CryptoNET: Security Management Protocols
نویسنده
چکیده
In this paper we describe several network security protocols used by various components of CryptoNET architecture. The protocols are based on the concept of generic security objects and on wellestablished security standards and technologies. Distinctive features of our security protocols are: (1) they are complete in terms of their functionality, (2) they are easy to integrate with applications, (3) they transparently handle security credentials and protocol-specific attributes using FIPS 201 (PIV) smart cards, and (4) they are based on generic security objects. These protocols are: remote user authentication protocol, single-sign-on protocol, SAML authorization protocol, and secure sessions protocol. Security protocols use our Security Provider as a collection of cryptographic engines implemented either in software or using FIPS 201 (PIV) smart cards. It also manages protocols’ attributes using security applets stored in PIV smart card. Key-Words: FIPS-201 (PIV) smart cards, mutual strong authentication, generic security objects,, secure session, key management, authorization policies.
منابع مشابه
Network-assisted genetic dissection of pathogenicity and drug resistance in the opportunistic human pathogenic fungus Cryptococcus neoformans
Cryptococcus neoformans is an opportunistic human pathogenic fungus that causes meningoencephalitis. Due to the increasing global risk of cryptococcosis and the emergence of drug-resistant strains, the development of predictive genetics platforms for the rapid identification of novel genes governing pathogenicity and drug resistance of C. neoformans is imperative. The analysis of functional gen...
متن کاملCryptoNET: Integrated Secure Workstation
In most of the current applications security is usually provided individually. This means that various applications use their own security mechanisms and services, applied only to their own resources and functions. Furthermore, procedures to configure security parameters are usually inconvenient and complicated for non-technical users. As an alternative to this approach, we have designed and im...
متن کاملProvably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملNetwork Working Group M. Baugher Request for Comments: 4046
This document defines the common architecture for Multicast Security (MSEC) key management protocols to support a variety of application, transport, and network layer security protocols. It also defines the group security association (GSA), and describes the key management protocols that help establish a GSA. The framework and guidelines described in this document permit a modular and flexible ...
متن کاملDraft Mark Baugher ( Cisco ) IETF
This document defines the common architecture for Multicast Security (MSEC) key management protocols that support a variety of application, transport, and network layer security protocols. It also defines the group security association (GSA), and describes the key management protocols that help establish a GSA. The framework and guidelines described in this document allow for a modular and flex...
متن کامل