Lkms Library

[Algernon Alcala]

Greenbelt, MD - September 10, 1998) In conjunction with the launch of the new Verso Web-based integrated library and knowledge management system (LKMS), Maxcess Corporation announces First 100 -- an affordable, advanced technology LKMS package available to the first two libraries in every state.

"We have had many requests from our own customers as well as from other vendor's customers for a cost and time effective NT based Integrated Library System that is Intranet and Internet-ready, easy to use and employs third generation/Web based functionality," states Jerry Sherman, CEO of the MAXCESS Corporation.

"It is in response to these customer calls nationwide that Maxcess offers First 100," continues Mr. Sherman. "We are giving libraries a way to implement best-of-breed technology tools that will lead them beyond traditional library automation to becoming the true information hub of the organization."

The Maxcess Corporation is a .provider of next generation Library and Knowledge Management System (LKMS) solutions that incorporate information and knowledge management with collection management and technical service functions to manage library operations. Maxcess specializes in developing and integrating the best-of-breed technology tools libraries require to offer a broader range of information to a wider audience with the added value that trained information professionals can bring.

With the Verso and Enterprise 2000 solutions, the Maxcess Corporation is the first company to supply systems that are truly Intranet and Internet ready, and completely web-enabled using standard browser interfaces (Microsoft Internet Explorer or Netscape) for all public access and library and information management modules. Verso, an integrated, modular system, automates library functions and provides access to information resources beyond the physical limits of the library. Enterprise 2000, a state-of-the-art knowledge management system, combines library collection management, simple and complex document management, and image management from a single entry point and easy to use interface.

The Maxcess LKMS solutions are based on a multi-tiered thin client-server architecture allowing the system to scale from very small to very large configurations without changing the initial investment in hardware and software. Designed and configured for out-of-the-box operation for your organization, Verso runs under both the Windows NT and UNIX operating systems.

I think the best idea is to consult existing resources (there are a few kernel driver books, including a free one online) which are all in C, get the basics figured out, then you can try and see if you can get c++ to work there.

But I very much doubt that will be easy. You don't even have access to the full C standard library in the kernel. Something to think about: it does not link to shared libraries, and the total executable image is usually 2-3 MB.

I'm pretty sure I saw a kernel configuration option somewhere allowing C++ in kernel modules, a while back (but cannot find it again).I can see how certain templates would be very interesting to use in driver modules. Just for anecdotics: the OS X Mach kernel is partly written in C++.

The AWS SDKs provide libraries for interacting with Amazon Web Services (AWS), including AWS Key Management Service (AWS KMS). Some of the language implementations of the AWS Encryption SDK, such as the AWS Encryption SDK for .NET, always require the AWS SDK in the same programming language. Other language implementations require the corresponding AWS SDK only when you use AWS KMS keys in your keyrings or master key providers. For details, see the topic about your programming language in AWS Encryption SDK programming languages.

You can use the AWS SDKs to interact with AWS KMS, including encrypting and decrypting small amounts of data (up to 4,096 bytes with a symmetric encryption key) and generating data keys for client-side encryption. However, when you generate a data key, you must manage the entire encryption and decryption process, including encrypting your data with the data key outside of AWS KMS, safely discarding the plaintext data key, storing the encrypted data key, and then decrypting the data key and decrypting your data. The AWS Encryption SDK handles this process for you.

The AWS Encryption SDK provides a library that encrypts and decrypts data using industry standards and best practices. It generates the data key, encrypts it under the wrapping keys you specify, and returns an encrypted message, a portable data object that includes the encrypted data and the encrypted data keys you need to decrypt it. When it's time to decrypt, you pass in the encrypted message and at least one of the wrapping keys (optional), and the AWS Encryption SDK returns your plaintext data.

You can use AWS KMS keys as wrapping keys in the AWS Encryption SDK, but it is not required. You can use encryption keys that you generate and those from your key manager or on-premises hardware security module. You can use the AWS Encryption SDK even if you don't have an AWS account.

The Amazon S3 encryption client in the AWS SDKs provides encryption and decryption for data that you store in Amazon Simple Storage Service (Amazon S3). These clients are tightly coupled to Amazon S3 and are intended for use only with data stored there.

The AWS Encryption SDK provides encryption and decryption for data that you can store anywhere. The AWS Encryption SDK and the Amazon S3 encryption client are not compatible because they produce ciphertexts with different data formats.

The AWS Encryption SDK uses the Advanced Encryption Standard (AES) symmetric algorithm in Galois/Counter Mode (GCM), known as AES-GCM, to encrypt your data. It lets you choose from several symmetric and asymmetric algorithms to encrypt the data keys that encrypt your data.

For AES-GCM, the default algorithm suite is AES-GCM with a 256-bit key, key derivation (HKDF), digital signatures, and key commitment. AWS Encryption SDK also supports 192-bit, and 128-bit encryption keys and encryption algorithms without digital signatures and key commitment.

In all cases, the length of the initialization vector (IV) is 12 bytes; the length of the authentication tag is 16 bytes. By default, the SDK uses the data key as an input to the HMAC-based extract-and-expand key derivation function (HKDF) to derive the AES-GCM encryption key, and also adds an Elliptic Curve Digital Signature Algorithm (ECDSA) signature.

The AWS Encryption SDK uses a deterministic method to construct a different IV value for each frame. This procedure guarantees that IVs are never repeated within a message. (Prior to version 1.3.0 of the AWS Encryption SDK for Java and the AWS Encryption SDK for Python, the AWS Encryption SDK randomly generated a unique IV value for each frame.)

The AWS KMS keyrings and master key providers in the AWS Encryption SDK use the AWS KMS GenerateDataKey API operation to generate each data key and encrypt it under its wrapping key. To encrypt copies of the data key under additional KMS keys, they use the AWS KMS Encrypt operation. To decrypt the data keys, they use the AWS KMS Decrypt operation. For details, see AWS KMS keyring in the AWS Encryption SDK Specification in GitHub.

Other keyrings generate the data key, encrypt, and decrypt using best practice methods for each programming language. For details, see the specification of the keyring or master key provider in the Framework section of the AWS Encryption SDK Specification in GitHub.

The AWS Encryption SDK does this for you. When you encrypt data, the SDK encrypts the data key and stores the encrypted key along with the encrypted data in the encrypted message that it returns. When you decrypt data, the AWS Encryption SDK extracts the encrypted data key from the encrypted message, decrypts it, and then uses it to decrypt the data.

The encryption operations in the AWS Encryption SDK return an encrypted message, a single data structure that contains the encrypted data and its encrypted data keys. The message format consists of at least two parts: a header and a body. The message header contains the encrypted data keys and information about how the message body is formed. The message body contains the encrypted data. If the algorithm suite includes a digital signature, the message format includes a footer that contains the signature. For more information, see AWS Encryption SDK message format reference.

When you use the AWS Encryption SDK with its default configuration (one AWS KMS key as the wrapping key (or master key), no AAD, nonframed data, and an encryption algorithm with signing), the overhead is approximately 600 bytes. In general, you can reasonably assume that the AWS Encryption SDK adds overhead of 1 KB or less, not including the provided AAD. For more information, see AWS Encryption SDK message format reference.

Yes. The implementation details vary depending on which of the supported programming languages you use. However, all supported languages allow you to define custom cryptographic materials managers (CMMs), master key providers, keyrings, master keys, and wrapping keys.

To encrypt data under multiple wrapping keys, create a keyring or master key provider with multiple wrapping keys. When working with keyrings, you can create a single keyring with multiple wrapping keys or a multi-keyring.

When you encrypt data with multiple wrapping keys, the AWS Encryption SDK uses one wrapping key to generate a plaintext data key. The data key is unique and mathematically unrelated to the wrapping key. The operation returns the plaintext data key and a copy of the data key encrypted by the wrapping key. Then the encryption method, encrypts the data key with the other wrapping keys. The resulting encrypted message includes the encrypted data and one encrypted data key for each wrapping key.

The encrypted message can be decrypted by using any one of the wrapping keys used in the encryption operation. The AWS Encryption SDK uses a wrapping key to decrypt an encrypted data key. Then, it uses the plaintext data key to decrypt the data.

3a8082e126