Common Data Security Architecture (CDSA) White Paper
16 Chapter1
Common Data Security Architecture (CDSA) White Paper
What Is CDSA?
Figure 1-4 CDSA, shown relative to higher-level protocols and user
applications
The first protocol to have developed widespread use is called Secure Sockets Layer (SSL),
which runs on top of TCP/IP and provides security for web browsers and servers.
Another protocol, called Secure Multipurpose Internet Mail Extensions (S/MIME), is used to
safeguard email over the Internet. MIME extended the email specification, so that other data
types, such as graphics and files created using word-processing programs, can be included in
email messages. S/MIME provides privacy, authentication, and integrity services for Internet
email messaging.
Pretty Good Privacy (PGP) is another protocol that uses cryptographic techniques for doing
security messaging.
Secure Electronic Transactions (SET) is a protocol designed to protect transfer of credit-card
information over the Internet. It is a standard being promoted by VISA and MasterCard.
The above protocols make use of some subset of the thirteen Public-Key Cryptography
Standards (PKCS). These standards address RSA encryption, password-based encryption,
and extended certificate syntax. One of the key benefits of PKCS is that the standards
Common Security Services Manager (CSSM) APIs
Trust Policy
Manager
and
Interface
Trust
Policy
Library
(TP)
Data Storage
Library
Manager
and
Interface
Data
Storage
Library
(DL)
Certificate
Library
Manager
and
Interface
Certificate
Library
(CL)
Crypotgraphy
Services
Manager
and
Interface
Cryptography
Services
Provider
(CSP)
End User Applications
Higher-Level Security Protocols (PKCS, SSL, S/MIME, IPSEC, SET, et al.)