Hema, On 2011-03-09 11:04, Hema Krishnamurthy wrote: > What's the difference between a channel and a conduit? > Would a conduit need to be used irrespective of whether > it's a single or a multi-domain security system?
In CICM a "channel" is the high level abstraction that refers to any cryptographic transform while a "conduit" is a specific type of channel-- one that manages the configuration (like a "controller") AND manages the data flow (like a "stream"). In a single domain you only have conduits because you cannot separate the controller from the stream like you can when you have multiple domains. See <http://tools.ietf.org/html/draft-lanz-cicm-lm-00#appendix-A>: $ channel Abstraction under which one or more cryptographic transforms are performed and within which all details associated with the transform are encapsulated, including the path through the module. See also conduit, controller, and stream. $ conduit Abstraction that encapsulates channel control and data flow. See also channel, controller, and stream. $ controller Abstraction used to configure and control a channel. See also channel, conduit, and stream. $ stream An abstraction representing an entity utilizing an existing controller to enable data to be sent to a module to be transformed and transformed data to be received using a controller as a foundation. Also see Figure 7 in <http://tools.ietf.org/html/draft-lanz-cicm-lm-00#section-5> Lev _______________________________________________ cicm mailing list [email protected] https://www.ietf.org/mailman/listinfo/cicm
