diff --git a/src/remote/security.cpp b/src/remote/security.cpp
index 933a97a..6f17c6a 100644
--- a/src/remote/security.cpp
+++ b/src/remote/security.cpp
@@ -4,10 +4,50 @@
 * in file LICENSE that is included with this distribution.
 */
 
+#include <osiProcess.h>
+
 #define epicsExportSharedSymbols
 #include <pv/security.h>
 
+using namespace epics::pvData;
 using namespace epics::pvAccess;
 
 NoSecurityPlugin::shared_pointer NoSecurityPlugin::INSTANCE(new NoSecurityPlugin());
 
+CAClientSecurityPlugin::shared_pointer CAClientSecurityPlugin::INSTANCE(new CAClientSecurityPlugin());
+
+CAClientSecurityPlugin::CAClientSecurityPlugin()
+{
+    StructureConstPtr userAndHostStructure =
+            getFieldCreate()->createFieldBuilder()->
+            add("user", pvString)->
+            add("host", pvString)->
+            createStructure();
+
+    m_userAndHost = getPVDataCreate()->createPVStructure(userAndHostStructure);
+
+    //
+    // user name
+    //
+
+    char buffer[256];
+
+    std::string userName;
+    if (osiGetUserName(buffer, sizeof(buffer)) == osiGetUserNameSuccess)
+        userName = buffer;
+    // TODO more error handling
+
+    m_userAndHost->getSubField<PVString>("user")->put(userName);
+
+    //
+    // host name
+    //
+
+    std::string hostName;
+    if (gethostname(buffer, sizeof(buffer)) == 0)
+        hostName = buffer;
+    // TODO more error handling
+
+    m_userAndHost->getSubField<PVString>("host")->put(buffer);
+}
+
diff --git a/src/remote/security.h b/src/remote/security.h
index 0e5fb99..df4b760 100644
--- a/src/remote/security.h
+++ b/src/remote/security.h
@@ -387,6 +387,32 @@ namespace epics {
 
     };
 
+    class epicsShareClass CAClientSecurityPlugin :
+        public NoSecurityPlugin {
+    protected:
+        epics::pvData::PVStructure::shared_pointer m_userAndHost;
+
+        CAClientSecurityPlugin();
+
+
+    public:
+        POINTER_DEFINITIONS(CAClientSecurityPlugin);
+
+        static CAClientSecurityPlugin::shared_pointer INSTANCE;
+
+        virtual epics::pvData::PVField::shared_pointer initializationData() {
+            return m_userAndHost;
+        }
+
+        virtual std::string getId() const {
+            return "ca";
+        }
+
+        virtual std::string getDescription() const {
+            return "CA client security plug-in";
+        }
+    };
+
     class epicsShareClass AuthNZHandler :
             public AbstractResponseHandler,
             private epics::pvData::NoDefaultMethods
@@ -447,7 +473,10 @@ namespace epics {
         }
 
     private:
-        SecurityPluginRegistry() {}
+        SecurityPluginRegistry() {
+            // install CA client secutiry plugin by default
+            installClientSecurityPlugin(CAClientSecurityPlugin::INSTANCE);
+        }
 
         std::map<std::string, std::tr1::shared_ptr<SecurityPlugin> > m_clientSecurityPlugins;
         std::map<std::string, std::tr1::shared_ptr<SecurityPlugin> > m_serverSecurityPlugins;