Поделиться через


Security Catalog Items (Windows Embedded CE 6.0)

1/6/2010

The following table shows the Catalog items under the Security node and the associated Sysgen variable with a description of the purpose of each.

Catalog Item Sysgen variable Description

Authentication Services (SSPI)

SYSGEN_AUTH

This catalog item includes support for a programming interface for user authentication, and message protection. Available authentication providers include NTLM, Kerberos, and Secure Sockets Layer (SSL). Each provider contains different authentication and cryptographic schemes.

Available in both headless and display-based devices.

For more information, see Authentication Services.

Kerberos

SYSGEN_AUTH_KERBEROS

This catalog item includes support for the Kerberos authentication protocol.

Available in both headless and display-based devices.

For more information, see Kerberos Security Support Provider

NTLM

SYSGEN_AUTH_NTLM

This catalog item includes support for the NTLM challenge/response authentication protocol.

Available in both headless and display-based devices.

For more information, see NTLM Security Support Provider

Schannel (SSL/TLS)

SYSGEN_AUTH_SCHANNEL

This catalog item includes support for the Schannel protocol that uses SSL 2, SSL 3, and Transport Layer Security (TLS/SSL 3.1) public key-based protocols for an increased level of secure authentication and encryption.

Available in both headless and display-based devices.

For more information, see Schannel Security Support Provider.

Credential Manager

SYSGEN_CREDMAN

This catalog item includes a service for caching credentials, and enabling the sharing of common credentials.

For more information, see Credential Manager.

Cryptography Services (CryptoAPI 1.0) with High Encryption Provider

SYSGEN_CRYPTO

This catalog item includes a set of cryptographic services that provide basic cryptography support for hashing, encrypting, and decrypting data.

Available in both headless and display-based devices.

For more information, see Cryptography.

Certificates (CryptoAPI 2.0)

SYSGEN_CERTS

This catalog item includes a superset of CryptoAPI 1.0 that manages X.509 digital certificates.

Available in both headless and display-based devices.

For more information, see Certificates.

Cryptographic Messaging (PKCS#7)

SYSGEN_CRYPTMSG

This catalog item includes support for Cryptography message APIs that work directly with PKCS #7 messages by encoding and decoding the PKCS #7 data, and also decrypt and verify the signatures of received messages.

For more information, see Cryptography Functions.

Personal Information Exchange Standard (PKCS #12)

SYSGEN_CERTS_PFX

This catalog item includes support for the Personal Information Exchange (PFX) functionality which will enable exporting and importing certificates with their associated private keys. The certificates and encrypted private keys are represented in the PKCS#12 format.

For more information, see Certificates Functions.

Diffie-Hellman/DSS Provider

SYSGEN_CRYPTO_DSSDH

This catalog item includes support for hashing, generating Diffie-Hellman (D-H) keys, exchanging D-H keys, and exporting a D-H key.

For more information, see Microsoft DSS and Diffie-Hellman Cryptographic Provider.

Smart Card Encryption Provider

SYSGEN_CRYPTO_SCWCSP

This catalog item includes support for a cryptographic service provider for Windows Powered Smart Cards.

Available in both headless and display-based devices.

For more information, see Smart Card.

Local Authentication Sub-System

SYSGEN_LASS

This catalog item includes support for the Local Authentication subsystem (LASS) infrastructure that will enable application independent user authentication, provide consistent authentication regardless of the mechanism used, and enable policy-based authentication.

For more information, see Local Authentication Subsystem (LASS).

Password Local Authentication Plug-in

SYSGEN_LAP_PASWD

This catalog item includes support for a sample password local authentication plug-in.

For more information, see Local Authentication Subsystem (LASS).

Microsoft Certificate Enrollment Tool Sample

SYSGEN_ENROLL

This catalog item includes support for the Microsoft Certificate Enrollment Tool Sample in the run-time image This code sample illustrates the client role for certificate enrollment. The sample is used to obtain a certificate for a Windows Embedded CE device from a Microsoft Windows 2000 or Windows Server 2003 with Web enrollment support installed.

See Also

Other Resources

Security for Windows Embedded CE
Windows Embedded CE Features