Key Concepts
- Name
- A binary string that labels a security principal (i.e., user or service program) - see access control and identity. For example, Kerberos uses names like user@REALM for users and service/hostname@REALM for programs.
- Credentials
- Information that proves an identity; used by an entity to act as the named principal. Credentials typically involve a secret cryptographic key.
- Context
- The state of one end of the authenticating/authenticated protocol. May provide message protection services, which can be used to compose a secure channel.
- Tokens
- Opaque messages exchanged either as part of the initial authentication protocol (context-level tokens), or as part of a protected communication (per-message tokens)
- Mechanism
- An underlying GSSAPI implementation that provides actual names, tokens and credentials. Known mechanisms include Kerberos, NTLM, Distributed Computing Environment (DCE), SESAME, SPKM, LIPKEY.
- Initiator/acceptor
- The peer that sends the first token is the initiator; the other is the acceptor. Generally, the client program is the initiator while the server is the acceptor.
Read more about this topic: Generic Security Services Application Program Interface
Famous quotes containing the words key and/or concepts:
“Every revolution was first a thought in one man’s mind, and when the same thought occurs in another man, it is the key to that era.”
—Ralph Waldo Emerson (1803–1882)
“Germany collapsed as a result of having engaged in a struggle for empire with the concepts of provincial politics.”
—Albert Camus (1913–1960)