skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: The Generalized Security Framework

Technical Report ·
DOI:https://doi.org/10.2172/784196· OSTI ID:784196
; ;

The Generalized Security Framework (GSF) consists of a set of libraries, classes, and tools that provide developers with the ability to easily secure distributed applications and collaborative environments. The GSF uses and enhances the Generic Security Services API (GSSAPI) to provide authentication, authorization, data protection, delegation, and auditing. It currently works with either DCE or Kerberos as the underlying security mechanism, and it has been designed so support for PKI can be easily added in the future. DCE/Kerberos is a scaleable, mature, robust security infrastructure embraced and accredited throughout the Nuclear Weapons Complex (NWC) for a secure collaborative modeling and simulation environment. The goal of the GSF is to provide a common security foundation that can be applied and extended to create secure distributed applications, independent of the communications protocol. The GSF provides a number of extensions that embed GSF security in specific remote communication APIs, such as Java sockets and Java RMI. The extensions have been designed and implemented in such a manner as to require minimum changes to application code in order to move from an unsecure application to a secure application. The advantage of this approach is that security can be enforced reliably and consistently since very little is required of the application developer. In this paper, the authors describe the goals, design, and implementation of the Generalized Security Framework.

Research Organization:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Sandia National Lab. (SNL-CA), Livermore, CA (United States)
Sponsoring Organization:
US Department of Energy (US)
DOE Contract Number:
AC04-94AL85000
OSTI ID:
784196
Report Number(s):
SAND2001-8338; TRN: AH200129%%105
Resource Relation:
Other Information: PBD: 1 Jun 2001
Country of Publication:
United States
Language:
English

Similar Records

Evolving the Web-Based Distributed SI/PDO Architecture for High-Performance Visualization
Conference · Wed Aug 16 00:00:00 EDT 2000 · OSTI ID:784196
+2 more
LBNL SecureMessaging
Software · Mon Mar 17 00:00:00 EST 2003 · OSTI ID:784196
Security Technologies for Open Networking Environments (STONE)
Technical Report · Thu Mar 31 00:00:00 EST 2005 · OSTI ID:784196

Related Subjects

45 MILITARY TECHNOLOGY, WEAPONRY, AND NATIONAL DEFENSE
COMMUNICATIONS
DESIGN
IMPLEMENTATION
NUCLEAR WEAPONS
SECURITY
SIMULATION