Abstract
The Cipress system provides security enhancements for general purpose operating systems by adding kernel level functionality for cryptographic and steganographic operations and keeping both users and application programs unmolested as far as possible. This paper describes the transparent network filtering and encryption mechanisms used in the Microsoft Windows NT implementation that allow integrated access and use control over confidential or otherwise restricted data at client systems.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35413-2_36
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Andersen, D. B. (1997a). Windows Sockets 2 Application Provider Interface. Technical report, Intel Corp. Version 2.2. 1.
Andersen, D. B. (1997b). Windows Sockets 2 Service Provider Interface. Technical report, Intel Corp. Version 2.2. 1.
Busch, C., Funk, W., and Wolthusen, S. (1999). Digital watermarking: From concepts to real-time video applications. IEEE Computer Graphics and Applications, 19 (1): 25–35.
Busch, C., Graf, F., Wolthusen, S., and Zeidler, A. (2000). A system for intellectual property protection. In Proceedings of the World Multiconference on Systemics, Cybernetics, and Informatics (SCI 2000) /Int’l Conf on Information Systems Analysis and Synthesis (ISAS 2000), Orlando, FL, pages 225–230.
Butterklee, B., Hua, W., and Ohlund, J. (1999). Unraveling the Mysteries of Writing a Winsock 2 Layered Service Provider. Microsoft System Journal.
Computer Security Institute (2000). 2000 Computer Crime and Security Survey. Federal Bureau of Investigation Computer Intrusion Squad.
Dierks, T. and Allen, C. (1999). RFC 2246: The TLS Protocol Version 1. 0.
Frier, A., Karlton, P., and Kocher, P. (1996). The Secure Socket Layer (SSL) 3. 0 Protocol. Technical report, Netscape Communications Corp.
Jones, M. B. (1993). Interposition agents: Transparently interposing user code at the system interface. In Liskov, B., editor, Proceedings of the 14th Symposium on Operating Systems Principles, pages 80–93, New York, NY, USA. ACM Press.
McKusick, M. K., Bostic, K., Karels, M. J., and Quarterman, J. S. (1996). The Design and Implementation of the 4.4 BSD UNIX Operating System. Addison-Wesley. Publishing Company.
National Institute for Standards and Technology (U. S.) (1995). Secure Hash Standard (SHA). Federal information processing standards publication 1801, NIST, Gaithersburg, MD, USA.
National Institute of Standards and Technology (U. S.) (1994). Data Encryption Standard (DES). Federal information processing standards publication 46–2, NIST, Gaithersburg, MD, USA. Supersedes FIPS PUB 46–1–1988 January 22.
Reynolds, F. and Heller, J. (1991). Kernel support for network protocol servers. In USENIX, editor, Proceedings of the USENIX Mach Symposium: November 20 22, 1991, Monterey, California, USA, pages 149–162, Berkeley, CA, USA. USENIX.
Snider, L. B. and Seikaly, D. S. (2000). Report on Investigation: Improper Handling of Classified Information by John M. Deutch. Central Intelligence Agency Inspector General Report 1998–0028-IG. Unclassified, FOUO.
Solomon, D. (1998). Inside Windows NT. Microsoft Press, Bellevue, WA, USA, 2nd edition.
Solomon, D. and Russinovich, M. (2000). Inside Windows 2000. Microsoft Press, Bellevue, WA, USA, 3rd edition.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Rademer, E., Wolthusen, S.D. (2001). Transparent Access to Encrypted Data Using Operating System Network Stack Extensions. In: Steinmetz, R., Dittman, J., Steinebach, M. (eds) Communications and Multimedia Security Issues of the New Century. IFIP — The International Federation for Information Processing, vol 64. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35413-2_19
Download citation
DOI: https://doi.org/10.1007/978-0-387-35413-2_19
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-4811-6
Online ISBN: 978-0-387-35413-2
eBook Packages: Springer Book Archive