| 1 |
SESAME uses the widely accepted Generic Security Service API (GSS-API).
|
| 2 |
The user gets mechanism transparency.
|
| 3 |
To access the distributed system, a user first authenticates to an Authentication Server to get a cryptographically protected token used to prove his or her identity.
|
| 4 |
The user then presents the token to a Privilege Attribute Server to obtain a guaranteed set of access rights contained in a Privilege Attribute Certificate (or PAC). The PAC is a specific form of Access Control Certificate that conforms to ECMA and ISO/ITU-T standards.
|
