COMPARATIVE ANALYSIS OF SECURITY APPLICATION PROGRAMMING INTERFACES

PDF

Authors
  1. Debbabi, M.
  2. Massicotte, A.F.
  3. Mejri, M.
  4. Chambaz, H.
Corporate Authors
Defence Research Establishment Valcartier, Valcartier QUE (CAN);Laval Univ, Ste-Foy QUE (CAN) Dept of Computer Science
Abstract
Security is becoming an increasingly important issue in computing, due to the incredible expansion of concurrent and distributed systems such as databases. World Wide Web, electronic mail and commerce, etc. In such contexts, information must be protected against mystification, destruction and disclosure. Accordingly, a great deal of interest has been expressed in the development and use of security computer solutions. Such solutions are based on cryptography. Cryptography is the science of securing information. It is based on a set of techniques, which involve a tansformation from clear or intelligible text to an encrypted or ciphered text. A surge of interest has been expressed in the development of cryptographic software packages or the so-called cryptographic APIs. An API (Applications Programming Interface) is a syntactically well-defined library that is accessible from application program user code to provide well-defined functionality. A cryptographic application programming interface (CAPI) is an API specifically designed to support the introduction of cryptographic functions into products for security purposes. The main intent of this work is twofold: First, we aim to elaborate a hierarchy of criteria that could be used to evaluate CAPIs. Second, the intention is to carry out an evaluation case study on three major CAPIs, namely, Microsoft CryptoAPI, Entrust Tookit and JavaSoft Security API.
Keywords
Cryptography;Application Programming Interfaces (API);Microsoft Cryptiapi;Entrust/Toolkits;Java Security API
Report Number
DREV-CR-1999-052 — Contract Research Report
Date of publication
01 Mar 1999
Number of Pages
56
DSTKIM No
99-00776
CANDIS No
510813
Format(s):
Hardcopy;Document Image stored on Optical Disk

Permanent link

Document 1 of 1

Date modified: