• data integrity
• data origin authentication

data type, int

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

data type, structured

• Parameter Passing Conventions in PAM
  • Structured Data Types

denial

• Glossary
  • denial of service

development

• Frontmatter
  • Preface
    • The Development of Product Standards

digital

• Glossary
  • digital fingerprint
  • digital signature

disclosure

• Glossary
  • secondary discretionary disclosure

discretionary

• Glossary
  • discretionary access control
  • secondary discretionary disclosure

distinguishing

• Glossary
  • distinguishing identifier

distributed

• XSSO Sign-on Services
  • Models of Primary and Secondary Sign-on
    • Secondary Sign-on
      • Single Sign-on to Distributed Domain
      • Single Sign-on to Remote Distributed Service
• Glossary
  • distributed application

document

• Frontmatter
  • Preface
    • This Document
  • Referenced Documents

domain

• XSSO Sign-on Services
  • Models of Primary and Secondary Sign-on
    • Secondary Sign-on
      • Single Sign-on to Local Application Domain
      • Single Sign-on to Distributed Domain
• XSSO Account Management Services
  • Management of Account Information for Multiple Services
    • Registry of Domain Types
• Glossary
  • platform domain
  • security domain
  • service domain

door

• Glossary
  • trap door

end-user

• Introduction to Single Sign-on
  • Scope of XSSO
    • Out of Scope - End-user Sign-on Interface

entry

• Parameter Passing Conventions in PAM
  • PAM Configuration Entry Constants

event

• Glossary
  • security event manager

example

• Example Header Files

exchange

• Glossary
  • authentication exchange
  • exchange authentication information

files

• Example Header Files

fingerprint

• Glossary
  • digital fingerprint

flags

• Parameter Passing Conventions in PAM
  • Flags
  • PAM Configuration Entry Constants
    • Control Flags

framework

• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-API
      • PAM Framework Layer Functions

frontmatter

• Frontmatter

function

• Glossary
  • system security function

functional

• Introduction to Single Sign-on
  • Scope of XSSO
    • Functional Objectives
• XSSO Account Management Services
  • Scope of XSSO Account Management
    • XBSS Functional Requirements
    • Basic Functional Requirements

functionality

• Glossary
  • trusted functionality

functions

• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-API
      • PAM Framework Layer Functions
      • Authentication Functions
      • Account Management Functions
      • Session Management Functions
      • Password Management Functions
      • Mapping Functions
    • PAM-SPI
      • Authentication Module Functions
      • Account Management Module Functions
      • Session Management Module Functions
      • Password Management Module Functions
      • Mapping Module Functions

glossary

• Glossary

group

• Frontmatter
  • Preface
    • The Open Group
    • Open Group Publications

header

• Example Header Files

horse

• Glossary
  • trojan horse

identification

• Glossary
  • identification

identifier

• Glossary
  • distinguishing identifier

identity

• Glossary
  • authenticated identity

identity-based

• Glossary
  • identity-based security policy

implementation

• XSSO Account Management Services
  • XSSO Account Management Implementation Considerations

in

• Parameter Passing Conventions in PAM

information

• Frontmatter
  • Preface
    • Ordering Information
• Parameter Passing Conventions in PAM
  • Structured Data Types
    • Call Back Information
• XSSO Account Management Services
  • Management of Account Information for Multiple Services
  • XSSO Account Management Implementation Considerations
    • XSSO Management Information Base Initialization
• Glossary
  • access control information
  • administrative security information
  • authentication information (AI)
  • claim authentication information
  • contextual information
  • exchange authentication information
  • operational security information

initialization

• XSSO Account Management Services
  • XSSO Account Management Implementation Considerations
    • XSSO Management Information Base Initialization

initiator

• Glossary
  • authentication initiator
  • initiator

int

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

integrity

• Glossary
  • data integrity
  • integrity

interaction

• Glossary
  • secure interaction policy

interface

• Introduction to Single Sign-on
  • Scope of XSSO
    • Functional Objectives
      • User Sign-on Interface
      • Account Management Interface
    • Out of Scope - End-user Sign-on Interface
    • Out of Scope - Account Administration Interface
• Conformance
  • PAM Application Programming Interface Conformance
  • PAM System Programming Interface Conformance
• PAM - Application Program Interface (API)

internationalization

• Internationalization

issues

• Frontmatter
  • Preface
    • Versions and Issues of Specifications

item_type

• Parameter Passing Conventions in PAM
  • Item_type

key

• Glossary
  • secret key

label

• Glossary
  • security label

layer

• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-API
      • PAM Framework Layer Functions

local

• XSSO Sign-on Services
  • Models of Primary and Secondary Sign-on
    • Secondary Sign-on
      • Single Sign-on to Local Application Domain
      • Single Sign-on to Remote Local Service

management

• Introduction to Single Sign-on
  • Scope of XSSO
    • Functional Objectives
      • Account Management Interface
• XSSO Architecture
  • XSSO Account Management Model
• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-API
      • Account Management Functions
      • Session Management Functions
      • Password Management Functions
    • PAM-SPI
      • Account Management Module Functions
      • Session Management Module Functions
      • Password Management Module Functions
• XSSO Account Management Services
• Scope of XSSO Account Management
• Account Management Authorities
• Management of Account Information for Multiple Services
• XSSO Account Management Implementation Considerations
• XSSO Management Information Base Initialization

manager

• Glossary
  • security event manager

mapping

• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-API
      • Mapping Functions
    • PAM-SPI
      • Mapping Module Functions
• Parameter Passing Conventions in PAM
  • PAM Configuration Entry Constants
    • Module Type
• PAM Configuration Administration
  • Mapping Service Configuration
• XSSO Account Management Services
  • XSSO Account Management Implementation Considerations
    • Mapping of Administrative Authorities to XSSO UAM Agents

masquerade

• Glossary
  • masquerade

mechanism

• Glossary
  • strength of mechanism

messages

• Parameter Passing Conventions in PAM
  • Structured Data Types
    • Messages

method

• Glossary
  • authentication method

model

• XSSO Architecture
  • XSSO Single Sign-on Model
  • XSSO Account Management Model
• XSSO Sign-on Services
  • Models of Primary and Secondary Sign-on

module

• Conformance
  • PAM Module Conformance
• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-SPI
      • Authentication Module Functions
      • Account Management Module Functions
      • Session Management Module Functions
      • Password Management Module Functions
      • Mapping Module Functions
• Parameter Passing Conventions in PAM
  • PAM Configuration Entry Constants
    • Module Type
    • Module Path
• PAM Configuration Administration
  • Module Option Parameters

multiple

• XSSO Account Management Services
  • Management of Account Information for Multiple Services

non-discretionary

• Glossary
  • non-discretionary access control

non-functional

• Introduction to Single Sign-on
  • Scope of XSSO
    • Non-functional Objectives

objectives

• Introduction to Single Sign-on
  • Scope of XSSO
    • Functional Objectives
    • Non-functional Objectives
    • Security Objectives

off-line

• Glossary
  • off-line authentication certificate

on-line

• Glossary
  • on-line authentication certificate

opaque

• Parameter Passing Conventions in PAM
  • Structured Data Types
    • Opaque Data Types

open

• Frontmatter
  • Preface
    • The Open Group
    • Open Group Publications

operational

• Glossary
  • operational security information

option

• Parameter Passing Conventions in PAM
  • PAM Configuration Entry Constants
    • Options
• PAM Configuration Administration
  • Module Option Parameters
  • Additional PAM Options

ordering

• Frontmatter
  • Preface
    • Ordering Information

organizational

• Glossary
  • organizational security policy

origin

• Glossary
  • data origin authentication

out

• Introduction to Single Sign-on
  • Scope of XSSO
    • Out of Scope - End-user Sign-on Interface
    • Out of Scope - Account Administration Interface

overview

• XSSO Sign-on Services
  • PAM Service Overview

PAM

• Conformance
  • PAM Application Programming Interface Conformance
  • PAM System Programming Interface Conformance
  • PAM Module Conformance
• XSSO Sign-on Services
  • PAM Service Overview
  • PAM-API
    • PAM Framework Layer Functions
  • PAM Configuration

• PAM Status Codes

PAM Configuration Administration

• PAM Configuration Administration

PAM Header Files

• Example Header Files

PAM, status code

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM-API

• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-API

PAM-SPI

• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-SPI

PAM_ABORT

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_ACCT_EXPIRED

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_ACCT_EXPIRED, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE

pam_acct_mgmt

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()

PAM_APPL.H

• Example Header Files
  • PAM_APPL.H

PAM_AUTH_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_AUTH_ERR, in

• PAM - Application Program Interface (API)
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE

pam_authenticate

• PAM - Application Program Interface (API)
  • pam_authenticate()

pam_authenticate_secondary

• PAM - Application Program Interface (API)
  • pam_authenticate_secondary()

PAM_AUTHINFO_UNAVAIL

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_AUTHINFO_UNAVAIL, in

• PAM - Application Program Interface (API)
  • pam_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE

PAM_AUTHTOK

• Parameter Passing Conventions in PAM
  • Item_type

PAM_AUTHTOK_DISABLE_AGING

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_AUTHTOK_DISABLE_AGING, in

• PAM - Application Program Interface (API)
  • pam_chauthtok()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE

PAM_AUTHTOK_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_AUTHTOK_ERR, in

• PAM - Application Program Interface (API)
  • pam_chauthtok()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE

PAM_AUTHTOK_EXPIRED

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_AUTHTOK_EXPIRED, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE

PAM_AUTHTOK_LOCK_BUSY

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_AUTHTOK_LOCK_BUSY, in

• PAM - Application Program Interface (API)
  • pam_chauthtok()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE

PAM_AUTHTOK_RECOVERY_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_AUTHTOK_RECOVERY_ERR, in

• PAM - Application Program Interface (API)
  • pam_chauthtok()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE

PAM_BUF_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_BUF_ERR in

• PAM - Application Program Interface (API)
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE

PAM_BUF_ERR, in

• PAM - Application Program Interface (API)
  • pam_get_data
    • RETURN VALUE
  • pam_sm_close_session()
    • RETURN VALUE

PAM_BUF_ERR, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_chauthtok()
    • RETURN VALUE
  • pam_close_session()
    • RETURN VALUE
  • pam_end
    • RETURN VALUE
  • pam_get_item
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_get_user
    • RETURN VALUE
  • pam_open_session()
    • RETURN VALUE
  • pam_putenv
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_data
    • RETURN VALUE
  • pam_set_item
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_open_session()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE
  • pam_start
    • RETURN VALUE

PAM_CHANGE_EXPIRED_AUTHTOK

• Parameter Passing Conventions in PAM
  • Flags

pam_chauthtok

• PAM - Application Program Interface (API)
  • pam_chauthtok()

pam_close_session

• PAM - Application Program Interface (API)
  • pam_close_session()

PAM_CONV

• Parameter Passing Conventions in PAM
  • Item_type

PAM_CONV_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_CONV_ERR in

• PAM - Application Program Interface (API)
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE

PAM_CONV_ERR, in

• PAM - Application Program Interface (API)
  • pam_open_session()
    • RETURN VALUE

PAM_CONV_ERR, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_chauthtok()
    • RETURN VALUE
  • pam_close_session()
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_get_user
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE
  • pam_sm_close_session()
    • RETURN VALUE
  • pam_sm_open_session()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE

PAM_CONV_ERR], in

• PAM - Application Program Interface (API)
  • pam_sm_get_mapped_username()
    • RETURN VALUE

PAM_CRED_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_CRED_ERR, in

• PAM - Application Program Interface (API)
  • pam_setcred()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE

PAM_CRED_EXPIRED

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_CRED_EXPIRED, in

• PAM - Application Program Interface (API)
  • pam_setcred()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE

PAM_CRED_INSUFFICIENT

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_CRED_INSUFFICIENT, in

• PAM - Application Program Interface (API)
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE

PAM_CRED_PRELIM_CHECK

• Parameter Passing Conventions in PAM
  • Flags

PAM_CRED_UNAVAIL

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_CRED_UNAVAIL, in

• PAM - Application Program Interface (API)
  • pam_setcred()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE

PAM_DELETE_CRED

• Parameter Passing Conventions in PAM
  • Flags

PAM_DISALLOW_NULL_AUTHTOK

• Parameter Passing Conventions in PAM
  • Flags

PAM_DOMAIN_UNKNOWN

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_DOMAIN_UNKNOWN, in

• PAM - Application Program Interface (API)
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE

pam_end

• PAM - Application Program Interface (API)
  • pam_end

PAM_ERROR_MSG

• Parameter Passing Conventions in PAM
  • Constants

PAM_ESTABLISH_CRED

• Parameter Passing Conventions in PAM
  • Flags

pam_get_data

• PAM - Application Program Interface (API)
  • pam_get_data

pam_get_item

• PAM - Application Program Interface (API)
  • pam_get_item

pam_get_mapped_authtok

• PAM - Application Program Interface (API)
  • pam_get_mapped_authtok()

pam_get_mapped_username

• PAM - Application Program Interface (API)
  • pam_get_mapped_username()

pam_get_user

• PAM - Application Program Interface (API)
  • pam_get_user

pam_getenv

• PAM - Application Program Interface (API)
  • pam_getenv

pam_getenvlist

• PAM - Application Program Interface (API)
  • pam_getenvlist

PAM_IGNORE

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_IGNORE, in

• PAM - Application Program Interface (API)
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE
  • pam_sm_close_session()
    • RETURN VALUE
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_open_session()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE

PAM_MAX_MSG_SIZE

• Parameter Passing Conventions in PAM
  • Constants

PAM_MAX_NUM_MSG

• Parameter Passing Conventions in PAM
  • Constants

PAM_MAX_RESP_SIZE

• Parameter Passing Conventions in PAM
  • Constants

PAM_MAXTRIES

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_MAXTRIES, in

• PAM - Application Program Interface (API)
  • pam_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE

PAM_MODULE.H

• Example Header Files
  • PAM_MODULE.H

PAM_MODULE_UNKNOWN

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_MODULE_UNKNOWN, in

• PAM - Application Program Interface (API)
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE

PAM_NEW_AUTHTOK_REQD

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_NEW_AUTHTOKEN_REQD, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE

PAM_NO_MODULE_DATA

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_NO_MODULE_DATA, in

• PAM - Application Program Interface (API)
  • pam_get_data
    • RETURN VALUE

PAM_OLDAUTHTOK

• Parameter Passing Conventions in PAM
  • Item_type

PAM_OPEN_ERR, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_chauthtok()
    • RETURN VALUE
  • pam_close_session()
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_open_session()
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE

pam_open_session

• PAM - Application Program Interface (API)
  • pam_open_session()

PAM_PERM_DENIED

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_PERM_DENIED, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_chauthtok()
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_open_session()
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE
  • pam_sm_close_session()
    • RETURN VALUE
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_open_session()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE

PAM_PROMPT_ECHO_OFF

• Parameter Passing Conventions in PAM
  • Constants

PAM_PROMPT_ECHO_ON

• Parameter Passing Conventions in PAM
  • Constants

pam_putenv

• PAM - Application Program Interface (API)
  • pam_putenv

PAM_REFRESH_CRED

• Parameter Passing Conventions in PAM
  • Flags

PAM_REINITIALISE_CRED

• Parameter Passing Conventions in PAM
  • Flags

PAM_RHOST

• Parameter Passing Conventions in PAM
  • Item_type

PAM_RUSER

• Parameter Passing Conventions in PAM
  • Item_type

PAM_SERVICE

• Parameter Passing Conventions in PAM
  • Item_type

PAM_SERVICE_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_SERVICE_ERR, in

• PAM - Application Program Interface (API)
  • pam_chauthtok()
    • RETURN VALUE
  • pam_sm_close_session()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE

PAM_SERVICE_ERR, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_close_session()
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_open_session()
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_open_session()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE
  • pam_start
    • RETURN VALUE

PAM_SESSION_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_SESSION_ERR, in

• PAM - Application Program Interface (API)
  • pam_close_session()
    • RETURN VALUE
  • pam_open_session()
    • RETURN VALUE
  • pam_sm_close_session()
    • RETURN VALUE
  • pam_sm_open_session()
    • RETURN VALUE

pam_set_data

• PAM - Application Program Interface (API)
  • pam_set_data

pam_set_item

• PAM - Application Program Interface (API)
  • pam_set_item

pam_set_mapped_authtok

• PAM - Application Program Interface (API)
  • pam_set_mapped_authtok()

pam_set_mapped_username

• PAM - Application Program Interface (API)
  • pam_set_mapped_username()

pam_setcred

• PAM - Application Program Interface (API)
  • pam_setcred()

PAM_SILENT

• Parameter Passing Conventions in PAM
  • Flags

pam_sm_acct_mgmt

• PAM - Application Program Interface (API)
  • pam_sm_acct_mgmt()

pam_sm_authenticate

• PAM - Application Program Interface (API)
  • pam_sm_authenticate()

pam_sm_authenticate_secondary

• PAM - Application Program Interface (API)
  • pam_sm_authenticate_secondary()

pam_sm_chauthtok

• PAM - Application Program Interface (API)
  • pam_sm_chauthtok()

pam_sm_close_session

• PAM - Application Program Interface (API)
  • pam_sm_close_session()

pam_sm_get_mapped_authtok

• PAM - Application Program Interface (API)
  • pam_sm_get_mapped_authtok()

pam_sm_get_mapped_username

• PAM - Application Program Interface (API)
  • pam_sm_get_mapped_username()

pam_sm_open_session

• PAM - Application Program Interface (API)
  • pam_sm_open_session()

pam_sm_set_mapped_authtok

• PAM - Application Program Interface (API)
  • pam_sm_set_mapped_authtok()

pam_sm_set_mapped_username

• PAM - Application Program Interface (API)
  • pam_sm_set_mapped_username()

pam_sm_setcred

• PAM - Application Program Interface (API)
  • pam_sm_setcred

pam_start

• PAM - Application Program Interface (API)
  • pam_start

pam_strerror

• PAM - Application Program Interface (API)
  • pam_strerror()

PAM_SUCCESS

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_SUCCESS, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_chauthtok()
    • RETURN VALUE
  • pam_close_session()
    • RETURN VALUE
  • pam_end
    • RETURN VALUE
  • pam_get_data
    • RETURN VALUE
  • pam_get_item
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_get_user
    • RETURN VALUE
  • pam_open_session()
    • RETURN VALUE
  • pam_putenv
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_data
    • RETURN VALUE
  • pam_set_item
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE
  • pam_sm_close_session()
    • RETURN VALUE
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_open_session()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE
  • pam_start
    • RETURN VALUE

PAM_SYMBOL_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_SYMBOL_ERR, in

• PAM - Application Program Interface (API)
  • pam_get_mapped_username()
    • RETURN VALUE

PAM_SYMBOL_ERR, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_chauthtok()
    • RETURN VALUE
  • pam_close_session()
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_open_session()
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE

PAM_SYMBOL_ERR], in

• PAM - Application Program Interface (API)
  • pam_set_mapped_username()
    • RETURN VALUE

PAM_SYSTEM_ERR

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_SYSTEM_ERR in

• PAM - Application Program Interface (API)
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE

PAM_SYSTEM_ERR, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_chauthtok()
    • RETURN VALUE
  • pam_close_session()
    • RETURN VALUE
  • pam_end
    • RETURN VALUE
  • pam_get_data
    • RETURN VALUE
  • pam_get_item
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_get_user
    • RETURN VALUE
  • pam_open_session()
    • RETURN VALUE
  • pam_putenv
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_data
    • RETURN VALUE
  • pam_set_item
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE
  • pam_sm_close_session()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_open_session()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE
  • pam_start
    • RETURN VALUE

PAM_TEXT_INFO

• Parameter Passing Conventions in PAM
  • Constants

PAM_TRY_AGAIN

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_TRY_AGAIN, in

• PAM - Application Program Interface (API)
  • pam_chauthtok()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE

PAM_TTY

• Parameter Passing Conventions in PAM
  • Item_type

PAM_UPDATE_AUTHTOK

• Parameter Passing Conventions in PAM
  • Flags

PAM_USER

• Parameter Passing Conventions in PAM
  • Item_type

PAM_USER_PROMPT

• Parameter Passing Conventions in PAM
  • Item_type

PAM_USER_UNKNOWN

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

PAM_USER_UNKNOWN, in

• PAM - Application Program Interface (API)
  • pam_acct_mgmt()
    • RETURN VALUE
  • pam_authenticate()
    • RETURN VALUE
  • pam_authenticate_secondary()
    • RETURN VALUE
  • pam_chauthtok()
    • RETURN VALUE
  • pam_get_mapped_authtok()
    • RETURN VALUE
  • pam_get_mapped_username()
    • RETURN VALUE
  • pam_setcred()
    • RETURN VALUE
  • pam_set_mapped_authtok()
    • RETURN VALUE
  • pam_set_mapped_username()
    • RETURN VALUE
  • pam_sm_acct_mgmt()
    • RETURN VALUE
  • pam_sm_authenticate()
    • RETURN VALUE
  • pam_sm_authenticate_secondary()
    • RETURN VALUE
  • pam_sm_chauthtok()
    • RETURN VALUE
  • pam_sm_get_mapped_authtok()
    • RETURN VALUE
  • pam_sm_get_mapped_username()
    • RETURN VALUE
  • pam_sm_set_mapped_authtok()
    • RETURN VALUE
  • pam_sm_set_mapped_username()
    • RETURN VALUE
  • pam_sm_setcred
    • RETURN VALUE

parameter

• Parameter Passing Conventions in PAM

Parameter Passing Conventions in PAM

• Parameter Passing Conventions in PAM

parameters

• PAM Configuration Administration
  • Module Option Parameters

party

• Glossary
  • trusted third party

passing

• Parameter Passing Conventions in PAM

password

• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-API
      • Password Management Functions
    • PAM-SPI
      • Password Management Module Functions
• Parameter Passing Conventions in PAM
  • PAM Configuration Entry Constants
    • Module Type
• Internationalization
  • Passwords
• Glossary
  • password

path

• Parameter Passing Conventions in PAM
  • PAM Configuration Entry Constants
    • Module Path
• Glossary
  • trusted path

peer-entity

• Glossary
  • peer-entity authentication

physical

• Glossary
  • physical security

platform

• Glossary
  • platform domain

policy

• XSSO Account Management Services
  • Scope of XSSO Account Management
    • XBSS Functional Requirements
      • Account-level Policy
      • System-level Policy
• Glossary
  • access control policy
  • authorization policy
  • corporate security policy
  • identity-based security policy
  • organizational security policy
  • policy
  • rule-based security policy
  • secure interaction policy
  • security policy

preface

• Frontmatter
  • Preface

primary

• XSSO Sign-on Services
  • Models of Primary and Secondary Sign-on
  • Primary Sign-on

• primary service

principal

• Glossary
  • principal

privacy

• Glossary
  • privacy

product

• Frontmatter
  • Preface
    • The Development of Product Standards

program

• PAM - Application Program Interface (API)

programming

• Conformance
  • PAM Application Programming Interface Conformance
  • PAM System Programming Interface Conformance

proposed

• Internationalization
  • Proposed Solution

protection

• Glossary
  • quality of protection

publications

• Frontmatter
  • Preface
    • Open Group Publications

quality

• Glossary
  • quality of protection

referenced

• Frontmatter
  • Referenced Documents

registry

• XSSO Account Management Services
  • Management of Account Information for Multiple Services
    • Registry of Domain Types

remote

• XSSO Sign-on Services
  • Models of Primary and Secondary Sign-on
    • Secondary Sign-on
      • Single Sign-on to Remote Local Service
      • Single Sign-on to Remote Distributed Service

repudiation

• Glossary
  • repudiation

requirements

• XSSO Account Management Services
  • Scope of XSSO Account Management
    • XBSS Functional Requirements
    • Basic Functional Requirements

return value

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

rule-based

• Glossary
  • rule-based security policy

scope

• Introduction to Single Sign-on
  • Scope of XSSO
  • Out of Scope - End-user Sign-on Interface
  • Out of Scope - Account Administration Interface

• Scope of XSSO Account Management

seal

• Glossary
  • seal

secondary

• XSSO Sign-on Services
  • Models of Primary and Secondary Sign-on
  • Secondary Sign-on

• secondary discretionary disclosure

secret

• Glossary
  • secret key

secure

• Glossary
  • secure association
  • secure context
  • secure interaction policy

security

• Introduction to Single Sign-on
  • Scope of XSSO
    • Security Objectives
• Glossary
  • administrative security information
  • corporate security policy
  • identity-based security policy
  • operational security information
  • organizational security policy
  • physical security
  • rule-based security policy
  • security architecture
  • security attribute
  • security audit
  • security audit trail
  • security auditor
  • security aware
  • security certificate
  • security domain
  • security event manager
  • security label
  • security policy
  • security service
  • security state
  • security token
  • security unaware
  • system security function

service

• XSSO Sign-on Services
• XSSO Sign-on Service Structure
• PAM Service Overview
• Models of Primary and Secondary Sign-on
  • Secondary Sign-on
    • Single Sign-on to Remote Local Service
    • Single Sign-on to Remote Distributed Service

• PAM Configuration Entry Constants
  • Service Name

• Mapping Service Configuration

• denial of service
• primary service
• security service
• service domain

session

• XSSO Sign-on Services
  • PAM Service Overview
    • PAM-API
      • Session Management Functions
    • PAM-SPI
      • Session Management Module Functions
• Parameter Passing Conventions in PAM
  • PAM Configuration Entry Constants
    • Module Type

sign-on

• Introduction to Single Sign-on
• Scope of XSSO
  • Functional Objectives
    • User Sign-on Interface
  • Out of Scope - End-user Sign-on Interface

• XSSO Single Sign-on Model

signature

• Glossary
  • digital signature
  • signature

single

• Introduction to Single Sign-on
• XSSO Architecture
  • XSSO Single Sign-on Model
• XSSO Sign-on Services
  • Models of Primary and Secondary Sign-on
    • Secondary Sign-on
      • Single Sign-on to Local Application Domain
      • Single Sign-on to Distributed Domain
      • Single Sign-on to Remote Local Service
      • Single Sign-on to Remote Distributed Service
• Internationalization
  • Single System Codesets

smart

• Internationalization
  • Smart Cards

solution

• Internationalization
  • Proposed Solution

specifications

• Frontmatter
  • Preface
    • Versions and Issues of Specifications

SSO introduction

• Introduction to Single Sign-on

standards

• Frontmatter
  • Preface
    • The Development of Product Standards

state

• Glossary
  • security state

status

• Parameter Passing Conventions in PAM
  • Status Values
  • PAM Status Codes

status code

• Parameter Passing Conventions in PAM
  • Status Values
    • PAM Status Codes

status value

• Parameter Passing Conventions in PAM
  • Status Values

strength

• Glossary
  • strength of mechanism

structure

• XSSO Sign-on Services
  • XSSO Sign-on Service Structure

structured

• Parameter Passing Conventions in PAM
  • Structured Data Types

system

• Conformance
  • PAM System Programming Interface Conformance
• Internationalization
  • Single System Codesets
• Glossary
  • system security function

system-level

• XSSO Account Management Services
  • Scope of XSSO Account Management
    • XBSS Functional Requirements
      • System-level Policy

target

• Glossary
  • target

TCB

• Glossary
  • trusted computing base (TCB)

text

• Glossary
  • clear text

third

• Glossary
  • trusted third party

this

• Frontmatter
  • Preface
    • This Document

threat

• Glossary
  • active threat
  • threat

token

• Glossary
  • security token

trademarks

• Frontmatter
  • Trademarks

trail

• Glossary
  • audit trail
  • security audit trail

trap

• Glossary
  • trap door

trojan

• Glossary
  • trojan horse

trust

• Glossary
  • trust

trusted

• Glossary
  • trusted computing base (TCB)
  • trusted functionality
  • trusted path
  • trusted third party

type

• Parameter Passing Conventions in PAM
  • Structured Data Types
  • Opaque Data Types
• PAM Configuration Entry Constants
  • Module Type

• Management of Account Information for Multiple Services
  • Registry of Domain Types

typographical

• Frontmatter
  • Preface
    • Typographical Conventions

UAM

• XSSO Account Management Services
  • XSSO Account Management Implementation Considerations
    • Mapping of Administrative Authorities to XSSO UAM Agents

unaware

• Glossary
  • security unaware

user

• Introduction to Single Sign-on
  • Scope of XSSO
    • Functional Objectives
      • User Sign-on Interface

usernames

• Internationalization
  • Usernames

values

• Parameter Passing Conventions in PAM
  • Status Values

verification

• Glossary
  • verification AI

verifier

• Glossary
  • verifier

versions

• Frontmatter
  • Preface
    • Versions and Issues of Specifications

vulnerability

• Glossary
  • vulnerability

XBSS

• XSSO Account Management Services
  • Scope of XSSO Account Management
    • XBSS Functional Requirements

XSSO

• Introduction to Single Sign-on
  • Scope of XSSO
• Conformance
  • XSSO (Base) Conformance
• XSSO Architecture
• XSSO Single Sign-on Model
• XSSO Account Management Model

XSSO Account Management Services

• XSSO Account Management Services

XSSO Architecture

• XSSO Architecture

XSSO Sign-on Services

• XSSO Sign-on Services