Infrastructure - Full Abstraction Model

 

Working for a leading European Bank, BJSS has developed a security framework, which provides a vendor neutral abstraction layer of the major software suppliers from the security industry. In practice, the layer provides a simple high level API for use by all the bank's applications.

 

The commercial driver behind this initiative is to separate applications developments from the deployment of security policy, thus insulating the banks from costly future technology and/or policy changes.

 

Best of breed vendor products are used to provide PKI, cryptography and secure connectivity (Baltimore Technologies, RSA), authentication (CyberSafe TrustBroker) and authorisation (SecureSoft Access). Authorisation supports fine and coarse grain and transactional models. Other adapters and multiple platforms are scheduled for future releases.

 

PKCS standards are employed to promote a vendor-neutral approach and support of a pluggable architecture to enable future vendor products to be incorporated. The system currently consists of a Java and C++ APIs, developed for Solaris 2.5.1/2.6 and Windows NT 4.

 

Technology: Baltimore PKI/Plus and cryptography services (JCRYPTO and CST), Baltimore JSSL/SSL, GSS C and Java bindings, Kerberos, X.509, PKCS standards #1 through #12, SecureSoft Access, CyberSafe TrustBroker, SecureId, JCA/JCE, XML, XML signing, LDAP, Windows NT 4, Solaris 2.5.1 and 2.6, Java and C++.