3.4.1 Abstract Data Model
This section describes a conceptual model of possible data organization that an implementation maintains to participate in this protocol. The described organization is provided to facilitate the explanation of how the protocol behaves. This document does not mandate that implementations adhere to this model as long as their external behavior is consistent with that described in this document.
NTLM session security is provided through the SSPI. Variables are maintained per security context.
The following variables are maintained across the NTLM authentication sequence:
ClientHandle (Public): The handle to a key state structure corresponding to the current state of the ClientSealingKey.
ServerHandle (Public): The handle to a key state structure corresponding to the current state of the ServerSealingKey.
The following define the services provided by the NTLM SSP.
Note The following variables are logical, abstract parameters that an implementation has to maintain and expose to provide the proper level of service. How these variables are maintained and exposed is up to the implementation.
Integrity: Indicates that the caller wishes to construct signed messages so that they cannot be tampered with while in transit. If the client requests integrity, then the server MUST respond with integrity if supported or MUST NOT respond with integrity if not supported.
Sequence Detect: Indicates that the caller wishes to construct signed messages such that out-of-order sequences can be detected. For more details, see section 3.4.2.
Confidentiality: Indicates that the caller wishes to encrypt messages such that they cannot be read while in transit. If the client requests confidentiality, then the server MUST respond with confidentiality if supported or MUST NOT respond with confidentiality if not supported.
MessageBlockSize: An integer that indicates the minimum size of the input_message for GSS_WrapEx (section 3.4.6). The size of the input_message MUST be a multiple of this value. This value MUST be 1.
Usage of integrity and confidentiality is the responsibility of the application:
If confidentiality is established, then the application MUST call GSS_Wrap() to invoke confidentiality with the NTLM SSP. For more details, see section 3.4.3, Message Confidentiality.
If integrity is established, then the application MUST call GSS_GetMIC() to invoke integrity with the NTLM SSP. For more details, see section 3.4.2.