SESAME

LATEST POSTINFOSEC BASICS

6/16/20252 min read

Architecture & Core Components of SESAME

SESAME is a modular security architecture built to support distributed systems with multi-vendor environments:

  • Authentication Server (AS): Verifies user identity via password or smart card (X.509); issues cryptographically secured tokens.

  • Privilege Attribute Server (PAS): Issues Privilege Attribute Certificates (PACs)—digitally signed bundles of user roles and attributes—based on the authentication token.

  • Credential Repository: Houses certificates and private keys, ensuring secure storage and retrieval.

  • Smart Card Infrastructure: Stores private keys on tamper-resistant tokens; supports strong, two-factor authentication.

  • Policy & Directory Services: Uses standards like X.500/X.509 and GSS-API for open, interoperable integration.

  • Secure Communication Layer: Ensures end-to-end encryption, mutual authentication, and integrity with bilateral dialogue keys.

Workflow

  1. Authentication: User presents credentials (password + smart card); AS validates and issues a token.

  2. Authorization: User submits token and requested roles to PAS; PAS returns a PAC bound with a session key.

  3. Service Access: Application server verifies the PAC, extracts attributes, and enforces policies.

  4. Secure Context: Client and server establish secure context using session keys.

  5. Delegation (Optional): PACs authorize scoped and time-limited delegation.

  6. Auditing: Events are logged for non-repudiation and compliance.

Cryptographic and Security Features

  • Hybrid Cryptography: Integrates PKI (public key) with Kerberos-style symmetric key distribution.

  • Signed PACs: Provide immutable assertions of identity and access rights.

  • Dialogue Keys: Unique session keys ensure confidentiality and integrity.

  • Two-Factor Authentication: Combines smart card possession with PIN entry.

  • GSS‑API Compatibility: Facilitates modular integration with applications.

Privilege Attribute Certificates (PACs)

PACs are central to SESAME’s authorization model. They are digitally signed documents that include:

  • Holder identity

  • Issuer and signature

  • Validity period

  • Roles, attributes, and access policies

  • Delegation flags (if applicable)

PAC Lifecycle

  1. The user authenticates and requests access roles.

  2. PAS evaluates the request and issues a PAC.

  3. The PAC is used with service access requests.

  4. The application validates the PAC, enforces policy, and allows or denies access.

PACs enable secure, verifiable delegation and fine-grained access control that goes beyond what typical role-based systems offer.

SESAME vs. Kerberos and Traditional Models

  • Discretionary Access Control (DAC) and Mandatory Access Control (MAC) are rigid and lack scalable delegation.

  • RBAC improves management but is limited in context sensitivity.

SESAME enhances traditional models by:

  • Supporting both RBAC and ABAC features

  • Allowing dynamic, context-aware policy enforcement

  • Providing strong cryptographic credentials

  • Enabling inter-domain and federated access

Compared to Kerberos:

  • SESAME supports public key infrastructure

  • Introduces PACs for rich authorization metadata

  • Enables secure delegation and inter-domain identity assertion

Integration with GSS‑API

SESAME integrates with the Generic Security Services API (GSS‑API), allowing applications to:

  • Use standardized calls (GSS_Init_sec_context, GSS_Accept_sec_context) for secure session establishment

  • Exchange authentication and PAC tokens transparently

  • Wrap and unwrap messages with confidentiality and integrity

This abstraction lets developers implement security without deep knowledge of SESAME internals.

Applications and Use Cases

CORBA and Distributed Systems

SESAME was used to secure object request brokers (ORBs) like JacORB. Through SECIOP and GSS‑API:

  • Clients and servers authenticated via SESAME

  • PACs enforced role-based access to distributed components

  • Delegation was supported across administrative domains

Enterprise and Government Networks

In large organizations:

  • Smart cards enabled secure access control

  • PACs allowed dynamic role assignment and access governance

  • Delegation allowed workflow continuity without over-privileging

Mobile Agents and Secure Computation

In experimental environments:

  • PACs enabled agents to carry cryptographically bound privileges

  • Hosts enforced policies without trusting the agent itself

  • Delegation allowed for flexible, yet controlled, task distribution

Relevance in Modern IAM

Although SESAME is largely of historical interest today, its innovations influenced:

  • SAML and OAuth’s use of signed tokens

  • Zero Trust architectures’ context-aware policies

  • Attribute-based access control systems

  • Modular middleware security designs

CONTACT

contact@f4tm4n.com

About me

Frameworks

Experiences from People

Stories from Professionals

My Exam Strategies