Applying authorization to intranets: architectures, issues and APIs
Computer Communications
| Hi-index | 0.24 |
This paper describes the features of a Generic Security Service Application Program Interface (GSS-API), examines its underlying assumptions, and evaluates lessons learned during its evolution. The GSS-API is designed to support architects of distributed protocols by providing them with a 'toolkit' for integration of security features (peer entity authentication, data origin authentication, data integrity and data confidentiality) into those protocols. It has been implemented atop a variety of technologies, including both secret-key and public-key approaches.