Shaowen Su

Digital Library

ACM Software System Award

USA - 2004

Secure Network Programming

citation

Raghuram Bindignavle, Simon S. Lam, Shaowen Su, Thomas Y. C. Woo

"For inventing secure sockets and prototyping the first secure sockets layer (named SNP - Secure Network Programming) as a high-level abstraction suitable for securing Internet applications."

Toward the goal of "secure network programming for the masses," the recipients conceived secure sockets as a high-level abstraction suitable for securing Internet applications. In 1993, at the Networking Research Laboratory, Department of Computer Sciences, University of Texas at Austin, the recipients designed and implemented the first secure sockets layer, named Secure Network Programming (SNP). Funding for this project was provided by NSA and NSF. SNP, designed as an application sublayer on top of sockets, provides a user interface closely resembling sockets. This resemblance was by design so that security could be retrofitted into existing application programs that use sockets with only minor modifications. SNP's secure sockets support both stream and datagram semantics with security guarantees (i.e., data origin authenticity, data destination authenticity, data integrity, and data confidentiality.) Many of the design choices in SNP can be found in today's secure sockets layer used between browsers and Internet servers, including: placing authenticated communication endpoints in the application layer, use of public key cryptography for authentication, a handshake protocol for establishing session state including a shared secret, use of symmetric key cryptography for data confidentiality, and managing contexts and credentials in the secure sockets layer.