|Date and Author(s)|
We expect several features from the security management layer. This is especially important with communications originating with the end user, but should be present between all components. The security layer must authenticate the sender/machine on the client side and provide this information in a reliable fashion with the message to the server software. The server will then use the user/host information along with the message content to decide if the requested action is allowed based on access control lists.
Thus we expect the security manager to provide the following services:
Once the message has been created the security manager is called to add an authentication wrapper. This wrapper will include the user and host issuing the command authenticated according to site policy.
On the receiving side the security manager will examine the wrapper and verify its origin. It will then provide the user and host information to the receiver.