skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: The Generalized Security Framework

Abstract

The Generalized Security Framework (GSF) consists of a set of libraries, classes, and tools that provide developers with the ability to easily secure distributed applications and collaborative environments. The GSF uses and enhances the Generic Security Services API (GSSAPI) to provide authentication, authorization, data protection, delegation, and auditing. It currently works with either DCE or Kerberos as the underlying security mechanism, and it has been designed so support for PKI can be easily added in the future. DCE/Kerberos is a scaleable, mature, robust security infrastructure embraced and accredited throughout the Nuclear Weapons Complex (NWC) for a secure collaborative modeling and simulation environment. The goal of the GSF is to provide a common security foundation that can be applied and extended to create secure distributed applications, independent of the communications protocol. The GSF provides a number of extensions that embed GSF security in specific remote communication APIs, such as Java sockets and Java RMI. The extensions have been designed and implemented in such a manner as to require minimum changes to application code in order to move from an unsecure application to a secure application. The advantage of this approach is that security can be enforced reliably and consistently since verymore » little is required of the application developer. In this paper, the authors describe the goals, design, and implementation of the Generalized Security Framework.« less

Authors:
; ;
Publication Date:
Research Org.:
Sandia National Labs., Albuquerque, NM (US); Sandia National Labs., Livermore, CA (US)
Sponsoring Org.:
US Department of Energy (US)
OSTI Identifier:
784196
Report Number(s):
SAND2001-8338
TRN: AH200129%%105
DOE Contract Number:
AC04-94AL85000
Resource Type:
Technical Report
Resource Relation:
Other Information: PBD: 1 Jun 2001
Country of Publication:
United States
Language:
English
Subject:
45 MILITARY TECHNOLOGY, WEAPONRY, AND NATIONAL DEFENSE; COMMUNICATIONS; DESIGN; IMPLEMENTATION; NUCLEAR WEAPONS; SECURITY; SIMULATION

Citation Formats

Richard J. Detry, Stephen D. Kleban, and Patrick C. Moore. The Generalized Security Framework. United States: N. p., 2001. Web. doi:10.2172/784196.
Richard J. Detry, Stephen D. Kleban, & Patrick C. Moore. The Generalized Security Framework. United States. doi:10.2172/784196.
Richard J. Detry, Stephen D. Kleban, and Patrick C. Moore. Fri . "The Generalized Security Framework". United States. doi:10.2172/784196. https://www.osti.gov/servlets/purl/784196.
@article{osti_784196,
title = {The Generalized Security Framework},
author = {Richard J. Detry and Stephen D. Kleban and Patrick C. Moore},
abstractNote = {The Generalized Security Framework (GSF) consists of a set of libraries, classes, and tools that provide developers with the ability to easily secure distributed applications and collaborative environments. The GSF uses and enhances the Generic Security Services API (GSSAPI) to provide authentication, authorization, data protection, delegation, and auditing. It currently works with either DCE or Kerberos as the underlying security mechanism, and it has been designed so support for PKI can be easily added in the future. DCE/Kerberos is a scaleable, mature, robust security infrastructure embraced and accredited throughout the Nuclear Weapons Complex (NWC) for a secure collaborative modeling and simulation environment. The goal of the GSF is to provide a common security foundation that can be applied and extended to create secure distributed applications, independent of the communications protocol. The GSF provides a number of extensions that embed GSF security in specific remote communication APIs, such as Java sockets and Java RMI. The extensions have been designed and implemented in such a manner as to require minimum changes to application code in order to move from an unsecure application to a secure application. The advantage of this approach is that security can be enforced reliably and consistently since very little is required of the application developer. In this paper, the authors describe the goals, design, and implementation of the Generalized Security Framework.},
doi = {10.2172/784196},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Fri Jun 01 00:00:00 EDT 2001},
month = {Fri Jun 01 00:00:00 EDT 2001}
}

Technical Report:

Save / Share: