翻訳と辞書
Words near each other
・ Generic Mapping Tools
・ Generic matrix ring
・ Generic Model Organism Database
・ Generic Modeling Environment
・ Generic name
・ Generic Pharmaceutical Price Decay
・ Generic point
・ Generic polynomial
・ Generic Product Identifier
・ Generic programming
・ Generic property
・ Generic Q5 TV Mobile cellphone
・ Generic role-playing game system
・ Generic Routing Encapsulation
・ Generic Security Service Algorithm for Secret Key Transaction
Generic Security Services Application Program Interface
・ Generic sensor format
・ Generic Stream
・ Generic Stream Encapsulation
・ Generic String Encoding Rules
・ Generic Substation Events
・ Generic Tile Engine
・ Generic top-level domain
・ Generic trademark
・ Generic Vehicle Architecture
・ Generic views
・ Generic you
・ Generic-case complexity
・ Generica
・ Genericon


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Generic Security Services Application Program Interface : ウィキペディア英語版
Generic Security Services Application Program Interface

The Generic Security Service Application Program Interface (GSSAPI, also GSS-API) is an application programming interface for programs to access security services.
The GSSAPI is an IETF standard that addresses the problem of many similar but incompatible security services in use today.
== Operation ==
The GSSAPI, by itself, does not provide any security. Instead, security-service vendors provide GSSAPI ''implementations'' - usually in the form of libraries installed with their security software. These libraries present a GSSAPI-compatible interface to application writers who can write their application to use only the vendor-independent GSSAPI.
If the security implementation ever needs replacing, the application need not be rewritten.
The definitive feature of GSSAPI applications is the exchange of opaque messages (''tokens'') which hide the implementation detail from the higher-level application.
The client and server sides of the application are written to convey the tokens given to them by
their respective GSSAPI implementations.
GSSAPI tokens can usually travel over an insecure network as the mechanisms provide inherent message security.
After the exchange of some number of tokens, the GSSAPI implementations at both ends inform their local application that a ''security context'' has been established.
Once a security context is established, sensitive application messages can be wrapped (encrypted) by the GSSAPI for secure communication between client and server.
Typical protections guaranteed by GSSAPI wrapping include confidentiality (secrecy) and integrity (authenticity). The GSSAPI can also provide local guarantees about the identity of the remote user or remote host.
The GSSAPI describes about 45 procedure calls. Significant ones include:
* ''GSS_Acquire_cred'' - obtains the user's identity proof, often a secret cryptographic key
* ''GSS_Import_name'' - converts a username or hostname into a form that identifies a security entity
* ''GSS_Init_sec_context'' - generates a client token to send to the server, usually a challenge
* ''GSS_Accept_sec_context'' - processes a token from ''GSS_Init_sec_context'' and can generate a response token to return
* ''GSS_Wrap'' - converts application data into a secure message token (typically encrypted)
* ''GSS_Unwrap'' - converts a secure message token back into application data
The GSSAPI has been standardized for the
C (RFC 2744) language. Java implements the GSSAPI〔(【引用サイトリンク】 title=JSR-000072 Generic Security Services API Specification 0.1 )
as JGSS,
the Java Generic Security Services Application Program Interface.

Limitations of the GSSAPI include that it standardizes only authentication, and not authorization, and that it assumes a client–server architecture.
Anticipating new security mechanisms, the GSSAPI includes a negotiating ''pseudo mechanism'', SPNEGO, that can discover and use new mechanisms not present when the original application was built.

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Generic Security Services Application Program Interface」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.