7th USENIX Security Symposium, San Antonio, Texas
A Java Beans Component Architecture for Cryptographic Protocols
Pekka Nikander and Arto Karila
Helsinki University of Technology
Abstract
Global networking has brought with it both new opportunities
and new security threats on a worldwide scale.
Since the Internet is inherently insecure, secure cryptographic
protocols and a public key infrastructure are
needed. In this paper we introduce a protocol component
architecture that is well suited for the implementation
of telecommunications protocols in general and
cryptographic protocols in particular. Our implementation
framework is based on the Java programming language
and the Conduits+ protocol framework. It
complies with the Beans architecture and security API
of JDK 1.1, allowing its users to implement application
specific secure protocols with relative ease. Furthermore,
these protocols can be safely downloaded through
the Internet and run on virtually any workstation
equipped with a Java capable browser *. The framework
has been implemented and tested in practice with a variety
of cryptographic protocols. The framework is relatively
independent of the actual cryptosystems used and
relies on the Java 1.1 public key security API. Future
work will include Java 1.2 support, and utilization of a
graphical Beans editor to further ease the work of the
protocol composer.
- View the full text of this paper in
PDF form.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.
|