摘要 |
<p>A credential security support provider (Cred SSP) enables any application to securely delegate a user's credentials from the client, via client side Security Support Provider (SSP) software, to a target server, via server side SSP software. The Cred SSP provides a secure solution based in part upon a set of policies. The policies can be for any type of user credentials and the different policies are designed to mitigate a broad range of attacks so that appropriate delegation can occur for given delegation circumstances, network conditions, trust levels, etc. Additionally, only a trusted subsystem, e.g., a trusted subsystem of the Local Security Authority (LSA), has access to the clear text credentials such that neither the calling application of the Cred SSP APIs on the server side nor the calling application of the Cred SSP APIs on the client side have access to clear text credentials.</p> |
申请人 |
MICROSOFT CORPORATION |
发明人 |
LEACH, PAUL J.;FATHALLA, MOHAMED EMAD EL DIN;ILAC, CRISTIAN;PARSONS, JOHN E.;KAMEL, TAREK BUHAA EL-DIN MAHMOUD;HAGIU, COSTIN;MEDVINSKY, GENNADY |