The authenticated RPC facility provides several levels of protection so that applications can control tradeoffs between security and performance. Following is a summary of some of the protection levels that an application using authenticated RPC may specify:
· Connect level
Performs authentication only when a client and server establish a relationship (or connection)
· Call level
Attaches a verifier to each client call and server response that protects the system-level metadata of every RPC call (but not the application-level data)
· Packet-integrity level
In addition to protecting metadata, ensures the integrity of the application-level data (RPC call and return parameters) transferred between two principals, that is, that none of it has been modified in transit
· Packet-privacy level
In addition to protecting metadata and integrity, encrypts all application-level data, thus guaranteeing its confidentiality
Refer to the discussion of authenticated RPC in Basic RPC Routine Usage and RPC and Other DCE Components for complete information about protection levels.