SSLimSecure is a robust, standards based, small-footprint socket-based framework that secures data exchanged between two network applications. It includes a powerful implementation of Secure Sockets Layer (SSL) & Transport Layer Security (TLS) protocols for embedded devices, with a comprehensive set of encryption ciphers for data privacy, cryptographic hash algorithms for message integrity checks and X.509 v3 (and older) digital certificate support for authentication.
SSLimSecure's SSL framework installs istelf above the TCP/IP layers, and below higher-level application protocols such as HTTP or custom transaction protocols. It then uses TCP/IP on behalf of the higher-level protocols, and in the process allows an SSL-enabled server to authenticate itself to an SSL-enabled client, optionally allows the client to authenticate itself to the server, and allows both machines to establish an encrypted and tamper-proof data connection.
SSLimSecure powerful features include an implementation of most common versions of the SSL protocol (v2 and v3) and also the newest IETF standardized TLS v1.x. While SSLimSecure comes pre-packaged with a wide variety of encryption and has algorithms, its modular design allows scaling out of any cipher, thereby eliminating any memory and performance from components that are not used by the embedded application.
SSLimSecure's APIs allow the securing of any TCP socket-based client/server network applications via just a a few API calls from the application to initiate the SSL handshake, and replacing socket calls with their secure equivalents. This enables secure management of connected embedded devices a snap, and also helps in securing data or measurements that may have to sent back to an SSL enabled server.
Further optimizations such as a using the same SSL parameter template ("context") for various SSL sessions, and customizable hardware assist functionality are also included in SSLimSecure.
While SSLimSecure can secure any socket based transaction, web-server or HTTP-client security is undoubtedly a popular use of SSL technologies. SSLimSecure can secure both the client and server sides of an HTTP session simultaneously in the same system, and with the use of a proxy mechanism can also achieve this without any modifications to existing HTTP server and client code.
Out of the box integration (even in the absence of proxies) is included for common embedded web-servers including shttp, thttpd, WindWeb and WIND Manage for Web. This allows for an easy upgrade to secure existing web-based device management frameworks.
SSLimSecure has been extensively validated on a variety of CPU architectures, and this minimizes development and integration efforts. SSLimSecure supports multi-tasking, memory partitions, & abstractions that are lean, yet fast. SSLimSecure enables secure transactions in embedded network applications with the fewest changes, and provides a seamless solution that is interoperable with existing web servers and web-browsers on embedded and non-embedded platforms.