GSSAPI PROGRAMMING GUIDE PDF

To make things easier, this manual follows a simple model: A client application sends data to a remote server. The client does so directly — that is, without mediation by transport protocol layers such as RPC. Overview These are the basic steps in using the GSS-API: Each application, sender and recipient, acquires credentials explicitly, if credentials have not been acquired automatically. The sender initiates a security context and the recipient accepts it. The sender applies security protection to the message data it wants to transmit. This means that it either encrypts the message or stamps it with an identification tag.

Author:Zum Turg
Country:Nicaragua
Language:English (Spanish)
Genre:Software
Published (Last):3 September 2016
Pages:403
PDF File Size:15.48 Mb
ePub File Size:6.79 Mb
ISBN:183-3-48385-135-6
Downloads:61518
Price:Free* [*Free Regsitration Required]
Uploader:Aracage



To make things easier, this manual follows a simple model: A client application sends data to a remote server. The client does so directly — that is, without mediation by transport protocol layers such as RPC. Overview These are the basic steps in using the GSS-API: Each application, sender and recipient, acquires credentials explicitly, if credentials have not been acquired automatically. The sender initiates a security context and the recipient accepts it.

The sender applies security protection to the message data it wants to transmit. This means that it either encrypts the message or stamps it with an identification tag. The sender transmits the protected message. The sender can choose not to apply either security protection, in which case the message has only the default GSS-API security service associated with it. That is authentication, in which the recipient knows that the sender is who it claims to be.

The recipient decrypts the message if needed and verifies it if appropriate. Optional The recipient returns an identification tag to the sender for confirmation.

Both applications destroy the shared security context. A general schema of this process is presented in Figure 1—6 , which shows one way that the GSS-API can be used; other scenarios are possible. An application uses a credential to establish its global identity. In many cases, for example, users receive credentials when they log in to a system.

A single credential can contain several elements for that principal, each created by a different mechanism, as shown in Figure 1—7. This means that a credential acquired on a machine with several security mechanisms will be valid if transferred to a machine that has only a subset of those mechanisms. Acquiring Credentials Before a security context can be established, both the server and the client must acquire their respective credentials. Once acquired, credentials can be re-used until they expire, at which time they must be re-acquired.

Credentials used by the client and those used by the server might have different lifetimes. The initiator, therefore, can usually specify only the default credential. Consider the case of a client making an ftp request to a server.

The client already has a credential, from login, and the GSS-API is automatically retrieves that credential when the client attempts to initiate a context. The server program, however, explicitly acquires credentials for the requested service ftp.

KENWOOD TH-D72A MANUAL PDF

Programming Using the GSS-API

The application must pad the DATA buffer to a multiple of 16 bytes as no padding or trailer buffer is used. Are you going to do programming this is not clear form your question? Serializing a credential does not destroy it. Limitations of the GSSAPI include that it standardizes only authenticationand not authorizationand that it assumes a client—server architecture. This article includes a list of referencesrelated reading or external linksbut its sources remain unclear because it lacks inline citations. Email Required, gswapi never shown. A serialized credential may contain secret information such as ticket session keys.

D-NOTE DLA401 PDF

Chapter 1 The GSS-API: An Overview

.

DIGITECH DF 7 MANUAL PDF

.

Related Articles