Issues in Developing Security Wrapper Technology for COTS Software Products

Download
  1. (PDF, 300 KB)
AuthorSearch for: ; Search for:
TypeArticle
ConferenceProceedings of the 1st International Conference on COTS-Based Software Systems, February 4-6, 2002., Orlando, Florida, USA
AbstractThe use of Commercial Off-The-Shelf (COTS) software products as components of large-scale systems has become more and more pervasive. One of the interesting questions that has arisen is "Can you build secure applications using insecure components?" We have been investigating ways to protect data that is shared between two or more independent, insecure applications. Our initial attempts to accomplish secure data storage and transfer have been directed toward building data encryption tools that interact with various COTS products. The goal was to test our theory that security wrappers for COTS products are feasible. This paper describes a security wrapper technology that we have implemented for selected (COTS) software products. The technology focuses on interchangeability for COTS software components, portability for the wrapper, and security for communications between applications via the wrapper. By applying this security wrapper technology, one COTS software component to be wrapped can be replaced by another without significantly modifying the wrapper; the wrapper can work with a variety of operating systems; and data can be encrypted and stored temporarily or permanently.
Publication date
LanguageEnglish
AffiliationNRC Institute for Information Technology; National Research Council Canada
Peer reviewedNo
NRC number44924
NPARC number5765688
Export citationExport as RIS
Report a correctionReport a correction
Record identifierd1d7ea65-7bfa-417d-8616-11072a4e2a26
Record created2009-03-29
Record modified2016-05-09
Bookmark and share
  • Share this page with Facebook (Opens in a new window)
  • Share this page with Twitter (Opens in a new window)
  • Share this page with Google+ (Opens in a new window)
  • Share this page with Delicious (Opens in a new window)