SAcctA free security framework to ease your pain of removing the account passwords from application configuration files | |
Download |
SAcct Ranking & Summary
Advertisement
- License:
- Apache
- Price:
- FREE
- Publisher Name:
- John Jian
- Publisher web site:
- http://code.google.com/u/John.Jian.Fang/
- Operating Systems:
- Mac OS X
- File Size:
- 1.7 MB
SAcct Tags
SAcct Description
A free security framework to ease your pain of removing the account passwords from application configuration files In the Payment Card Industry (PCI), security is always a major concern. A lot of enterprise applications have application passwords hard-coded in configuration files, which are not allowed by the Payment Card Industry Data Security Standard (PCI DSS). SAcct (Smart Account Management) is a Java based lightweight security framework to ease your pain of removing the account passwords from application configuration files.The SAcct server reads in the account information from a secured soft token and acts as an account server. The SAcct client communicates with the SAcct Server over a secured channel to retrieve account passwords on behalf of the application on start-up. Here are some key features of "SAcct": · Lightweight · Use Google Guice as the dependency injection framework for the SAcct Server · Account information are encrypted and stored as a soft token on a carry on device · Utility tools are provided to encrypt and decrypt the soft token · Use the Diffie-Hellman key exchange protocol to derive the session key · The communications between the SAcct Server and the SAcct Client are encrypted by the session key · An One Time Password (OTP) is used to prevent session replay attack · All encryptions use the Advanced Encryption Standard (AES) algorithm · Spring support · Many security utility classes Requirements: · Java
SAcct Related Software