SATMP(7) SATMP(7)
satmp - Security Attribute Token Mapping Protocol (SATMP)
To improve performance, TSIX attributes in the SAMP header are
represented by 32 bit tokens. The SATMP protocol is used to convert
security attributes in the format native to the local system into tokens
useful to the destination system. The SATMP consists of three types of
exchanges, an initialization handshake, a token mapping exchange, and a
token resolution exchange. A Domain of Translation (DOT) identifies a
set of translation tables a system uses when converting security
attributes between its native format and the network representation
understood in that domain.
During the SATMP handshake, the two systems determine which predefined
Domain of Translation (DOT) they have in common for each required
attribute. The remote host (rhosts) database specifies which attributes
are required of each host, and what defaults may be substituted if the
remote host can't supply a particular attribute. The remote host
database also allows the system to distinguish which hosts it needs to
specify TSIX to, which need only IP Options, and which are unlabeled, and
what level of trust to assign each. If the two hosts trying to
communicate can not agree on a common Domain of Translation (DOT) for
each attribute or supply appropriate defaults (local policy), access is
not permitted.
iflabel(1m), rhost(1m), satmpd(1m), trusted_networking(7), samp(7p),
tsix(7p)
P�P�P�Pa�a�a�ag�g�g�ge�e�e�e 1�1�1�1 [ Back ]
|
