Secure Network Programming: Difference between revisions

<!-- This page uses text copied from http://www.cs.utexas.edu/users/lam/NRL/SSL.html but that page now carries CC and GNU licences compatible with Wikipedia -->

 

This work began in 1991 as a theoretical investigation by the Networking Research Laboratory on the formal meaning of a protocol layer satisfying an upper interface specification as a service provider and a lower interface specification as a service consumer <ref>{{cite journal |last1=Lam |first1=Simon |last2=Shankar |first2=Udaya |title=A Theory of Interfaces and Modules I — Composition Theorem |journal=IEEE Transactions on Software Engineering |date=January 1994 |volume=20 |url=https://dl.acm.org/citation.cfm?id=631099 |accessdate=21 July 2019}}</ref>. The Networking Research Laboratory received a grant from the National Security Agency in June 1991 to investigate how to apply their theory of modules and interfaces to security verification. At that time, there were three well-known authentication systems built (MIT's [[Kerberos_(protocol)|Kerberos]]) or being developed (DEC's SPX and IBM's KryptoKnight). All of these systems suffered from a common drawback, namely, they did not export a clean and easy-to-use interface that could be readily used by Internet applications. For example, it would take a tremendous amount of effort to “kerberize” an existing distributed application.