Information Technology Reference
In-Depth Information
«interface»
SEncDecIf
«component, critical»
SymmetricEncryptorDecryptor
+ encrypt(pt, ck): Data
+ decrypt(ct, ck): Data
«critical»
secrecy = pt
«critical»
SymmetricEncryptorDecryptor
«dataType»
Data
«dataType»
CryptographicKey
«critical»
secrecy = pt
SEncDecIf
: SymmetricEncryptorDecryptor
Fig. 1.
Structural View of GSC
SymmetricEncryptorDecryptor
assets should be considered by the GSCs associated to the CSPF. Consequently,
we equip the GSCs dealing with the assets with the stereotype
,
and we assign values (e.g., in terms of attributes, parameters, return values, etc.)
to the tags of this stereotype accordingly. In case of an asset to be kept
confi-
dential
, we assign this asset to the
critical
tag, and in case of preserving the
integrity
of an asset, we assign this asset to the
{
secrecy
}
tag.
According to the described procedure, we have developed catalogs (see [14,
pp. 150 ff.] for details) of GSCs and GNCs for each available CSPF. For instance,
there exist GSCs for keyed and non-keyed hash processing, calculation of random
numbers, digital signature processing, etc. In the following, we present the GSC
SymmetricEncryptorDecryptor
as an example.
{
integrity
}
GSC SymmetricEncryptorDecryptor.
The
SymmetricEncryptorDecryptor
is a
conceptual pattern for a component that provides symmetric encryption and
decryption services (see [12, pp. 59 ff.] for details). Concrete implementations of
symmetric encryption and decryption algorithms are, e.g., the
javax.crypto.Cipher
class provided by
SUN's Java 6 Standard Edition
7
,the
encryption.pbe.Standard-
PBEStringEncryptor
class provided by
Jasypt
8
,andthe
crypto.engines
class
provided by
Bouncycastle
9
.
Figure 1 shows the structural view of this GSC using a class diagram and
a composite structure diagram. The first diagram defines the type of the port
used in the second diagram. Moreover, the first diagram explicates the provided
interface of the GSC. For reasons of simplicity, we do not present the GSC's
behavioral view here.
The GSC
SymmetricEncryptorDecryptor
abstracts from algorithm-specific de-
tails such as cryptographic key lengths, the stream and block modes of the
algorithms, and so on. Instead, the
SymmetricEncryptorDecryptor
component is de-
signed to represent the essence of symmetric encryption and decryption services,
i.e., the usage of the same cryptographic key for encryption and decryption.
The
SymmetricEncryptorDecryptor
provides the interface
SEncDecIf
, which contains
an operation
encrypt()
to symmetrically encrypt a plaintext
pt
using a crypto-
graphic key
ck
. The result is a ciphertext
ct
. Additionally, it provides an inverse
7
http://java.sun.com/javase/6/docs/api/
8
http://www.jasypt.org/
9
http://www.bouncycastle.org/
