Each of the elements of DCE security makes very different demands on the application. In the case of data protection, the application need only specify a protection level. The RPC runtime takes care of data protection transparently and the guarantees provided are fairly easily understood.
In the case of authentication, clients and servers have to do more work to establish the required state for authentication to take place. The required steps are described in detail in Authentication Model. Once this initialization is taken care of, the RPC runtime provides authentication transparently.
The authorization component of DCE security requires the most work from the application. Essentially, DCE provides applications with a set of mechanisms for access control. These include the following:
· The authenticated identity and privilege attributes (in the form of credentials) of service requesters, provided by the RPC runtime to servers.
· ACLs which servers may associate with objects they control.
· A default mechanism for determining a service requestor's privileges from an ACL and the requestor's credentials.
· Tools for administering ACLs.
Servers that use the DCE ACL-based authorization services must do a fair amount of initialization to create an ACL manager. Each protected operation must then explicitly call the ACL manager to make an authorization decision for each protected operation. A set of ACL management APIs is provided to make these tasks easier, but the work required remains nontrivial. The steps are covered in detail in Authorization.