[Next]
[Up]
[Previous]
[Contents]
Next: 7.1.2 How does SESAME
Up: 7.1 SESAME
Previous: 7.1 SESAME
Linda Gricius (March, 1998):
SESAME (a Secure European System for Applications in a Multi-vendor Environment)
is a research and development project, partly funded by the European Commission
under its RACE program. It is also the name of the technology that came out
of that project.
SESAME is a construction kit - it is a set of security infrastructure components
for product developers. In a nutshell, SESAME:
- supports single sign-on to the network;
- provides role based distributed access control using digitally signed Privilege
Attribute Certificates, with optional controlled delegation of access rights;
- supports full cryptographic protection of exchanges between users and remote
applications;
- supports multiple domain operation with different security policies;
- can be scaled to operate over very large networks through its use of public
key technology;
- builds on work done in international standards - it is an Open Systems solution;
- uses the widely accepted Generic Security Service API (GSS-API) - the SESAME
user gets mechanism transparency.