The design of netAuth emphasizes the separation
of authentication, authorization, and cryptographic
mechanisms away from the application.
Architecture of netAuth
The overall architecture is shown in Figure 5.
Applications communicate with each other using
APIs which emphasize process authentication--the one component of netAuth which must be visible to networked
There are two types of communications,
both of which flow over an
IPsec tunnel between the hosts:
The authentication information is managed by two netAuth daemons--netAuthClient and netAuthServer--which perform the public key operations for user authentication
but also enable the process' change-of-ownership.
- the application's protocol (or data, for performing its function) and
- the netAuth authentication information.