Open Source Java Security Software for Mac

SSL-Explorer is a fully-featured, web-based SSL VPN server. This project is no longer actively maintained as the SSL-Explorer technology has now been acquired by Barracuda Networks, Inc.

Access Control Designer is a universal modular tool for visually designing access control policies.

This project is an attempt at a decent and user friendly password generator, that will integrate itself into the user's everyday work!

Java SWING applet to store encrypted files in your box.net account

Update: The code from this project has been contributed to the GNU Crypto project. The Cryptix SASL Library is an implementation of the Java SASL bindings and a number of SASL mechanisms.

JCrypTool moved to GitHub! See https://groups.google.com/d/topic/jcryptool-developers/nauEXL6vsbk/discussion for more information and visit our new project home at https://github.com/jcryptool

JCrypTool moved to GitHub! See https://groups.google.com/d/topic/jcryptool-developers/nauEXL6vsbk/discussion for more information and visit our new project home at https://github.com/jcryptool

JEraser is a very simple but extremely effective tool to erase a file or and entire directory so that no one could recover it. It's written in Java so you can run it on every platform.

A java application that allows you to store files into a "data store". These files are encrypted by passphrases and padded with random garbage to provide plausible deniability (you cannot know if there are any more files in the store or not).

OpenSST (Open Simple Secure Transaction) is a project to create a simple security protocol for making transaction between (un)trusted parties. The project includes a protocol design specification and a cross-platform software implementation of the speci

IMPORTANT : The project is now being hosted at http://code.google.com/p/ciform Plug'n Auth is an API providing easy integration of different authentication mechanisms into web applications. Within a few steps web admins will be able to change both the authentication backend and the logon frontend at any time with no further effort

INACTIVE STATUS: The Recommendation Tracker is not actively being developed. SUMMARY: The Recommendation Tracker facilitates consistent standardized (XCCDF, OVAL, CCE, CPE) guidance authoring through an established format for creating, developing, and tracking all information pertinent to security guide and benchmark generation.

SEPIA provides implementations for various types of Petri nets. Along Place/Transition-nets, it supports Petri nets with distinguishable token colors and defines coloured workflow nets, where coloured tokens are interpreted as data elements used during process execution. To support information flow analysis of processes, SEPIA defines so-called IF-Nets, tailored for security-oriented workflow modeling which enable users to assign security-levels (HIGH, LOW) to transitions, data elements and persons/agents participating in the process execution. SEPIA builds upon TOVAL (http://sourceforge.net/p/toval), JAGAL (http://sourceforge.net/p/jagal) and SEWOL (https://sourceforge.net/projects/jawl/). To use SEPIA, make sure these libraries are on the build path. SEPIA encloses the Multi Schema Validator (https://msv.java.net/) and isorelax (http://iso-relax.sourceforge.net/) The documentation can be found under http://doku.telematik.uni-freiburg.de/sepia.

The content of SERAM has been moved to the security-oriented workflow library SEWOL: https://sourceforge.net/projects/jawl/ SEARM provides support for the definition of access control policies, such as ACLs and RBAC models. Additionally, it allows to specify inference policies and comprises techniques for reasoning about inferences and information distribution along a set of inference rules.

SEWOL provides support for the handling of workflow traces. It allows to specify the shape and content of process traces in terms of entries representing the execution of a specific workflow activity. Currently it supports plain text, Petrify, MXML and XES log file types. In order to specify security-related context information, SEWOL provides access control models such as access control lists (ACL) and role-based access control models (RBAC). SEWOL uses and encloses the following libraries: - TOVAL (http://sourceforge.net/p/toval), - JAGAL (http://sourceforge.net/p/jagal), - OpenXES (http://www.xes-standard.org/openxes/), - Spex (http://code.deckfour.org/Spex/) - Google Guava (https://github.com/google/guava), - xstream (http://xstream.codehaus.org/) and - graph-impl and visualization components of Jung 2 (http://jung.sourceforge.net/). Documentation: http://doku.telematik.uni-freiburg.de/sewol

The Security Workflow Analysis Tool (SWAT) is a platform for modelling and analyzing workflows. It comes with ananlysis approaches to search for data leaks in workflows.

SecSy is a tool for security-oriented log synthesis. Besides basic synthesis properties (cases per day, office hours, randomized activity duration, ...), its detailed parameter setting for simulating business processes also allows to specify data usage (objects + access modality), actors for process activities and access control constraints for task/object permissions. It is also capable of enforcing/violating specific security properties on process traces, such as SoD/BoD, Unauthorized Access, Corrupted log entries, Skipped Activities. SecSy builds upon the following libraries, that have to be included in the projects' build path: - JAGAL: http://sourceforge.net/p/jagal - JAWL: http://sourceforge.net/p/jawl - SEPIA: http://sourceforge.net/p/sepiaframework - SERAM: http://sourceforge.net/p/seram - TOVAL: http://sourceforge.net/p/toval

An attempt to bring order to the chaotic world of computer passwords

The MuPPIT is cross-platform, open source Multi-Purpose Peons Internet Toolkit written in Java and C++, providing a collection of new, useful applications for the average internet user.

The Eclipse XML-Security Plug-In allows you to experiment with the W3C recommendations on digital signatures and encryption and to learn all about their background. Arbitrary XML documents can be canonicalized, signed, verified and en- or decrypted.

aamFetch is a utility for fetching your anonymous esub nym messages from the alt.anonymous.messages newsgroup (or other newsgroups). It allows multiple encrypt-subjects to scan, multiple "destination files" to save messages to and random chaff downloads.

crcRepair is a utility that is able to fix corrupt files by consulting a database and file mirrors. It is written in pure Java, so it can be used on all platforms with the Java JRE installed.

xPG was about an OpenPGP-GUI in Java. Some source-code is still available for reference purposes. See http://www.cryptix.org/ for a current implementation of OpenPGP for Java.

Secrets is a complete, standalone, personal encryption solution that works much like PGP (Pretty Good Privacy). With Secrets you can encrypt information before emailing it to a friend or coworker, or before storing it on a removable disk. Secrets is buil

Please note: not having time to complete jSai myself; I came across the ACEGI project which I now recommend instead. jSai; a Servlet Authentication Implementation. jSai aims to allow easier to use, more powerful authentication for Java Servlets.