5.4 Transport layer security protocols


5.4    Transport layer security protocols

Again, the idea of having a standardized transport layer security protocol is not new, and several protocols had been proposed before the IETF TLS WG even started to meet:

  • The security protocol 4 (SP4) is a transport layer security protocol that was developed by the NSA and NIST as part of the secure data network system (SDNS) suite of security protocols [58].

  • The transport layer security protocol (TLSP) was developed and standardized by the International Organization for Standardization (ISO) [59].

  • Matt Blaze and Steven Bellovin from AT&T Bell Laboratories developed an encrypted session manager (ESM) software package that operates at the transport layer [60].

In Internet application programming, it is common to use a generalized interprocess communications facility (IPC) to work with different transport layer protocols. Two popular IPC interfaces are BSD sockets and the transport layer interface (TLI), found on System V UNIX derivates. One idea that comes to mind first when trying to provide security services for TCP/IP applications is to enhance an IPC interface such as BSD sockets with the ability to authenticate peer entities, to exchange secret keys, and to use these keys to authenticate and encrypt data streams transmitted between the communicating peer entities. Netscape Communications Corporation followed this approach when it specified a secure sockets layer (SSL) and a corresponding SSL Protocol. The idea was later adopted by the IETF transport layer security (TLS) WG that is tasked to develop a security protocol for the transport layer. Due to their importance on the marketplace for network security solutions, we address the SSL and TLS protocols separately in the following chapter.




Security Technologies for the World Wide Web
Security Technologies for the World Wide Web, Second Edition
ISBN: 1580533485
EAN: 2147483647
Year: 2003
Pages: 142
Authors: Rolf Oppliger

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net