Using SESAME´s GSS-API to add security to Unix applications

Author

Ashley, Paul ; Rutherford, Mark ; Vandenwauver, Mark ; Boving, Sebastien

Author_Institution

Inf. Security Res. Center, Queensland Univ. of Technol., Brisbane, Qld., Australia

fYear

1998

fDate

17-19 Jun 1998

Firstpage

359

Lastpage

364

Abstract

SESAME is a security architecture that starts from the Kerberos protocol and adds to it public-key based authentication, role based access control, delegation of rights and an extensive auditing facility. SESAME provides the GSS-API for securing applications and the paper describes the authors´ efforts in securing some of the most important Unix applications using SESAME: telnet, the BSD rtools and the remote procedure call. They have found the benefit of using SESAME is that the applications are secured in a uniform manner, additional security services are provided to the applications that are unavailable with other architectures, and the impact of SESAME on the application performance is not excessive

Keywords

Unix; access protocols; application program interfaces; auditing; authorisation; public key cryptography; remote procedure calls; BSD rtools; Kerberos protocol; SESAME GSS-API; Unix application security; auditing facility; public-key based authentication; remote procedure call; rights delegation; role based access control; security architecture; telnet; Access control; Access protocols; Application software; Authentication; Computer aided manufacturing; Data communication; Data security; Electrical capacitance tomography; Information security; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Enabling Technologies: Infrastructure for Collaborative Enterprises, 1998. (WET ICE '98) Proceedings., Seventh IEEE International Workshops on

Conference_Location

Stanford, CA

Print_ISBN

0-8186-8751-7

Type

conf

DOI

10.1109/ENABL.1998.725718

Filename

725718