Abstract by Blaine Johnson
Tech Transfer of the Secure Socket API
Internet security relies on encrypted connections established with the TLS protocol. However, making an application TLS-compatible is a complicated and difficult process. Previously, our lab created the Secure Socket API (SSA), a system that implements the TLS protocol as an operating system service, similar to TCP. The SSA allows developers to write TLS-compatible applications using only a few lines of code, while working through the familiar framework of POSIX sockets.
We are now focused on transitioning the SSA from a research prototype to a fully-functioning open-source project. Current areas of work include: 1) improving certificate validation, 2) providing helpful error codes, 3) writing documentation and 4) making the system compatible with updated versions of Linux. In addition, Dr. Eric Mercer's lab is working on formally verifying the correctness of our implementation. In the future we hope to implement similar systems for Windows, MacOS and mobile operating systems.