These consist of the different protocols and components to be used in addition to certificates and digital signatures.
- Secure Multipurpose Internet Mail Extensions (S/MIME)
Provides a consistent way to send and receive secure MIME data. Based on the Internet MIME standard, S/MIME provides cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures) and data confidentiality (using encryption). S/MIME is not restricted to mail; it can be used with any transport mechanism that transports MIME data, such as HTTP.
- Secure Shell (SSH)
A strong method of performing client authentication. Because it supports au-thentication, compression, confidentiality and integrity, SSH is used frequently on the Internet. SSH has two important components, RSA certificate exchange for authentication and Triple DES for session encryption.
- Security Assertion Markup Language (SAML)
An XML-based framework for exchanging security information expressed in the form of assertions about subjects, where a subject is an entity (either human or computer) that has an identity in some security domain. SAML is expected to play a key role in the Federal-wide E-Authentication initiative, and is supported by both the Liberty Alliance and WS-Security.
- Simple Key Management Protocol (SKIP)
A protocol developed by Sun Microsystems to handle key management across IP networks and VPNs.
- Transport Layer Security (TLS)
Standard for the next generation SSL. TLS provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.
- Web Services Security (WS-Security)
Describes enhancements to SOAP messaging to provide message integrity, message confidentiality, and single message authentication. These mechanisms can be used to accommodate a wide variety of security models and encryption technologies including X.509, Kerberos, and SAML.