Figure 3.1 shows the central components in the design. In later sections we look more closely at the various parts of the system. The basis for the working of the system is that there is a client machine where an application wishes to use services on a server machine. In order to be able to do this, the application must obtain a set of privilege attributes. Often, these are attributes granted to a human user who has been successfully authenticated by the security services.
GSS-API is a generic application programming interface to security services that is independent of the underlying mechanisms implementing them. By providing such an interface, it becomes possible to write applications that are portable between different systems and architectures at the source code level. GSS-API version 1 was introduced in [Lin93]. Recently, GSS-API version 2 was published [Lin97]. Version 2 retains and extends the functionality of version 1.
GSS-API contexts are an application-transparent mechanism for the exchange of security-related meta information between communicating parties. Actual client/server (or peer-to-peer) communications take place using ordinary communications channels, although when a GSS-API context has been established, data may be passed through GSS-API security enhancing services before being transmitted.
In order to make it possible for security services to control ongoing connections we mandate that (sensitive) client/server communications must be GSS-API enhanced. By representing GSS sessions as distributed objects, it is possible to include with the security services a context manager that can control these objects.
Figure 3.1: Abstract view of system.