|
SPICE (protocol)
In computing, SPICE (the Simple Protocol for Independent Computing Environments) is a remote- display system built for virtual environments which allows users to view a computing "desktop" environment – not only on its computer-server machine, but also from anywhere on the Internet – using a wide variety of machine architectures. Qumranet originally developed SPICE using a closed-source codebase in 2007. Red Hat, Inc acquired Qumranet in 2008, and in December 2009 released the code under an open-source license and made the protocol an open standard. Security A SPICE client connection to a remote desktop server consists of multiple data channels, each of which is run over a separate TCP or UNIX socket connection. A data channel can be designated to operate in either clear-text, or TLS modes, allowing the administrator to trade off the security level vs performance. The TLS mode provides strong encryption of all traffic transmitted on the data channel. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Qumranet
Qumranet, Inc. was an enterprise software company offering a desktop virtualization platform based on hosted desktops in Kernel-based Virtual Machines (KVM) on servers, linked with their SPICE protocol. The company was also the creator, maintainer and global sponsor of the KVM open source hypervisor. History The company was founded in 2005 by CEO Benny Schnaider, with Rami Tamir as president, Moshe Bar as CTO, and chairman Giora Yaron. Qumranet had raised $20 million in two financing rounds from its founders, Norwest Venture Partners, Cisco Systems, and Sequoia Capital, in addition to investment by the founding partners. The company's first product, named "Solid ICE", hosted Windows and Linux desktops on central servers located in a data center. The Ra'anana-based company developed a virtualization technology for IT data centers. From a very low-profile Israeli startup the company made waves with the rapid acceptance of KVM into the Linux kernel, and their ''Solid ICE'' de ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open-source License
Open-source licenses are software licenses that allow content to be used, modified, and shared. They facilitate free and open-source software (FOSS) development. Intellectual property (IP) laws restrict the modification and sharing of creative works. Free and open-source licenses use these existing legal structures for an inverse purpose. They Grant (law), grant the recipient the rights to use the software, examine the source code, modify it, and distribute the modifications. These criteria are outlined in the Open Source Definition. After 1980, the United States began to treat software as a literary work covered by copyright law. Richard Stallman founded the free software movement in response to the rise of proprietary software. The term "open source" was used by the Open Source Initiative (OSI), founded by free software developers Bruce Perens and Eric S. Raymond. "Open source" emphasizes the strengths of the Open-source software development, open development model rather tha ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
QEMU
The Quick Emulator (QEMU) is a free and open-source emulator that uses dynamic binary translation to emulate a computer's processor; that is, it translates the emulated binary codes to an equivalent binary format which is executed by the machine. It provides a variety of hardware and device models for the virtual machine, enabling it to run different guest operating systems. QEMU can be used with a Kernel-based Virtual Machine (KVM) to emulate hardware at near-native speeds. Additionally, it supports user-level processes, allowing applications compiled for one processor architecture to run on another. QEMU supports the emulation of x86, ARM, PowerPC, RISC-V, and other architectures. Licensing QEMU is free software developed by Fabrice Bellard. Different components of QEMU are licensed under the GNU General Public License (GPL), BSD license, GNU Lesser General Public License (LGPL), or other GPL-compatible licenses. Operating modes QEMU has multiple operating modes: ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Dynamic Library
A dynamic library is a library that contains functions and data that can be consumed by a computer program at run-time as loaded from a file separate from the program executable. Dynamic linking or late binding allows for using a dynamic library by linking program library references with the associated objects in the library either at load-time or run-time. At program build-time, the linker records what library objects the program uses. When the program is run, a ''dynamic linker'' or ''linking loader'' associates program library references with the associated objects in the library. A dynamic library can be linked at build-time to a stub for each library resource that is resolved at run-time. Alternatively, a dynamic library can be loaded without linking to stubs. Most modern operating systems use the same format for both a dynamic library and an executableSome older systems, e.g., Burroughs MCP, Multics, also have a single format which affords two main advantages: it nec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Kerberos (protocol)
Kerberos () is a computer-network authentication protocol that works on the basis of ''tickets'' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client–server model, and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks. Kerberos builds on symmetric-key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.RFC 4556, abstract. Kerberos uses UDP port 88 by default. The protocol was named after the character '' Kerberos'' (or ''Cerberus'') from Greek mythology, the ferocious three-headed guard dog of Hades. History and development The Massachusetts Institute of Technology (MIT) developed Kerberos in 1988 to protect network services provided by Project Athena. Its ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Simple Authentication And Security Layer
Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols. It decouples authentication mechanisms from application protocols, in theory allowing any authentication mechanism supported by SASL to be used in any application protocol that uses SASL. Authentication mechanisms can also support ''proxy authorization'', a facility allowing one user to assume the identity of another. They can also provide a ''data security layer'' offering ''data integrity'' and ''data confidentiality'' services. DIGEST-MD5 provides an example of mechanisms which can provide a data-security layer. Application protocols that support SASL typically also support Transport Layer Security (TLS) to complement the services offered by SASL. John Gardiner Myers wrote the original SASL specification (RFC 2222) in 1997. In 2006, that document was replaced by RFC 4422 authored by Alexey Melnikov and Kurt D. Zeilenga. SASL, as defined by RFC 4422 is an I ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public Key
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. There are many kinds of public-key cryptosystems, with different security goals, including digital signature, Diffie–Hellman key exchange, public-key key encapsulation, and public-key encryption. Public key algorithms are fundamental security primitives in modern cryptosystems, including applications and protocols that offer assurance of the confidentiality and authenticity of electronic communications and data storage. They underpin numerous Internet standards, such as Transport Layer Security (TLS), SSH, S/MIME, and P ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
RSA (algorithm)
The RSA (Rivest–Shamir–Adleman) cryptosystem is a public-key cryptosystem, one of the oldest widely used for secure data transmission. The initialism "RSA" comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly in 1973 at Government Communications Headquarters (GCHQ), the British signals intelligence agency, by the English mathematician Clifford Cocks. That system was declassified in 1997. In a public-key cryptosystem, the encryption key is public and distinct from the decryption key, which is kept secret (private). An RSA user creates and publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers are kept secret. Messages can be encrypted by anyone via the public key, but can only be decrypted by someone who knows the private key. The security of RSA relies on the practical difficulty of factoring the product of two ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Strong Encryption
Strong cryptography or cryptographically strong are general terms used to designate the cryptographic algorithms that, when used correctly, provide a very high (usually insurmountable) level of protection against any eavesdropper, including the government agencies. There is no precise definition of the boundary line between the strong cryptography and ( breakable) weak cryptography, as this border constantly shifts due to improvements in hardware and cryptanalysis techniques. These improvements eventually place the capabilities once available only to the NSA within the reach of a skilled individual, so in practice there are only two levels of cryptographic security, "cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files" (Bruce Schneier). The strong cryptography algorithms have high security strength, for practical purposes usually defined as a number of bits in the key. For example, the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Transport Layer Security
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network, such as the Internet. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications. It runs in the presentation layer and is itself composed of two layers: the TLS record and the TLS handshake protocols. The closely related Datagram Transport Layer Security (DTLS) is a communications protocol that provides security to datagram-based applications. In technical writing, references to "(D)TLS" are often seen when it applies to both versions. TLS is a proposed Internet Engineering Task Force (IETF) standard, fir ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Socket Connection
A network socket is a software structure within a network node of a computer network that serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by an application programming interface (API) for the networking architecture. Sockets are created only during the lifetime of a process of an application running in the node. Because of the standardization of the TCP/IP protocols in the development of the Internet, the term ''network socket'' is most commonly used in the context of the Internet protocol suite, and is therefore often also referred to as Internet socket. In this context, a socket is externally identified to other hosts by its socket address, which is the triad of transport protocol, IP address, and port number. The term ''socket'' is also used for the software endpoint of node-internal inter-process communication (IPC), which often uses the same API as a network socket. Use The use of the term ''socke ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
