The Security Support Provider Interface model supports three types of security contexts, summarized in the following table.
| Type | Description |
|---|---|
| Connection | A connection-oriented context is the most common security context, and the simplest to use. The caller is responsible for the overall message format. The caller is responsible for the location of the data in the message. The caller is also responsible for the location of the security-relevant fields within a message, such as the location of the signature data. |
| Datagram | A datagram-oriented context has extra support for DCE style datagram communication. It can also be used generically for a datagram-oriented transport application. |
| Stream | A stream-oriented context is responsible for the blocking and message formatting within the security package. The caller is not interested in formatting, but rather a raw stream of data. |