The Windows NT security APIs for network authentication are defined by the Security Support Provider Interface (SSPI) documented in the Win32 SDK. The SSPI interface is based on the Generic Security Service Application Program Interface (GSS-API) and provides similar interface abstraction for security context management.1 Windows NT applications and services use SSPI to isolate application-level protocols from the details of network security protocols. Windows NT supports the SSPI interface to reduce application-level code needed to support multiple authentication protocols. SSPI provides a generic abstraction to support multiple authentication mechanisms based on shared-secret or public-key protocols. Applications using integrated Windows NT security take advantage of the modularity provided by SSPI by calling SSPI routines directory, or by using the higher-level network connection management protocols provided by authenticated RPC or DCOM.
1 "Generic Security Services Application Program Interface", J. Linn, Internet RFC 1508, September, 1993.