Secure Network Programming
This article may meet Wikipedia's criteria for speedy deletion as a copyright infringement(Copyvios report) of http://www.cs.utexas.edu/users/lam/NRL/SSL.html (Copyvios report). This criterion applies only in unequivocal cases, where there is no free-content material on the page worth saving and no later edits requiring attribution – for more complicated situations, see Wikipedia:Copyright violations. See CSD G12.
If this article does not meet the criteria for speedy deletion, or you intend to fix it, please remove this notice, but do not remove this notice from pages that you have created yourself. If you created this page and you disagree with the given reason for deletion, you can click the button below and leave a message explaining why you believe it should not be deleted. You can also visit the talk page to check if you have received a response to your message. Note that this article may be deleted at any time if it unquestionably meets the speedy deletion criteria, or if an explanation posted to the talk page is found to be insufficient. Note to administrators: this article has content on its talk page which should be checked before deletion. Note to administrators: If declining the request due to not meeting the criteria please consider whether there are still copyright problems with the page and if so, see these instructions for cleanup, or list it at Wikipedia:Copyright problems. Please be sure that the source of the alleged copyright violation is not itself a Wikipedia mirror. Also, ensure the submitter of this page has been notified about our copyright policy.Administrators: check links, talk, history (last), and logs before deletion. Consider checking Google. This page was last edited by CAPTAIN RAJU (contribs | logs) at 05:38, 21 July 2019 (UTC) (5 years ago) |
Secure Network Programming (SNP) is a prototype of the first secure sockets layer, designed and built by the Networking Research Laboratory at the University of Texas at Austin, led by Simon S. Lam. This work was published in the 1994 USENIX Summer Technical conference [1]. For this project, the authors won the 2004 ACM Software System Award.
This work began in 1991 as a theoretical investigation by the Networking Research Laboratory on the formal meaning of a protocol layer satisfying an upper interface specification as a service provider and a lower interface specification as a service consumer [2]. The Networking Research Laboratory received a grant from the National Security Agency in June 1991 to investigate how to apply our theory of modules and interfaces to security verification [3]. At that time, there were three well-known authentication systems built (MIT's Kerberos) or being developed (DEC's SPX and IBM's KryptoKnight). All of these systems suffered from a common drawback, namely, they did not export a clean and easy-to-use interface that could be readily used by Internet applications. For example, it would take a tremendous amount of effort to “kerberize” an existing distributed application.
Toward the goal of "secure network programming for the masses," the inventors of SNP conceived secure sockets as a high-level abstraction suitable for securing Internet applications. In 1993, they designed and built a prototype of SNP. Designed as an application sublayer on top of sockets, SNP provides a user interface closely resembling sockets. This resemblance was by design so that security could be retrofitted into existing socket programs with only minor modifications. Also, with such a sublayer carefully designed and its implementation thoroughly debugged, it can be easily used by any Internet application that uses sockets for end-to-end communications. This is a natural idea in hindsight but, in 1993, it was novel and a major departure from mainstream network security research at that time.
SNP's secure sockets support both stream and datagram semantics with security guarantees (i.e., data origin authenticity, data destination authenticity, data integrity, and data confidentiality.) Many of the ideas and design choices in SNP can be found in subsequent secure sockets layers, including: placing authenticated communication endpoints in the application layer, use of public key cryptography for authentication, a handshake protocol for establishing session state including a shared secret, use of symmetric key cryptography for data confidentiality, and managing contexts and credentials in the secure sockets layer.
The paper presented on June 8, 1994 at the USENIX Summer Technical Conference [1] includes the system design together with performance measurement results from the prototype implementation to clearly demonstrate the practicality of a secure sockets layer.
SNP invented secure sockets for Internet applications in general, independently and concurrently with the design and development of the HTTP protocol for the world-wide web which was still in its infancy in 1993. Subsequent secure sockets layers (SSL by Netscape and TLS by IETF), re-implemented several years later using key ideas first presented in SNP, enabled secure e-commerce between browsers and servers. Today, many Internet applications (including email) use HTTPS which consists of HTTP running over a secure sockets layer.
- ^ a b Woo, Thomas; Bindignavle, Raghuram; Su, Shaowen; Lam, Simon (June 1994). "SNP: An Interface for Secure Network Programming" (PDF). Proceedings USENIX Summer Technical Conference. Retrieved 21 July 2019.
- ^ Lam, Simon; Shankar, Udaya (January 1994). "A Theory of Interfaces and Modules I — Composition Theorem". IEEE Transactions on Software Engineering. 20. Retrieved 21 July 2019.
- ^ "A brief history of the first secure sockets layer". Retrieved 21 July 2019.