Title :
Using SESAME´s GSS-API to add security to Unix applications
Author :
Ashley, Paul ; Rutherford, Mark ; Vandenwauver, Mark ; Boving, Sebastien
Author_Institution :
Inf. Security Res. Center, Queensland Univ. of Technol., Brisbane, Qld., Australia
Abstract :
SESAME is a security architecture that starts from the Kerberos protocol and adds to it public-key based authentication, role based access control, delegation of rights and an extensive auditing facility. SESAME provides the GSS-API for securing applications and the paper describes the authors´ efforts in securing some of the most important Unix applications using SESAME: telnet, the BSD rtools and the remote procedure call. They have found the benefit of using SESAME is that the applications are secured in a uniform manner, additional security services are provided to the applications that are unavailable with other architectures, and the impact of SESAME on the application performance is not excessive
Keywords :
Unix; access protocols; application program interfaces; auditing; authorisation; public key cryptography; remote procedure calls; BSD rtools; Kerberos protocol; SESAME GSS-API; Unix application security; auditing facility; public-key based authentication; remote procedure call; rights delegation; role based access control; security architecture; telnet; Access control; Access protocols; Application software; Authentication; Computer aided manufacturing; Data communication; Data security; Electrical capacitance tomography; Information security; Protection;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises, 1998. (WET ICE '98) Proceedings., Seventh IEEE International Workshops on
Conference_Location :
Stanford, CA
Print_ISBN :
0-8186-8751-7
DOI :
10.1109/ENABL.1998.725718
