A model and design of a security provider for Java applications

Author

Abbasi, A.G. ; Muftic, S. ; Schmolzer, G.

Author_Institution

Sch. of Electr. Eng. & Comput. Sci., NUST, Islamabad, Pakistan

fYear

2009

fDate

9-12 Nov. 2009

Firstpage

1

Lastpage

7

Abstract

The model and design of a generic security provider provides a comprehensive set of security services, mechanisms, encapsulation methods, and security protocols for Java applications. The model is structured in four layers; each layer provides services to the upper layer and the top layer provide services to applications. The services reflect security requirements derived from a wide range of applications; from small desktop applications to large distributed enterprise environments. Based on the abstract model, this paper describes design and implementation of an instance of the provider comprising various generic security modules: symmetric key cryptography, asymmetric key cryptography, hashing, encapsulation, certificates management, creation and verification of signatures, and various network security protocols. This paper also describes the properties extensibility, flexibility, abstraction, and compatibility of the Java Security Provider.

Keywords

Java; cryptography; digital signatures; Java applications; asymmetric key cryptography; certificates management; encapsulation methods; generic security provider; hashing; security protocols; security services; signature creation; signature verification; symmetric key cryptography; Application software; Authentication; Computer security; Decision support systems; Encapsulation; Java; Packaging; Protocols; Public key cryptography; Sun;

fLanguage

English

Publisher

ieee

Conference_Titel

Internet Technology and Secured Transactions, 2009. ICITST 2009. International Conference for

Conference_Location

London

Print_ISBN

978-1-4244-5647-5

Type

conf

DOI

10.1109/ICITST.2009.5402592

Filename

5402592