Skip to main content

A uniform approach to securing Unix applications using SESAME

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 1998)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1438))

Included in the following conference series:

  • 129 Accesses

Abstract

Existing proposals for adding cryptographic security mechanisms to Unix have secured numerous individual applications, but none provide a comprehensive uniform approach. As a consequence an ad-hoc approach is required to fully secure a Unix environment resulting in a lack of interoperability, duplication of security services, excessive administration and maintenance, and a greater potential for vulnerabilities. SESAME is a comprehensive security architecture, compatible with Kerberos. In particular, SESAME provides single or mutual authentication using either Kerberos or public-key cryptography, confidentiality and integrity protection of data in transit, role based access control, rights delegation, multi-domain support and an auditing service. Because of SESAME's comprehensive range of security services, and because it scales well, SESAME is well suited for securing potentially all Unix applications in a uniform manner.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. P. Ashley. ISRC SESAME Application Development Pages, http://www.fit.qut.edu.au/~ashley/sesame.html.

    Google Scholar 

  2. P. Ashley and B. Broom. Implementation of the SESAME Security Architecture for Linux. In Proceedings of the AUUG Summer Technical Conference, Brisbane, Qld., April 1997.

    Google Scholar 

  3. T. Dierks and C. Allen. The TLS Protocol Version 1.0, November 1997. Internet Draft.

    Google Scholar 

  4. C. Ellison, B. Prantz, R. Rivest, and B. Thomas. Simple Public Key Certificate, April 1997. Internet Draft.

    Google Scholar 

  5. D.F. Ferraiolo and R. Kuhn. Role-Based Access Control. In Proceedings of the 15th NIST-NSA National Computer Security Conference, Baltimore, MD., October 1992.

    Google Scholar 

  6. P. Kaijser, T. Parker, and D. Pinkas. SESAME: The Solution To Security for Open Distributed Systems. Computer Communications, 17(7):501–518, July 1994.

    Article  Google Scholar 

  7. J. Kohl and C. Neuman. The Kerberos Network Authentication Service V5, 1993. RFC1510.

    Google Scholar 

  8. B. Lampson. Protection. ACM Operating Systems Review, 8(1):18–24, 1974.

    Article  Google Scholar 

  9. J. Linn. Generic Security Service Application Program Interface Version 2, 1997. RFC2078.

    Google Scholar 

  10. T. Parker and C. Sundt. Role Based Access Control in Real Systems. In Compsec '95, October 1995.

    Google Scholar 

  11. PGP Inc. Pretty Good Privacy 5.0, Source Code, Sets 1–3. Printers Inc., June 1997.

    Google Scholar 

  12. M. Vandenwauver. The SESAME home page, http://www.esat.kuleuven.ac.be/cosic/sesame.

    Google Scholar 

  13. M. Vandenwauver, R. Govaerts, and J. Vandewalle. How Role Based Access Control is Implemented in SESAME. In Proceedings of the 6-th Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pages 293–298. IEEE Computer Society, 1997.

    Google Scholar 

  14. T. Ylonen, T. Kivinen, and M. Saarinen. SSH Protocol Architecture, October 1997. Internet Draft.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Colin Boyd Ed Dawson

Rights and permissions

Reprints and permissions

Copyright information

© 1998 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ashley, P., Vandenwauver, M., Broom, B. (1998). A uniform approach to securing Unix applications using SESAME. In: Boyd, C., Dawson, E. (eds) Information Security and Privacy. ACISP 1998. Lecture Notes in Computer Science, vol 1438. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0053718

Download citation

  • DOI: https://doi.org/10.1007/BFb0053718

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-64732-4

  • Online ISBN: 978-3-540-69101-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics