OSF DCE Application Development Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series

511

512

513

514

515

516

517

518

519

520

OSF DCE Application Development Guide—Core Components

The use of authenticated RPC is explained in Chapters 13 and 14. Chapter 14 contains

information about a number of RPC routines that relate directly to security issues, such

as rpc_binding_set_auth_info().

These security chapters, however, contains conceptual information that is useful for

understanding the authentication and authorization protocols that authenticated RPC

routines use; for this information, we recommend that you read Chapters 23 and 24, as

well as this one.

22.3 About the GSSAPI

The GSS provides an alternate way of providing DCE security to distributed applications

that handle network communications by themselves. With GSSAPI, you can include

established applications in DCE and ensure the security and integrity of the applications

and their data. In peer-to-peer communications, the application that establishes the

secure connection is the context initiator or simply initiator. The context initiator is like

a DCE RPC client. The application that accepts the secure connection is the context

acceptor or simply acceptor. The context acceptor is like a DCE RPC server.

The GSS available with DCE includes two sets of routines:

• Standard GSSAPI routines, which are deﬁned in the Internet RFC 1509 ‘‘Generic

Security Service API: C-bindings.’’ These routines have the preﬁx gss_.

• OSF DCE extensions to the GSSAPI routines. These are additional routines that

enable an application to use DCE security services. These routines have the preﬁx

gssdce_.

The chapters that follow provide information about how the GSSAPI routines use the

authentication and authorization protocols. Chapter 25 provides information about GSS

credentials, which are used to establish an application’s identity in DCE.

22.4 UNIX System Security and DCE Security

UNIX system security mostly presumes that a computer’s backplane can be trusted

because computing operations are assumed to be local, and because the computer itself

can be physically secured. In a distributed environment, the logical equivalent of the

single system’s backplane is the network itself. Network computing means distributed,

rather than localized, computing operations and, in the case of an open network (which

DCE assumes), little of the network is physically secure. Thus, the nature of distributed

systems poses special security risks, in addition to those posed by nondistributed

systems. Unlike UNIX system security, DCE security is designed speciﬁcally to address

those risks.

These considerations notwithstanding, network security is ultimately dependent on the

security features that are local to the individual computers in the network and, what is

more important, the manner in which those features are used and administered. Since

22 − 2 Tandem Computers Incorporated 124245