Security Support Provider Interface (SSPI) is a component of Windows API that performs security-related operations such as authentication.
The following SSPs are included in Windows: SSPI is a proprietary variant of Generic Security Services Application Program Interface (GSSAPI) with extensions and very Windows-specific data types.
One significant shortcoming of SSPI is its lack of channel bindings, which makes some GSSAPI interoperability impossible.
Another fundamental difference between the IETF-defined GSSAPI and Microsoft's SSPI is the concept of "impersonation".
In the traditional (GSSAPI) model, when a server runs under a service account, it cannot elevate its privileges, and has to perform access control in a client-specific and application-specific fashion.