G. M. Dolan’s scientific contributions

Cryptography is considered by many users to be a complicated subject. An architecture for a cryptographic application programming interface simplifies customer use of cryptographic services by helping to ensure compliance with national and international standards and by providing intuitive high-level services that may be implemented on a broad range of operating systems and underlying hardware. This paper gives an overview of the design rationale of the recently announced Common Cryptographic Architecture Cryptographic Application Programming Interface and gives typical application scenarios showing methods of using the services described in the architecture to meet security requirements.

Components of previous security systems were designed independently from one another and were often difficult to integrate. Described is the recently available IBM Transaction Security System. It implements the Common Cryptographic Architecture and offers a comprehensive set of security products that allow users to implement end-to-end secure systems with IBM components. The system includes a mainframe host-attached Network Security Processor, high-performance encryption adapters for the IBM Personal Computer and Personal System/2® Micro Channel®, an RS-232 attached Security Interface Unit, and a credit-card size state-of-the-art Personal Security™ card containing a high-performance microprocessor. The application programming interface provides common programming in the host and the workstation and supports all of the Systems Application Architecture™ languages except REXX and RPG. Applications may be written to run on Multiple Virtual Storage (MVS) and PC DOS operating systems.

A well-designed application program interface for a line of cryptographic products simplifies customer use of cryptographic services by helping to ensure compliance with national and international standards and by providing intuitive high-level services that may be implemented on disparate systems. The Common Cryptographic Architecture is IBM's strategic cryptographic architecture. The Transaction Security System implements the Common Cryptographic Architecture in full. Furthermore, the Transaction Security System has implemented extensions to the architecture to address additional customer requirements. This paper gives the design rationale for some of the additional cryptographic functionality in the Transaction Security System beyond that mandated by the Common Cryptographic Architecture.