Summary

Microsoft's Security Support Provider Interface provides an interface for integrating Windows NT authentication and security into distributed applications. The SSPI APIs consist of functionality to use security providers in the areas of:

SSPI is designed to support the semantics of connection-oriented transports, as well as datagram and stream transports.

The major feature of SSPI is that applications have a common API to use different security packages, including Windows NTLM authentication, SSL/PCT public key cryptography providers, and expected in the next release of
Windows NT, a Kerberos authentication security provider.

Application developers have the option to call SSPI functions directly to integrate Windows NT security or use higher-level application interfaces based on DCOM, authenticated RPC, or WinSock 2.0. Microsoft continues to support SSPI by developing new security packages based on the interface specification. Microsoft encourages all Win32 application developers to use the integrated security features of SSPI for secure distributed application
development.