Cryptographic Services
Cryptography is the science of encrypting and decrypting data. Cryptography is used toinsure integrity, privacy, and authenticity. Integrity means that the data has not beenaltered. Privacy means that the data is not readable by others. Authenticity fordata means that what was delivered is what was sent. User authentication meansthat the user has supplied one or more proofs of identity. Authentication mechanismsmathematically verify the source of the data or the proof of identity. Encryptionmechanisms scramble data so that the data is not readable by a casualobserver. Cryptographic services provide authentication and encryption mechanisms to applications and users.
Cryptographic Framework – A central framework of cryptographic services for kernel-level and user-level consumers that is based on the following standard: RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki). Uses include passwords, IPsec, and third-party applications. The framework centralizes hardware and software sources for encryption. The PKCS #11 library provides an API for third-party developers to plug in the cryptographic requirements for their applications. See Chapter11, Cryptographic Framework (Overview).
Encryption mechanisms per application –
For the use of DES in Secure RPC, see Overview of Secure RPC.
For the use of DES, 3DES, AES, and ARCFOUR in the Kerberos service, see Chapter19, Introduction to the Kerberos Service.
For the use of RSA, DSA, and ciphers such as AES in Secure Shell, see Chapter15, Using Secure Shell.
For the use of cryptographic algorithms in passwords, see Changing the Default Algorithm for Password Encryption (Tasks).
The Key Management Framework (KMF) provides a central utility for managing public key objects, including policy, keys, and certificates. KMF manages these objects for OpenSSL, NSS, and PKCS #11 public key technologies. See Chapter13, Key Management Framework.
Copyright © 2002, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices |