Abstract
We describe a new approach and system platform for enabling multilateral security in distributed applications. The major goal is to support users configuring their end systems and to negotiate among security requirements of different users with heterogeneous roles. Typical security features such as confidentiality or integrity of transmitted data are presented to the user at different levels of abstraction based on an inheritance hierarchy, according to his background knowledge and experiences. The system platform is implemented in Java, with distributed interaction based on Java RMI (Remote Method Invocation). It enables flexible integration of existing security libraries and facilities. As a validation example, we present a teleshopping scenario that has been realized using the support platform.
This research is sponsored by the German Ministry of Education, Science, Research and Technology (BMBF).
Chapter PDF
References
David Chaum: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM 24/2 (1981) 84–88
Security, Transactions,...and More, 97-07-04 See: http://www.omg.org/corba/sectran1.htm
Cryptix — Cryptographic extensions for Java. See: http://www.systemics.com/software/cryptix-java/index.html
Open Software Foundation: Introduction to OSF TM DCE. Prentice Hall, Englew. Cliffs, 1992. Ecash DigiCash: Solutions for Security and Privacy. See: http://www.digicash.com/index_e.html
M. Gehrke: Eine Sicherheitsarchitektur für kooperative und offene Umgebungen. Dissertation. Berichte der GMD Nr. 239, R. Oldenbourg Verlag, 1994 Java_97 Java Security, 19.11.97. See: http://www.javasoft.com/security/
A. Krannig: „PLASMA — Platform for Secure Multimedia Applications“. Proceedings: Communications and Multimedia Security II, Essen, 1996
G. Müller, A. Pfitzmann (Hrsg.): Mehrseitige Sicherheit in der Kommunikationstechnik: Komponenten, Verfahren, Integration. Addison Wesley, Bonn 1997.
Platform for Secure Multimedia Applications“. In: DeTeBerkom: Security — a Cornerstone of the Information Society See: http://www.deteberkom.de/projekte/texte/Sec.eng.html
The SSL Protocol, Version 3.0, 03/1996; See: http://home.netscape.com/engl/ssl3/3-SPEC.HTM
S. Staamann, U. Wilhelm: CORBA as the Core of the TINA-DPE: A View from the Security Perspective. Object World Frankfurt '97, special track Distributed Object Computing in Telecommunications (DOCT'97), Frankfurt a.M., Germany, October 7–10, 1997.
E. Wiewall: „Secure Your Applications with the Microsoft CryptoAPI”. In: Microsoft Developer Network News, 5 (1996) 3/4, 1
G. Wilhelm, S. Staamann, G. Wolf, J. Zöllner: “Sicherheit in CORBA und TINA”. In: G. Müller, A. Pfitzmann (Hrsg.): Mehrseitige Sicherheit in der Kommunikationstechnik: Komponenten, Verfahren, Integration. Addison Wesley, Bonn 1997.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pfitzmann, A., Schill, A., Westfeld, A., Wicke, G., Wolf, G., Zöllner, J. (1998). A Java-based distributed platform for multilateral security. In: Lamersdorf, W., Merz, M. (eds) Trends in Distributed Systems for Electronic Commerce. TREC 1998. Lecture Notes in Computer Science, vol 1402. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0053401
Download citation
DOI: https://doi.org/10.1007/BFb0053401
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64564-1
Online ISBN: 978-3-540-69433-5
eBook Packages: Springer Book Archive