Integrating Network Cryptography into the Operating System

Author

Gabrielson, Anthony ; Levkowitz, Haim

Author_Institution

Dept. of Comput. Sci., Univ. of Massachusetts - Lowell, Lowell, MA, USA

fYear

2012

fDate

20-22 June 2012

Firstpage

7

Lastpage

11

Abstract

Cryptography libraries are inflexible and difficult for developers to integrate with their applications. These difficulties may be contributing to applications, like PGP, that are non-intuitive for end-users and are often used improperly or not at all. In this paper we argue that the best place for cryptography to be implemented is at the Operating System level rather than the current application-layer approach. We introduce and define a new general-purpose network cryptography library that integrates directly with the Operating System. This capability is flexible and easy to adopt because it can be used with the sockets interface, which developers are already familiar with, in addition to creating a general cryptography library that can be used in non-network situations. This technology will allow developers to focus on application usability rather than struggle with the learning curve required to properly use a specific cryptography library as required by current practices.

Keywords

cryptography; operating systems (computers); software libraries; PGP; application-layer approach; cryptography libraries; general-purpose network cryptography library; operating system; sockets interface; Internet; Libraries; Protocols; Public key; Servers; Mobile and Cloud Computing; Operating System Security and Reliability; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Security and Reliability Companion (SERE-C), 2012 IEEE Sixth International Conference on

Conference_Location

Gaithersburg, MD

Print_ISBN

978-1-4673-2670-4

Type

conf

DOI

10.1109/SERE-C.2012.27

Filename

6258438