Key Concepts
- Name
- A binary string that labels a security principal (i.e., user or service program) - see access control and identity. For example, Kerberos uses names like user@REALM for users and service/hostname@REALM for programs.
- Credentials
- Information that proves an identity; used by an entity to act as the named principal. Credentials typically involve a secret cryptographic key.
- Context
- The state of one end of the authenticating/authenticated protocol. May provide message protection services, which can be used to compose a secure channel.
- Tokens
- Opaque messages exchanged either as part of the initial authentication protocol (context-level tokens), or as part of a protected communication (per-message tokens)
- Mechanism
- An underlying GSSAPI implementation that provides actual names, tokens and credentials. Known mechanisms include Kerberos, NTLM, Distributed Computing Environment (DCE), SESAME, SPKM, LIPKEY.
- Initiator/acceptor
- The peer that sends the first token is the initiator; the other is the acceptor. Generally, the client program is the initiator while the server is the acceptor.
Read more about this topic: Generic Security Services Application Program Interface
Famous quotes containing the words key and/or concepts:
“The safety of the republic being the supreme law, and Texas having offered us the key to the safety of our country from all foreign intrigues and diplomacy, I say accept the key ... and bolt the door at once.”
—Andrew Jackson (1767–1845)
“Once one is caught up into the material world not one person in ten thousand finds the time to form literary taste, to examine the validity of philosophic concepts for himself, or to form what, for lack of a better phrase, I might call the wise and tragic sense of life.”
—F. Scott Fitzgerald (1896–1940)