SAcct A free security framework to ease your pain of removing the account passwords from application configuration files
Download

SAcct Ranking & Summary

SAcct Tags

manage account encrypt manage accounts account manager encrypt account info

SAcct Description

A free security framework to ease your pain of removing the account passwords from application configuration files In the Payment Card Industry (PCI), security is always a major concern. A lot of enterprise applications have application passwords hard-coded in configuration files, which are not allowed by the Payment Card Industry Data Security Standard (PCI DSS). SAcct (Smart Account Management) is a Java based lightweight security framework to ease your pain of removing the account passwords from application configuration files.The SAcct server reads in the account information from a secured soft token and acts as an account server. The SAcct client communicates with the SAcct Server over a secured channel to retrieve account passwords on behalf of the application on start-up. Here are some key features of "SAcct": · Lightweight · Use Google Guice as the dependency injection framework for the SAcct Server · Account information are encrypted and stored as a soft token on a carry on device · Utility tools are provided to encrypt and decrypt the soft token · Use the Diffie-Hellman key exchange protocol to derive the session key · The communications between the SAcct Server and the SAcct Client are encrypted by the session key · An One Time Password (OTP) is used to prevent session replay attack · All encryptions use the Advanced Encryption Standard (AES) algorithm · Spring support · Many security utility classes Requirements: · Java

SAcct Related Software