Site home page
(news and notices)

Get alerts when Linktionary is updated

Book updates and addendums

Get info about the Encyclopedia of Networking and Telecommunicatons, 3rd edition (2001)

Download the electronic version of the Encyclopedia of Networking, 2nd edition (1996). It's free!

Contribute to this site

Electronic licensing info

 

  

CDSA (Common Data Security Architecture)

Related Entries    Web Links    New/Updated Information

  
Search Linktionary (powered by FreeFind)

Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.

CDSA is essentially security middleware. It is a specification of The Open Group that provides a set of APIs that independent software developers can use to embed security into desktop and network applications. In particular, CDSA is designed for use in electronic commerce, communications, and content delivery applications.

An important feature of CDSA is its ability to provide the highest level of encryption allowable in the country where it is being used. International companies can use CDSA to comply with the government encryption regulations of the countries they operate in.

The architecture is designed around two themes:

  • Digital certificates are used to identify users and to provide authorization information.

  • Portable digital tokens are used to carry cryptographic keys and perform cryptographic operations.

These themes support data encryption, data integrity (the ability to detect tampering), authenticity (the ability to validate the sender), and nonrepudiation (the ability to prevent a sender from denying that they sent data). CDSA supports X.509 digital certificates, the Digital Signature Algorithm, and LDAP (Lightweight Directory Access Protocol).

The CDSA architecture is multilayered. The bottom service provider modules layer consists of cryptographic service providers, trust model libraries, certificate libraries, data storage libraries, and other yet to be defined services.

The next layer up is the CSSM (Common Security Services Manager) layer, which consists of published APIs that applications use to access security features such as cryptographic operations and certificate management operations. At the top of the system are security services and applications that are usually written in C, C++, and Java.




Copyright (c) 2001 Tom Sheldon and Big Sur Multimedia.
All rights reserved under Pan American and International copyright conventions.