Wikipedia

Generic Security Services Application Programming Interface: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
dab Kerberos; Category:Computer security
move rfcs to external links; grammar correction; add 'key concepts' section
Line 1:
The '''GenericG'''eneric Security'''S'''ecurity Services'''S'''ervices Application'''A'''pplication Program Interface'''P'''rogram ('''GSSAPII'''nterface (GSSAPI, also GSS-API) is, as its name suggests, an [[application programming interface]] for obtaining [[security]] services. It is described in RFC 1509, RFC 1964, and RFC 2743.
 
GSSAPI facesaddresses the problem, that there are a lot of totallymany different and between each other incompatible security services. E.g. [[SASL]] methods, [[Kerberos (protocol)|Kerberos]], password [[authentication]], etc.
 
GSSAPI provides a standardized application programming interface with well defined functions on source level encapsulating lower level security mechanisms and/or environments. It is possible to use eye scanners, security cards, or passwords via keyboard or internet for authenticating users against a service.
 
The GSSAPI standardizes only [[authentication]], and not [[authorization]].
 
= Key concepts of the GSSAPI =
; name : A binary string that labels a security principal (i.e. user or host) - see [[access contol]] and [[identity]]
; [[credentials]] : Information that proves a name. May be used by a entity to act as that principal.
; context : The state of one end of the authenticating/authenticated [[protocol (computing)|protocol]]. Provides a [[secure channel]] when established.
; tokens : Opaque messages exchanged as part of the initial authentication protocol.
; mechanism : An underlying implementation that provides actual names, tokens and credentials.
; initiator/acceptor : The peer that sends the first token is the initiator; the other the acceptor.
 
= External links =
* RFC 1509, RFC 1964, and RFC 2743.
* [http://www.ietf.org/html.charters/kitten-charter.html Kitten working group] - next generation GSS-API
 
{{compu-stub}}
[[Category:Computer security]]
Retrieved from "https://en.wikipedia.org/wiki/Generic_Security_Services_Application_Programming_Interface"