Implementation of SSL Using Information Security Component Interface

Various security APIs (Application Programming Interfaces) are being used in a variety of application areas requiring the information security function. However, these standards are not compatible, and the developer must use those APIs selectively depending on the application environment or the programming language. To resolve this problem, we propose the standard draft of the information security component, while SSL (Secure Sockets Layer) using the confidentiality and integrity component interface has been implemented to verify validity of the standard proposal. The implemented SSL uses the lower-level SSL component when establishing the RMI (Remote Method Invocation) communication between components, as if the security algorithm had been implemented by adding one more layer on the TCP/IP.

Authors:

• Jong-Whoi Shin
• Chong-Sun Hwang

Keywords:

• Component Based Design
• Application Programming Interface
• Secure Socket Layer
• Remote Method Invocation.

References:

[1] ISO 7498-2,"Information processing systems - Open Systems
Interconnection - Basic Reference Model - Part 2: Security Architecture",
1989.
[2] OMG Laboratories, "OMG IDL Syntax and Semantics", OMG, July 2002.
[3] SUN, http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Security.html
[4] Y.R.Choi and S.J.Park, "Study on standardization of information security
component framework interface", KISA, Dec.2002.
[5] ETRI, "The standard of Open GIS interface for CORBA", TTA, Feb.
2002.