|Skip Navigation Links|
|Exit Print View|
|Developer's Guide to Oracle Solaris 11 Security Oracle Solaris 11.1 Information Library|
The Developer' Guide to Oracle Solaris 11 Security describes the public application programming interfaces (API) and service provider interfaces (SPI) for the security features in the Oracle Solaris operating environment. The term service provider refers to components that are plugged into a framework to provide security services, such as cryptographic algorithms and security protocols.
Note - This Oracle Solaris release supports systems that use the SPARC and x86 families of processor architectures. The supported systems appear in the Oracle Solaris OS: Hardware Compatibility Lists. This document cites any implementation differences between the platform types.
In this document, these x86 related terms mean the following:
x86 refers to the larger family of 64-bit and 32-bit x86 compatible products.
x64 relates specifically to 64-bit x86 compatible CPUs.
"32-bit x86" points out specific 32-bit information about x86 based systems.
For supported systems, see the Oracle Solaris OS: Hardware Compatibility Lists.
The Developer' Guide to Oracle Solaris 11 Security is intended for C-language developers who want to write the following types of programs:
Privileged applications that can override system controls
Applications that use authentication and related security services
Applications that need to secure network communications
Applications that use cryptographic services
Libraries, shared objects, and plug-ins that provide or consume security services
Note - For Java-language equivalents to the Oracle Solaris features, see http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html.
Readers of this guide should be familiar with C programming. A basic knowledge of security mechanisms is helpful but not required. You do not need to have specialized knowledge about network programming to use this book.
This book is organized into the following chapters.
Chapter 1, Oracle Solaris Security for Developers (Overview) provides an introduction to the Oracle Solaris security.
Chapter 2, Developing Privileged Applications describes how to write privileged applications that use process privileges.
Chapter 3, Writing PAM Applications and Services explains how to write a pluggable application module (PAM).
Chapter 4, Writing Applications That Use GSS-API provides an introduction to the Generic Security Service Application Programming Interface (GSS-API).
Chapter 7, Writing Applications That Use SASL describes how to write applications for the Simple Authentication Security Layer (SASL).
Chapter 8, Introduction to the Oracle Solaris Cryptographic Framework provides an overview of the Oracle Solaris cryptographic framework, both at the user level and kernel level.
Chapter 9, Writing User-Level Cryptographic Applications describes how to write consumers for the user level of the Oracle Solaris cryptographic framework.
Chapter 10, Introduction to the Oracle Solaris Key Management Framework describes programming interfaces and administrative tools for managing Public Key Infrastructure (PKI) objects in Oracle Solaris.
Appendix A, Secure Coding Guidelines for Developers provides information and a list of sites for developers to follow secure coding guidelines.
Appendix B, Sample C-Based GSS-API Programs provides complete code listings for the GSS-API examples.
Appendix C, GSS-API Reference provides reference information for various items in the GSS-API.
Appendix D, Specifying an OID describes how to specify a mechanism. This technique is used in cases where a mechanism other than the default mechanism is to be used.
Appendix E, Source Code for SASL Example provides complete code listings for the SASL examples.
Appendix F, SASL Reference Tables provides brief descriptions of the major SASL interfaces.
Glossary provides definitions for security terms that are used throughout the manual.
For other information on security features, see the following sources:
Oracle Solaris 11.1 Administration: Security Services provides descriptions of Oracle Solaris security features from the system administrator's point of view.
Generic Security Service Application Program Interface document (ftp://ftp.isi.edu/in-notes/rfc2743.txt) provides a conceptual overview of the GSS-API.
Generic Security Service API Version 2: C-Bindings document (ftp://ftp.isi.edu/in-notes/rfc2744.txt) discusses the specifics of the C-language-based GSS-API.
ONC+ Developer’s Guide provides information on remote procedure calls.
Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.
The following table describes the typographic conventions that are used in this book.
Table P-1 Typographic Conventions
The following table shows the default UNIX system prompt and superuser prompt for shells that are included in the Oracle Solaris OS. Note that the default system prompt that is displayed in command examples varies, depending on the Oracle Solaris release.
Table P-2 Shell Prompts