Cryptoki到CryptoAPI安全生产协议与标准管理.pptx

安全协议与标准;PKCS#11 and more;Overview;-;Background;ka;口令之外;其他生物识别认证技术;抽象：Token;General Cryptoki Model ;Object Hierarchy;Users;Session;Session events;Read-Only Session States ; Read/Write Session States ;Access to Different Types Objects by Different Types of Sessions ;with fork();with multi-thread;Summary of Cryptoki Functions ;Slot and token anagement functions;Session Management Functions;Object management functions;Encryption/Decryption functions;Message digesting functions;Signing and MACing functions;Functions for verifying signatures and MACs;Dual-purpose cryptographic functions;Key management functions;Random number generation functions;Parallel function management Functions;Callback function;Functions detail;Example;Mechanisms: Algorithm;Mechanisms: Protocol;Comparison of Cryptoki and other APIs:GCS-API vs. Cryptoki ;;;;Implementation;Implementation;;Firefox + opencryptoki;NSS;NSS: Proven Application Security Architecture;Build Firefox with NSS;;;PKCS#11 wrappers;;GSS-API by IETF;-compatible interface;GSSAPI tokens;security context;History of the GSS-API;GSS-API in RFC;Key concepts;about 45 procedure calls;Standardize ;GSS Kerberos;Implementation ;Next Generation GSS-API;GCS-API by X/Open;;API;GCS-API implement;CDSA;CDSA标准与规范;four-layer architecture;CDSA：安全体系架构;The CDSAv2.3 is organized into 15 parts;CDSA优缺点;CDSA实现;The Security Forum in X/Open (open group);MS-CAPI;MS-CAPI;CSP;CAPI结构图;CAPI例子程序;Cryptography API: Next Generation (CNG);;DPAPI: Data protection API;DPAPI例子;Data Execution Prevention (DEP);XP：数据执行保护;Linux中的“DEP”, and more;(Open) Cryptographic Libraries;Crypto in Java/JDK/JRE;REF;推荐阅读/实验：OpenSC;Q A