The quick progress of technology in Network Communication brings about serious problems in information security. Cryptography is the essential approach to tackle those problems. However, a variety of complex cryptographic algorithms as well as the architectures of different levels based on those algorithms make provider concentrate their most energy and attention on low-level security problems when they develop security applications. Furthermore, due to no accordant standards, provider often repeats their work and security services cannot be interoperable. The technology of security middleware, which combined the middleware technology and information security technology, conceals the complexity of low-level security technologies and provide a convenient middle platform. Thus, developers of applications can focus on upper services. Resource Information Server is an independent, but very important, component in security middleware. Its role includes providing register service for security middleware, describing security attributes and capabilities, and offering the reliable resource of credentials for authentication between modules. This article first explains the principles of an open, interoperable, cross-platform security middleware and then describes the design of resource information server and its implementation based on LDAP in detail. |