Look for
Close this search box.

Tool for Automatic Generation of Communications Security Infrastructure using Java

General Objective: This project intends to develop an automatic system for the management and creation of security infrastructure for the development of security code in Java. The tool to be developed pretends to be an aid in the task of codifying the source code of secure applications, reducing the cost of development tasks.

Specific objectives:

  • Automatic Certificate Generation System (S:A:G:C): This system to be developed will allow us to build digital certificates and associated private and public keys that, identifying a user or entity, will form part of the basic security infrastructure that we are going to need. when implementing distributed applications. The system to be built will automatically sign user certificates by a Certification Authority. The implementation of this module will be the basis for the development of the other modules. Specifically, this project proposes the development of a JNI (Java Native Interface) gateway for access from Java to OpenSSL cryptographic functions not provided in the JCE library of the Java Virtual Machine without the need to resort to an external provider. In this way we achieve that from a Java project we can create a user certificate signed by the certification authority and in this way we can use the OpenSSL certificate management infrastructure.
  • Automatic Store Generation System: An automatic system will be developed that from Java will allow the generation of security stores necessary in security applications, be it client-server-SSL applications or signature generation and/or verification applications, applications for secure access to databases. Data etc Normally the generation of security stores is done manually with the "keytool" tool that is part of the distribution of the java virtual machine. However, in this project it is proposed to create these stores automatically from the certificate and key files generated by the automatic certificate and key generation system. The number and type of warehouses will be different depending on the type of entity or application. Our system will be able to adapt to the specific application and generate the appropriate files automatically.
  • Base Code Generator System: This system will automatically generate the basic structure of the source code of security applications such as SSL clients/servers, secure access to Databases or document signature/verification applications. This system will also collect the files generated in the automatic store generation system and/or even the keys generated from the automatic certificate and key generation system and will join them with the generated source code in order to compile the application externally and obtain the final code. executable.

Participating Institutions:

EPN, UPS, UTA.

Participants:

  • Franklin Sanchez Catota
  • Jose Antonio Estrada
  • Daniel Giovanny Diaz Ortiz
  • Franklin Oswaldo Mayorga Mayorga

Awarded budget: $42000

Project status: