A: Pluggable Authentication Modules (PAM) are an integral part of the authentication mechanism for

the Solaris. PAM provides system administrators with the ability and flexibility to choose any

authentication service available on a system to perform end-user authentication.

By using PAM, applications can perform authentication regardless of what authentication method is

defined by the system administrator for the given client.

PAM enables system administrators to deploy the appropriate authentication mechanism for each

service throughout the network. System administrators can also select one or multiple

authentication technologies without modifying applications or utilities. PAM insulates application

developers from evolutionary improvements to authentication technologies, while at the same time

allowing deployed applications to use those improvements.

PAM employs run-time pluggable modules to provide authentication for system entry services.

E: The Simple Authentication and Security Layer (SASL) is a method for adding authentication support

to connection-based protocols.

Simple Authentication and Security Layer (SASL) is a framework for authentication and data security

in Internet protocols. It decouples authentication mechanisms from application protocols, in theory

allowing any authentication mechanism supported by SASL to be used in any application protocol

that uses SASL. Authentication mechanisms can also support proxy authorization, a facility allowing

one user to assume the identity of another. They can also provide a data security layer offering data

integrity and data confidentiality services. DIGEST-MD5 provides an example of mechanisms which

can provide a data-security layer. Application protocols that support SASL typically also support

Transport Layer Security (TLS) to complement the services offered by SASL.