Bandit is a system of loosely-coupled components that provide consistent identity services and create a community that organizes and standardizes identity-related technologies in an open way, promoting both interoperability and collaboration. It implements open standard protocols and specifications so identity services can be constructed, accessed, and integrated from multiple identity sources. The Bandit system supports many authentication methods and provides user-centric credential management.
BeeCrypt is an ongoing project to provide strong and fast cryptography in the form of a toolkit usable by commercial and open source projects. Included in the library are entropy sources, random generators, block ciphers, hash functions, message authentication codes, multiprecision integer routines, and public key primitives.
The Dynamic Router Lite II project is a router project by the Dutch national police agency that allows Web-based client-control over the next-hop router for the client. A Dynamic Router Lite II system is placed as a default gateway between one or more client networks and a router network with multiple gateway-routers on it. The Dynamic Router Lite II system does policy-based routing with policy-based DNS to match the routing policy. By default a client will have no active gateway, and any attempted HTTP traffic to any domain will lead the user to the router's Web interface, where the user can then pick an appropriate next-hop router. Once picked, all traffic for the client including DNS will be forwarded to the next-hop router the user picked.
Linux, in the tradition of UNIX-like operating systems, implements file system permissions using a rather coarse scheme. While this is sufficient for a surprisingly large set of applications, it is too inflexible for many other scenarios. For that reason, all the major commercial UNIX operating systems have extended this simple scheme in one way or the other. This is an effort to implement POSIX-like Access Control Lists for Linux. Access Control Lists are built on top of Extended Attributes, which can also be used to associate other pieces of information with files such as Filesystem Capabilities, or user data like mime type and search keywords.
GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
GnuTLS is a secure communications library implementing the SSL, TLS, and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.