Implementation of SSL Using Information Security Component Interface

نویسنده

  • Chong-Sun Hwang
چکیده

Various security APIs (Application Programming Interfaces) are being used in a variety of application areas requiring the information security function. However, these standards are not compatible, and the developer must use those APIs selectively depending on the application environment or the programming language. To resolve this problem, we propose the standard draft of the information security component, while SSL (Secure Sockets Layer) using the confidentiality and integrity component interface has been implemented to verify validity of the standard proposal. The implemented SSL uses the lower-level SSL component when establishing the RMI (Remote Method Invocation) communication between components, as if the security algorithm had been implemented by adding one more layer on the TCP/IP. Keywords—Component Based Design, Application Programming Interface, Secure Socket Layer, Remote Method Invocation.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Design and Implementation of an SSL Component Based on CBD

SSL is one of the most popular protocols used on the Internet for secure communications. However SSL protocol has several problems. First, SSL protocol brings considerable burden to the CPU utilization so that performance and speed of the security service is lowered during encryption transaction. Second, SSL protocol can be vulnerable for cryptanalysis due to the fixed algorithm being used. Thi...

متن کامل

SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps

Many Android apps use SSL/TLS to transmit sensitive information securely. However, developers often provide their own implementation of the standard SSL/TLS certificate validation process. Unfortunately, many such custom implementations have subtle bugs, have built-in exceptions for self-signed certificates, or blindly assert all certificates are valid, leaving many Android apps vulnerable to S...

متن کامل

The SSL Reference Implementation Project

Information is now the most valuable resource in the world. Whether it is a personal letter or an industrial secret, all information has a worth to someone. This thesis considers issues of security and privacy for such information. It discusses the reasons for wishing to protect data and the methods available for doing so. Specifically, the project concerns cryptography and secure communication...

متن کامل

Multiple-Channel Security Architecture and its Implementation over SSL

This paper presents multiple-channel SSL (MC-SSL), an architecture and protocol for protecting client-server communications. In contrast to SSL, which provides a single end-to-end secure channel, MC-SSL enables applications to employ multiple channels, each with its own cipher suite and data-flow direction. Our approach also allows for several partially trusted application proxies. The main adv...

متن کامل

A Web Interface for Nessus Network Security Scanner

A fully functional web interface (NessusWeb) for the Nessus network security scanner has been developed. NessusWeb provides public accessibility for authorized users and supports SSL communication, multiple sessions and centralized scan configurations and management of scan reports. It was created using a multi-tier distributed architecture. The client tier is a web browser. The Apache Secure W...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006