DCOM Explained
by Rosemary Rock-Evans Digital Press ISBN: 1555582168 Pub Date: 09/01/98 |
Previous | Table of Contents | Next |
Microsoft provides extensive security services through a variety of third-party software. The table below summarizes the support provided.
Function/Mechanism | Windows NT | SSL | CSPs | Kerberos | |
---|---|---|---|---|---|
Authentication | |||||
User/password | YES | YES | NO | YES | |
Digital certificate | YES | YES | YES | NO | |
Smart card | YES | NO | NO | NO | |
Authorization | |||||
ACLs | YES | NO | NO | NO | |
[Digital certs] | NO | NO | NO | NO | |
Confidentiality | |||||
Public key | YES | YES | YES | NO | |
Secret key | NO | YES | YES | NO | |
Integrity checking | Some | YES | YES | NO | |
Nonrepudiation | YES | YES | YES | NO | |
Audit | YES | NO | NO | NO |
But as I have done in every chapter, I will end on a cautionary note. These services are to be found in Windows NT. Although third-party services such as Kerberos and DES are implemented on numerous platforms, they are only part of the picture. This means that DCOM on other platforms will not enjoy the same level of support as DCOM on Windows NT, and as we saw in the chapter on DCOM on other platforms, the main problems lie in the area of authorizationa serious problem if it cannot be supported. Be prepared to have to supplement DCOM on other platforms with third-party products to fill the holes, and also be prepared to have to do some juggling around to enable different ACLs to work ne another.
Previous | Table of Contents | Next |