SSONET - Secure TCP-IP Connections Library
Overview
The library can be used to establish secure TCP-IP connections
between two partners, client and server.
Therefore a socket interface similar to the standard Java socket
interface is used.
It only differs from that in the socket constructor, which needs
an additional
SSONETContext -object as a parameter.
The SSONETContext contains a security configuration for the
socket and it registers callback-methods, which are needed
during the connection establishment protocol.
Connection establishment protocol
Connection establishment includes the following steps:
- The client opens a TCP-IP connection to the server, either
directly, if no client-anonymity is required, or through
a (anonymizing) proxy, if client anonymity is required.
- Negotiation about the security goals, which client and
server want to enforce.
- Exchange of clients and servers (pseudonymous)
certificates.
- Negotiation about security mechanisms to use and
their parameters (key length, ...)
- Initialization of the security mechanisms and key
exchange.
Here you can see a diagram of the connection establishment
protocol:
For further details please refer to the
source documentation
and the sourcecode itself.
How to implement client and server
Please look at the
documentation and the sourcecode
of the example in org.ssonet.examples.net . The classes
testClient and testServer implement the minimal
requirements of a client and server using SSONET.
|