Authentication Security Components

Authentication Security Components (Windows Embedded Standard 2009)

4/23/2012

Authentication is the process of a principal, a user, group, or service, or a device validating its identity to another principal or device. Windows Embedded Standard includes all of the Windows XP Professional authentication security components.

The following tables show some of the authentication security features and the Windows Embedded Standard components that must be added to support them.

The following common binaries apply to all authentication features. These binaries should be added to configurations that require authentication support.

Required components Key binary

Local Security Authority Subsystem (LSASS)

Lsass.exe, Lsasrv.dll

Primitive: Secur32

Secure32.dll

Primitive: Crypt32

Crypt32.dll

Primitive: Cryptdll

Cryptdll.dll

Primitive: Netapi32

Netapi32.dll

Netlogon/NetJoin

Netlogon.dll

Basic Authentication is the native authentication method that is built into HTTP. If this feature is used, HTTP connections can be made using SSL-encrypted links with strong server-side authentication to secure the connection.

Required components Key binary

Win32 API

Advapi32.dll

Digest authentication is a simple challenge-and-response protocol that provides increased security over Basic Authentication.

Required components Key binary

Digest Authentication Security Package

Wdigest.dll

NTLM is the native authentication protocol for Windows NT 4.0, including cross-domain authentication. Included in Windows XP for backward compatibility.

Required components Key binary

Local Security Authority Subsystem (LSASS)

Msv1_0.dll

Kerberos is an industry-standard authentication protocol.

Required components Key binary

Local Security Authority Subsystem (LSASS)

Kerberos.dll

Passport is an online user authentication service that enables secure authentication with a single user account.

Required components Key binary

Wininet Library

Wininet.dll

Credential Manager is a secure storage for password information that allows users to type names and passwords once. Subsequent authorizations are handled by the system.

Required components Key binary

Credential Management User Interface

Credui.dll

Key Manager

Keymgr.dll

Win32 API - Advanced

Advapi32.dll

Secure channel is a multi-level certification authority hierarchy that allows users to use digitally-signed certificates.

Required components Key binary

Local Security Authority Subsystem (LSASS)

Schannel.dll

Cryptographic Network Services

Cryptnet.dll

Smart card is a subsystem that provides access between a Smart Card reader and a Smart Card-aware application.

Required components Key binary

Smart Card Subsystem

Scardsvr.exe, Scardssp.dll

Primitive: Winscard

Winscard.dll

Community Additions

ADD
Show:
© 2016 Microsoft