Common Data Security Architecture (CDSA) White Paper
Chapter 1 15
Common Data Security Architecture (CDSA) White Paper
What Is CDSA?
Figure 1-3 Example of CDSA APIs Used for Applications vs. Shared
Libraries
CDSA in the Context of Other Security Applications
Growth of Internet traffic and the proliferation of e-commerce opportunities have prompted
HP to offer the CDSA functionality freely for use by customers who develop and deploy
security applications. The increased need for Internet security features creates an
opportunity that CDSA functionality can serve well.
While CDSA provides the raw building-blocks for doing cryptography, for an application to be
secure may require use of other, higher-level set of protocols (among them, SSL, S/MIME,
PGP, or SET). These protocols not only provide a higher level structuring for the results of
primitive cryptographic operations, but also ensure cryptographic interoperability between
differing platforms. Thus, when Internet applications developers field their products, they
might employ the SSL or S/MIME protocols to ensure interoperability between different
applications. Broadly speaking, these high-level security protocols safeguard the
transmission of e-commerce information and serve as defacto standards of secure
communication.
The following figure shows CDSA with higher-level protocols and user applications.
Common Security Services Manager (CSSM) APIs
Certificate
Library (CL)
Shared Library
Applications
Use CSSM_CL* APIs for developing applications using the
Use CL_* APIs for developing CL add-in modules
CL shared library