OSF DCE Application Development Guide--Core Components
Authentication
Figure 23-4. Client Acquires Privilege-Ticket-Granting Ticket
Legend:
Privilege Service’s secret key
conversation key 1
conversation key 2
conversation key 3
Authentication Service’s secret key
get PTGT
Network interface layer
API layer Security runtime
Registry Service
Authentication Service
Privilege Service
Client Principal Security Server
request ticket to
Privilege service
ID
Seal
PTGT
Seal
PTGT
Seal
RPC
PTGT
Seal
EPAC
EPAC
EPAC
encrypted with Privilege Service’s secret key
encrypted with conversation key 1
encrypted with conversation key 2
encrypted with conversation key 3
encrypted with Authentication Service’s secret key
ticket to
Priv svc
ticket to
Priv svc
request ticket to
Privilege service
ID
124245 Tandem Computers Incorporated 23−15