Authors: Abdul Ghafoor Abbasi, Sead Muftic, Gernot Schmolzer
Addresses: NUST School of Electrical Engineering and Computer Science, Sector H-12, Islamabad, Pakistan. ' Communication Systems, School of Information Communication and Technology, The Royal Institute of Technology, Borgarfjordsgatan 15, SE-164 40, Kista, Sweden. ' Communication Systems, School of Information Communication and Technology, The Royal Institute of Technology, Borgarfjordsgatan 15, SE-164 40, Kista, Sweden
Abstract: The model and design of a generic security provider provides a comprehensive set of security services, mechanisms, encapsulation methods, and security protocols for Java applications. The model is structured in four layers; each layer provides services to the upper layer and the top layer provide services to applications. The services reflect security requirements derived from a wide range of applications; from small desktop applications to large distributed enterprise environments. Based on the abstract model, this paper describes design and implementation of an instance of the provider comprising various generic security modules: symmetric key cryptography, asymmetric key cryptography, hashing, encapsulation, certificates management, creation and verification of signatures, and various network security protocols. This paper also describes the properties for extensibility, flexibility, abstraction, and compatibility of the Java security provider.
Keywords: security objects; abstract models; Java security providers; eclipse plug-ins; security interfaces; security protocols; security components; key cryptography; hashing; encapsulation; certificates management; signature verification; network security.
International Journal of Internet Technology and Secured Transactions, 2010 Vol.2 No.3/4, pp.321 - 335
Published online: 06 Dec 2010 *Full-text access for editors Access for subscribers Purchase this article Comment on this article