| Embedded webserver gains small footprint SSL support |
Oct. 30, 2003
The world's most popular embedded webserver has gained something developers have long wished for: support for a first-rate SSL library designed specifically for embedded use. This means that devices needing to serve secure, encrypted web pages can now do so without the addition of significant system resources.
Professional services company Art & Logic, which develops and maintains the GoAhead WebServer (under contract from GoAhead), has released version 2.1.7, adding support for Mocana Corp.'s commercial Embedded SSL Server (ESS). Mocana claims its ESS is "the only device-side SSL server on the market designed with an extremely low memory footprint."
Previously, the GoAhead WebServer supported SSL connections through the OpenSSL library, which, not being designed for embedded use, has a much larger footprint.
Art & Logic Lead Engineer Tom Bajoras notes, "We [established] a news group for the GoAhead WebServer, and time and time again, people posted looking for a small embedded SSL library. We checked out Mocana, and verified its claims, and added a few things to make it work with GoAhead WebServer."
Mocana claims its ESS needs just 50k of ROM, and that stack and heap usage have been optimized as well. A "zero threading" architecture lightens CPU usage and reduces switching time, according to Mocana, because the server is only active when called upon. "Fully reentrant code" prevents crashes due to deadlocks and race conditions, the company claims.
CEO Adrian Turner notes that Mocana also offers an SSH server. "A lot of customers want both a secure web interface and a CLI [command line interface]. The combined footprint for both is 100k, due to shared libraries."
Mocana SSL server architecture
Mocana's ESS runs as an abstraction layer, SSL layer, and a library layer on top of an embedded webserver (in this case, GoAhead). It supports SSLv3, Triple-DES, and MD5, and Mocana says it can add support for other cryptographic algorithms on request. It is endian neutral, and will work with any TCP/IP stack on any CPU architecture, according to Mocana, and it does not require a real-time operating system (RTOS).
Mocana supplies ESS with an automated test suite and an automated system for certificate creation. The company claims SSL Server is easy to install and use, hiding all the complexities of cryptology. "Customers like it because it works out the box," claims Turner.
Mocana offers both binary and source licensing for its SSL and SSH products, in a royalty free model.
Bajoras claims that the GoAhead WebServer is the most popular embedded webserver in the world, appearing in myriad devices such as Motorola cable modems, the Turtle Beach Audio-Tron, and in many applications where the identity of the webserver software must be hidden due to security concerns.
At a minimum, the GoAhead WebServer requires only some kind of socket library and a standard C runtime library such as uClib, according to Bajoras. WebServer does not even require a filesystem -- pages can be compiled with the source code -- though edits are cumbersome in such deployments. A very basic WebServer can fit in under 100k of Flash, according to Bajoras.
In the course of its services work with GoAhead WebServer, Art & Logic has amassed what it calls the Device Management Framework (DMF). This library of WebServer add-ons handles common functions like authentication, session management, and third-party content modifications. Bajoras says Art & Logic provides this code at no additional cost when hired by companies to develop embedded web applications.
An online demo of Art & Logic's DMF is available here, and can be accessed with username adminUser and password changeThisPassword.
The GoAhead WebServer is freely available under an open source license that provides source code to developers in exchange for their modifications and improvements.
Related Stories:
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
Use of this site is governed by our Terms of
Service and Privacy Policy.
Except where otherwise specified, the contents of this site are copyright © 1999-2008
Ziff Davis Enterprise Holdings Inc. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is
prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.
news feed