@techreport{TR-IC-99-05,
  number = {IC-99-05},
  author = {Alexandre M. Braga and Ricardo Dahab and Cecília M. F. Rubira},
  title = {Composing Cryptographic Services: {A} Comparison of Six Cryptographic {API}s},
  month = {February},
  year = {1999}, 
  institution = {Institute of Computing, University of Campinas},
  note = {In English, 16 pages.
    \par\selectlanguage{english}\textbf{Abstract}
      In this work we show that compliance to Tropyc, a pattern
      language for cryptographic software, is a good criteria for
      Cryptographic Application Programming Interfaces (CAPIs)
      evaluation. Tropyc documents the constraints over cryptographic
      services combination by limiting the number of valid patterns.
      Also, we use this criteria to evaluate a group of six CAPIs:
      IBM's CCA, RSA's Cryptoki, Microsoft's CryptoAPI, Sun's JCA/JCE,
      X/Open's GCS-API and Intel's CSSM-API. We show that these CAPIs
      lack the ability of cryptographic service composition, an
      important feature of modern applications, such as electronic
      commerce systems.
  }
}