Smart Account Management (SAcct)
Join the DZone community and get the full member experience.Join For Free
Smart Account Management (SAcct) 0.1.0 is released and it is based on my past work on PCI compliance. The SAcct 0.1.0 includes the following modules:
- sacct-common: common and shared classes between the SAcct Server and the SAcct Client.
- sacct-server: SAcct Server is a standalone Java application.
- sacct-client: SAcct client acts as a client stub communicate with the SAcct server.
- tools/sacct-spring: Utility classes for the Spring framework.
- assembly/sacct-server: SAcct Server Maven assembly project
- Use Google Guice as the dependency injection framework for the SAcct Server
- Account information are encrypted and stored as a soft token on a carry on device
- Utility tools are provided to encrypt and decrypt the soft token
- Use the Diffie-Hellman key exchange protocol to derive the session key
- The communications between the SAcct Server and the SAcct Client are encrypted by the session key
- An One Time Password (OTP) is used to prevent session replay attack
- All encryptions use the Advanced Encryption Standard (AES) algorithm
- Spring support
- Many security utility classes
Fore more details about SAcct 0.1.0, please visit SAcct project site at http://code.google.com/p/sacct or read the introduction at http://code.google.com/p/sacct/wiki/SAcctUserGuide_0_1_0.
Opinions expressed by DZone contributors are their own.