In-Low 1
E05-Unencrypted-Path-End-In-Low-Trustlevel 1
E06-Trustlevel-Connector-Higher 1
I01-Encrypted-Connector 1
I02-Trustlevel-Client-Server 1
I03-Roles-Defined 1
F01-Taint-Tracking 1
F02-High-Trustlevel 1
T01-Reason-Trustlevel 1
T02-High-Trustlevel 1
WI01Access-Roles 1
WI02-Third-Party-Component-Security 1
WI03-Low-Trustlevel 1
WI04-Critical-Ports 1
\ No newline at end of file
......@@ -21,6 +21,7 @@ import secarc.ets.check.MontiSecArcAnalysisCreator;
import secarc.ets.check.MontiSecArcAnalysisVisitor;
import secarc.ets.check.MontiSecArcAnalysisWorkflow;
import secarc.ets.transform.PreCoCoCheckMontiSecArcTransformationWorkflow;
import secarc.ets.transform.criticalport.PreAnalysisCriticalPortTransformationWorkflow;
import secarc.ets.transform.trustlevel.PreAnalysisTrustlevelTransformationWorkflow;
/**
......@@ -41,15 +42,15 @@ public final class MontiSecArcAnalysis extends MontiSecArc {
/**
* Factory method for {@link MontiSecArcAnalysis}.l
*/
public static MontiSecArcAnalysis newLanguage(ILanguage component, List<String> analysisParameter, boolean critical) {
return new MontiSecArcAnalysis(component, analysisParameter, critical);
public static MontiSecArcAnalysis newLanguage(ILanguage component, List<String> analysisParameter, boolean critical, String analysisConfPath) {
return new MontiSecArcAnalysis(component, analysisParameter, critical, analysisConfPath);
}
/**
* Constructor for secarc.MontiSecArcAnalysis
*/
@Inject
public MontiSecArcAnalysis(final ILanguage component, List<String> analysisParameter, boolean critical) {
public MontiSecArcAnalysis(final ILanguage component, List<String> analysisParameter, boolean critical, String analysisConfPath) {
super(component);
// PARSING-SETUP
......@@ -78,7 +79,7 @@ public final class MontiSecArcAnalysis extends MontiSecArc {
//Workflow for Analysis
MontiSecArcAnalysisWorkflow<MontiSecArcRoot> analysisWorkflow = new MontiSecArcAnalysisWorkflow<MontiSecArcRoot>(LANGUAGE_ROOT);
//AnalysisCreator
analysisWorkflow.setAnalysis(MontiSecArcAnalysisCreator.createAnalysis());
analysisWorkflow.setAnalysis(MontiSecArcAnalysisCreator.createAnalysis(analysisConfPath));
//AnalysisConfiguratin
analysisWorkflow.setAnalysisConfiguration(MontiSecArcAnalysisCreator.createConfig());
//Visitor for Analysis
......@@ -103,7 +104,7 @@ public final class MontiSecArcAnalysis extends MontiSecArc {
//Workflow for Analysis
MontiSecArcAnalysisWorkflow<MontiSecArcRoot> analysisTransformWorkflow = new MontiSecArcAnalysisWorkflow<MontiSecArcRoot>(LANGUAGE_ROOT);
//AnalysisCreator
analysisTransformWorkflow.setAnalysis(MontiSecArcAnalysisCreator.createAnalysis());
analysisTransformWorkflow.setAnalysis(MontiSecArcAnalysisCreator.createAnalysis(analysisConfPath));
//AnalysisConfiguratin
analysisTransformWorkflow.setAnalysisConfiguration(MontiSecArcAnalysisCreator.createConfig());
//Visitor for Analysis
......@@ -121,7 +122,8 @@ public final class MontiSecArcAnalysis extends MontiSecArc {
//Add Workflow for Analysis for advanced users: what if
addExecutionUnit(MontiSecArcConstants.ANALYSIS_WORKFLOW_ADVANCED_WHAT_IF, analysisTransformWorkflow);
PreAnalysisCriticalPortTransformationWorkflow<MontiSecArcRoot> criticalPortTransformationWorkflow = new PreAnalysisCriticalPortTransformationWorkflow<MontiSecArcRoot>(MontiSecArcRoot.class);
addExecutionUnit("transformCriticalPort", criticalPortTransformationWorkflow);
}
/**
......
......@@ -34,7 +34,8 @@ public class MontiSecArcAnalysisTool extends ETSTool {
MCG.initMonticoreGlobals();
List<String> analysisParameter = getAnalysisParameter(arguments);
boolean critical = isAnalysisCritical(arguments);
MontiSecArcAnalysisTool tool = new MontiSecArcAnalysisTool(cleanArgumentList(arguments), analysisParameter, critical);
String analysisConfPath = getAnalysisConfPath(arguments);
MontiSecArcAnalysisTool tool = new MontiSecArcAnalysisTool(cleanArgumentList(arguments), analysisParameter, critical, analysisConfPath);
tool.init();
tool.run();
......@@ -56,6 +57,27 @@ public class MontiSecArcAnalysisTool extends ETSTool {
return false;
}
/**
* Path to config file
*
* @param arguments
* @return String path to config file
*/
protected static String getAnalysisConfPath(String[] arguments) {
boolean confpathExists = false;
for(String argument : arguments) {
if(argument.equals(MontiSecArcConstants.ARG_ANALYSISCONFPATH)) {
confpathExists = true;
continue;
}
if(confpathExists) {
return argument;
}
}
return "";
}
/**
* Searches for analysis parameters
*
......@@ -94,6 +116,7 @@ public class MontiSecArcAnalysisTool extends ETSTool {
protected static String[] cleanArgumentList(String[] arguments) {
List<String> cleanedArguments = new ArrayList<String>();
boolean isAnalysisParameter = false;
boolean isAnalysisConfPath = false;
for(String argument : arguments) {
if(argument.equals(MontiSecArcConstants.ANALYSIS_CIRITICAL_PORTS)) {
continue;
......@@ -105,6 +128,17 @@ public class MontiSecArcAnalysisTool extends ETSTool {
continue;
}
if(argument.equals(MontiSecArcConstants.ARG_ANALYSISCONFPATH)) {
isAnalysisConfPath = true;
continue;
}
if(isAnalysisConfPath) {
isAnalysisConfPath = false;
continue;
}
if(isAnalysisParameter) {
//New parameter
if(argument.contains("-") || argument.contains("/")) {
......@@ -125,14 +159,14 @@ public class MontiSecArcAnalysisTool extends ETSTool {
*
* @param arguments
*/
public MontiSecArcAnalysisTool(String[] arguments, List<String> analysisParameter, boolean critical) {
public MontiSecArcAnalysisTool(String[] arguments, List<String> analysisParameter, boolean critical, String analysisConfPath) {
super(arguments);
Injector injector = Guice.createInjector(new MontiSecArcDefaultModule());
InjectorProvider.setInjector(injector);
LanguageFamily languageFamily = new LanguageFamily();
languageFamily.addLanguage(MontiSecArcAnalysis.newLanguage(injector.getInstance(MontiSecArcComponent.class), analysisParameter, critical));
languageFamily.addLanguage(MontiSecArcAnalysis.newLanguage(injector.getInstance(MontiSecArcComponent.class), analysisParameter, critical, analysisConfPath));
setLanguages(languageFamily);
// set default CoCos
......
......@@ -25,6 +25,6 @@ public interface ISecAnalysisComponentChecker {
* @param entry
* @throws AmbigousException
*/
void check(ASTArcComponent node, SecComponentEntry entry, boolean advanced) throws AmbigousException;
int check(ASTArcComponent node, SecComponentEntry entry, boolean advanced) throws AmbigousException;
}
......@@ -23,6 +23,6 @@ public interface ISecAnalysisConfigurationChecker {
* @param node
* @param entry
*/
void check(ASTSecArcConfiguration node, ConfigurationEntry entry, boolean advanced);
int check(ASTSecArcConfiguration node, ConfigurationEntry entry, boolean advanced);
}
......@@ -27,7 +27,7 @@ public interface ISecAnalysisConnectorChecker {
* @param entry
* @throws AmbigousException
*/
void check(ASTArcConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
int check(ASTArcConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
/**
*
......@@ -35,6 +35,6 @@ public interface ISecAnalysisConnectorChecker {
* @param entry entry related connector entry to be checked
* @throws AmbigousException
*/
void check(ASTArcSimpleConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
int check(ASTArcSimpleConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
}
......@@ -27,6 +27,6 @@ public interface ISecAnalysisFilterChecker {
* @param graph
* @throws AmbigousException
*/
void check(ASTSecArcFilter node, FilterEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;;
int check(ASTSecArcFilter node, FilterEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;;
}
......@@ -27,6 +27,6 @@ public interface ISecAnalysisIdentityChecker {
* @param graph
* @throws AmbigousException
*/
void check(ASTSecArcIdentity node, IdentityEntry entry, ArchitectureGraph graphConnectorEdges, ArchitectureGraph graphIdentityEdges, boolean advanced) throws AmbigousException;
int check(ASTSecArcIdentity node, IdentityEntry entry, ArchitectureGraph graphConnectorEdges, ArchitectureGraph graphIdentityEdges, boolean advanced) throws AmbigousException;
}
......@@ -27,6 +27,6 @@ public interface ISecAnalysisPortChecker {
* @param graph
* @throws AmbigousException
*/
void check(ASTArcPort node, SecPortEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
int check(ASTArcPort node, SecPortEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
}
......@@ -27,6 +27,6 @@ public interface ISecAnalysisRoleChecker {
* @param graph
* @throws AmbigousException
*/
void check(ASTSecArcRole node, RoleEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
int check(ASTSecArcRole node, RoleEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
}
......@@ -26,6 +26,6 @@ public interface ISecAnalysisTrustlevelRelationChecker {
* @param graph
* @throws AmbigousException
*/
void check(ASTSecArcTrustlevelRelation node, TrustlevelRelationEntry entry, boolean advanced) throws AmbigousException;
int check(ASTSecArcTrustlevelRelation node, TrustlevelRelationEntry entry, boolean advanced) throws AmbigousException;
}
......@@ -11,7 +11,7 @@ import secarc.ets.check.MontiSecArcAnalysisConstants;
import secarc.ets.entries.SecComponentEntry;
/**
* Lists all third party components with configuration and version
* L01: Lists all third party components with configuration and version
*
* <br>
* <br>
......@@ -24,9 +24,15 @@ import secarc.ets.entries.SecComponentEntry;
*/
public class ListThirdPartyComponents extends Analysis implements
ISecAnalysisComponentChecker {
/**
* Factor rating of analysis
*/
private int factor = 1;
public ListThirdPartyComponents() {
public ListThirdPartyComponents(int factor) {
super(MontiSecArcAnalysisConstants.LIST_THIRD_PARTY_COMPONENTS);
this.factor = factor;
}
/*
......@@ -34,11 +40,14 @@ public class ListThirdPartyComponents extends Analysis implements
* @see secarc.ets.analysis.checker.ISecAnalysisComponentChecker#check(mc.umlp.arcd._ast.ASTArcComponent, secarc.ets.entries.SecComponentEntry)
*/
@Override
public void check(ASTArcComponent node, SecComponentEntry entry, boolean advanced)
public int check(ASTArcComponent node, SecComponentEntry entry, boolean advanced)
throws AmbigousException {
if(entry.getConfiguration() != null && entry.getVersion() != null) {
addReport("The third party component " + NameHelper.getSimplenameFromComplexname(entry.getName()) + " has the version " + entry.getVersion().getVersion() + " and configuration " + entry.getConfiguration().getName() + ".", node.get_SourcePositionStart());
if(entry.getConfiguration() != null && entry.getCPE() != null) {
addReport("The third party component " + NameHelper.getSimplenameFromComplexname(entry.getName()) + " has the version " + entry.getCPE().getCPE() + " and configuration " + entry.getConfiguration().getName() + ".", node.get_SourcePositionStart());
return factor;
}
return 0;
}
/*
......
......@@ -9,7 +9,7 @@ import secarc.ets.check.MontiSecArcAnalysisConstants;
import secarc.ets.entries.ConfigurationEntry;
/**
* Checks if a configuration is reviewed.
* L07: Checks if a configuration is reviewed.
* Information gathering:
* - Testing for Web application fingerpring
* - Application discovery
......@@ -28,19 +28,27 @@ import secarc.ets.entries.ConfigurationEntry;
public class ReviewedConfiguration extends Analysis implements
ISecAnalysisConfigurationChecker {
public ReviewedConfiguration() {
/**
* Factor rating of analysis
*/
private int factor = 1;
public ReviewedConfiguration(int factor) {
super(MontiSecArcAnalysisConstants.REVIEWED_CONFIGURATION);
this.factor = factor;
}
/*
* (non-Javadoc)
* @see secarc.ets.analysis.checker.ISecConfigurationChecker#check(secarc._ast.ASTSecArcConfiguration, secarc.ets.entries.ConfigurationEntry)
*/
public void check(ASTSecArcConfiguration node, ConfigurationEntry entry, boolean advanced) {
public int check(ASTSecArcConfiguration node, ConfigurationEntry entry, boolean advanced) {
String name = entry.getName();
if(!name.endsWith("_reviewed")) {
addReport("The configuration " + name + " is not reviewed, yet. After the configuration is reviewed, a \"_reviewed\" must be added to the configuration's name.", node.get_SourcePositionStart());
return factor;
}
return 0;
}
/*
......
......@@ -21,7 +21,7 @@ import secarc.ets.graph.Edge;
import secarc.ets.graph.Vertex;
/**
* Checks if an encrypted path continues unencrypted.
* E03: Checks if an encrypted path continues unencrypted.
* Then the message is readable for the following components
*
* <br>
......@@ -36,19 +36,25 @@ import secarc.ets.graph.Vertex;
public class EncryptedPathContinuesUnencrypted extends Analysis implements
ISecAnalysisPortChecker {
public EncryptedPathContinuesUnencrypted() {
/**
* Factor rating of analysis
*/
private int factor = 1;
public EncryptedPathContinuesUnencrypted(int factor) {
super(MontiSecArcAnalysisConstants.ENCRYPTED_PATH_CONTINUES_UNENCRYPTED);
this.factor = factor;
}
@Override
public void check(ASTArcPort node, SecPortEntry entry,
public int check(ASTArcPort node, SecPortEntry entry,
ArchitectureGraph graph, boolean advanced) throws AmbigousException {
//Checks if the port is a target of an encrypted connection
ConnectorEntry connectorEntry = AnalysisHelper.isPortBenningOfPath(entry, graph);
//No encryption before
if(connectorEntry == null || ((SecConnectorEntry) connectorEntry).isUnencrypted()) {
return;
return 0;
}
Vertex<PortEntry> portVertex = Vertex.of(entry);
......@@ -102,7 +108,9 @@ public class EncryptedPathContinuesUnencrypted extends Analysis implements
if(outputAllowed) {
addReport(sbuilder.toString(), node.get_SourcePositionStart());
return factor;
}
return 0;
}
@Override
......
......@@ -24,7 +24,7 @@ import mc.umlp.arcd._ast.ASTArcPort;
import mc.umlp.arcd.ets.entries.PortEntry;
/**
* Checks if a path consists of encrypted and unencrypted parts
* E01: Checks if a path consists of encrypted and unencrypted parts
*
* - SSL/TLS Testing
*
......@@ -40,19 +40,25 @@ import mc.umlp.arcd.ets.entries.PortEntry;
public class EncryptedPathWithUnencryptedPart extends Analysis
implements ISecAnalysisPortChecker {
public EncryptedPathWithUnencryptedPart() {
/**
* Factor rating of analysis
*/
private int factor = 1;
public EncryptedPathWithUnencryptedPart(int factor) {
super(MontiSecArcAnalysisConstants.ENCRYPTED_PATH_WITH_UNENCRYPTED_PART);
this.factor = factor;
}
/*
* (non-Javadoc)
* @see secarc.ets.cocos.checkers.ISecPortChecker#check(mc.umlp.arcd._ast.ASTArcPort, secarc.ets.entries.SecPortEntry)
*/
public void check(ASTArcPort node, SecPortEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException{
public int check(ASTArcPort node, SecPortEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException{
//Checks if the path starts with this port
if(AnalysisHelper.isPortBenningOfPath(entry, graph) != null) {
return;
return 0;
}
......@@ -119,6 +125,7 @@ public class EncryptedPathWithUnencryptedPart extends Analysis
}
sBuilder.append(". The unecrypted parts are marked by *. It is likely that an encryption is missing.");
addReport(sBuilder.toString(), node.get_SourcePositionStart());
return factor;
}
}
......@@ -127,6 +134,7 @@ public class EncryptedPathWithUnencryptedPart extends Analysis
unencryted = false;
}
}
return 0;
}
/*
......
......@@ -19,7 +19,7 @@ import secarc.ets.entries.SecSubComponentEntry;
import secarc.ets.graph.ArchitectureGraph;
/**
* Checks if an unencrypted connector is embedded in a component with a low trustlevel
* E04: Checks if an unencrypted connector is embedded in a component with a low trustlevel
*
* - SSL/TLS Testing
*
......@@ -34,9 +34,15 @@ import secarc.ets.graph.ArchitectureGraph;
*/
public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
implements ISecAnalysisConnectorChecker {
/**
* Factor rating of analysis
*/
private int factor = 1;
public UnencryptedConnectorThroughLowTurstlevel() {
public UnencryptedConnectorThroughLowTurstlevel(int factor) {
super(MontiSecArcAnalysisConstants.UNENCRYPTED_CONNECTOR_THROUGH_LOW_TRUSTLEVEL);
this.factor = factor;
}
/*
......@@ -44,9 +50,9 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
* @see secarc.ets.analysis.checker.ISecAnalysisComponentChecker#check(mc.umlp.arcd._ast.ASTArcComponent, secarc.ets.entries.SecComponentEntry)
*/
@Override
public void check(ASTArcComponent node, SecComponentEntry entry, boolean advanced)
public int check(ASTArcComponent node, SecComponentEntry entry, boolean advanced)
throws AmbigousException {
return 0;
}
/*
......@@ -54,9 +60,9 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
* @see secarc.ets.analysis.checker.ISecAnalysisConnectorChecker#check(cc.clarc.lang.architecture._ast.ASTArcConnector, secarc.ets.entries.SecConnectorEntry)
*/
@Override
public void check(ASTArcConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced)
public int check(ASTArcConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced)
throws AmbigousException {
innerCheck(node, entry, node.getMainParent());
return innerCheck(node, entry, node.getMainParent());
}
/*
......@@ -64,9 +70,9 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
* @see secarc.ets.analysis.checker.ISecAnalysisConnectorChecker#check(mc.umlp.arcd._ast.ASTArcSimpleConnector, secarc.ets.entries.SecConnectorEntry)
*/
@Override
public void check(ASTArcSimpleConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced)
public int check(ASTArcSimpleConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced)
throws AmbigousException {
innerCheck(node, entry, node.getMainParent());
return innerCheck(node, entry, node.getMainParent());
}
/**
......@@ -75,9 +81,9 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
* @param entry
* @throws AmbigousException
*/
protected void innerCheck(ASTNode node, SecConnectorEntry entry, ASTArcComponent nodeParent) throws AmbigousException {
protected int innerCheck(ASTNode node, SecConnectorEntry entry, ASTArcComponent nodeParent) throws AmbigousException {
if(entry.isEncrypted()) {
return;
return 0;
}
SecComponentEntry parentComp = (SecComponentEntry) resolver.resolve(nodeParent.getName(), ComponentEntry.KIND, getNameSpaceFor(nodeParent));
......@@ -152,8 +158,11 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
if(parentTrustlevelCompare < sourceTrustlevelCompare || parentTrustlevelCompare < targetTrustlevelCompare) {
addReport("The unencrypted connector " + entry + " is embedded in a component with a low trustlevel: " + parentTrustlevel +
". A trustlevel is defined as low if the trustlevel of the super component is lower than the trustlevel of the source or target component.", node.get_SourcePositionStart());
return factor;
}
return 0;
}
/*
......
......@@ -12,7 +12,7 @@ import secarc.ets.entries.SecPortEntry;
import secarc.ets.graph.ArchitectureGraph;
/**
* String is a very unspecific input type. Therfore, it should be avoided
* L05: String is a very unspecific input type. Therfore, it should be avoided
*
* <br>
* <br>
......@@ -26,8 +26,14 @@ import secarc.ets.graph.ArchitectureGraph;
public class AvoidInputString extends Analysis implements
ISecAnalysisPortChecker {
public AvoidInputString() {
/**
* Factor rating of analysis
*/
private int factor = 1;
public AvoidInputString(int factor) {
super(MontiSecArcAnalysisConstants.AVOID_INPUT_STRING);
this.factor = factor;
}
/*
......@@ -35,12 +41,15 @@ public class AvoidInputString extends Analysis implements
* @see secarc.ets.analysis.checker.ISecAnalysisPortChecker#check(mc.umlp.arcd._ast.ASTArcPort, secarc.ets.entries.SecPortEntry, secarc.ets.graph.ArchitectureGraph)
*/
@Override
public void check(ASTArcPort node, SecPortEntry entry,
public int check(ASTArcPort node, SecPortEntry entry,
ArchitectureGraph graph, boolean advanced) throws AmbigousException {
if(AnalysisHelper.isPortBenningOfPath(entry, graph) != null
&& entry.getTypeReference().getExtendedName().equals("java.lang.String")) {
addReport("The input port " + entry.getName() + " has the type " + entry.getTypeReference() + ". This type is not specific enough.", node.get_SourcePositionStart());
return factor;
}
return 0;
}
......
......@@ -29,7 +29,7 @@ import secarc.ets.graph.Edge;
import secarc.ets.graph.Vertex;
/**
* Checks if an encrypted path ends in a low trustlevel
* E05: Checks if an encrypted path ends in a low trustlevel
*
* - SSL/TLS Testing
*
......@@ -45,8 +45,14 @@ import secarc.ets.graph.Vertex;
public class EncryptedPathEndInLowTrustlevel extends DerivedTrustlevel implements
ISecAnalysisPortChecker {
public EncryptedPathEndInLowTrustlevel() {
/**
* Factor rating of analysis
*/
private int factor = 1;
public EncryptedPathEndInLowTrustlevel(int factor) {
super(MontiSecArcAnalysisConstants.ENRYPTED_PATH_END_IN_LOW_TRUSTLEVEL);
this.factor = factor;
}