Download:
|
by Gustaf Neumann, Stefan Nusser
http://nestroy.wi-inf.uni-essen.de/wafe/Cineast/cinesec-long.ps
Add To MetaCart
Abstract:
This paper presents an architectural framework, which identifies the core services necessary for a secure Internet-based communication and information infrastructure. We show how these services can be realized using existing software packages and new technologies. Then, we turn to the development of security infrastructures using the rapid prototyping environment "Wafe " and the extensible Web browser "Cineast ". We explain how basic operations such as secure transfer and certificate acquisition can be realized and demonstrate the implementation of different certificate verification strategies. Finally, we show how advanced trust management concepts can be developed and tested. Concluding, we present a comparison with the features of other Web browsers and indicate some directions of future research. The goal of this paper is to identify and describe the services necessary to build a secure corporate Intranet and to show how prototypical implementations of these components can be realized to evaluate different approaches and configurations. 1
Citations
|
494
|
Applied Cryptography: Protocols, Algorithms and Source Code in C
– Schneier
- 1995
|
|
323
|
The Official PGP User’s Guide
– Zimmermann
- 1995
|
|
273
|
SDSI: A simple distributed security infrastructure
– Rivest, Lampson
- 1996
|
|
195
|
Tcl: An embeddable Command Language
– Ousterhout
- 1990
|
|
127
|
An X11 toolkit based on the tcl language
– Ousterhout
- 1991
|
|
76
|
Role based access control models
– Sandhu, Coyne, et al.
- 1996
|
|
44
|
The ssl protocol version 3.0. Internet Draft
– Freier, Karlton, et al.
- 1996
|
|
33
|
Internet security: firewalls and beyond
– Oppliger
- 1997
|
|
32
|
Network and Internetwork Security
– Stallings
- 1995
|
|
17
|
Wafe -- An X Toolkit Based Frontend for Application Programs
– Neumann, Nusser
- 1993
|
|
13
|
Young: SSLeay and SSLapps FAQ
– Hudson, A
- 1997
|
|
6
|
Lindblad: Extending Tcl for Dynamic Object-Oriented
– Wetherall, J
- 1995
|
|
3
|
Security concepts for the WWW
– Lipp, Hassler
- 1996
|
|
1
|
Enterprise Security Infrastructure, in
– Maley
- 1996
|
|
1
|
The Netscape Directory Server, product description http://www.netscape.com/comprod/server central/product/directory
– Inc
- 1997
|
|
1
|
Netscape Certificate Specifications, http://home.netscape.com/eng/security/certs.html, Draft by Jeff Weinstein
– Inc
- 1996
|
|
1
|
The Xcert Software Sentry CA, product description http://www.xcert.com/software/sentry/ca
– Inc
- 1997
|
|
1
|
Role Based Security for Distributed Object Systems, in: Proceedings of the Fifth Workshops on Enabling Technologies: Infrastructure for Collaborating Enterprises
– Yialelis, Lupu, et al.
- 1996
|
