Kerberos: A Network Authentication Tool. Seth Orr University of Missouri – St. Louis CS 5780 System Administration. Overview. Introduction History Components Protocol Installation and Configuration Strengths and Weaknesses Conclusions References. Introduction. Security
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
University of Missouri – St. Louis
CS 5780 System Administration
Kerberos provides a means of verifying the identities of principals, (e.g., a workstation user or a network server) on an open (unprotected) network. This is accomplished without relying on authentication by the host operating system, without basing trust on host addresses, without requiring physical security of all the hosts on the network, and under the assumption that packets traveling along the network can be read, modified, and inserted at will. Kerberos performs authentication under these conditions as a trusted third-party authentication service by using conventional cryptography, i.e., shared secret key.
4. Authentication through the AS only has to happen once. This makes the security of Kerberos more convenient.
5. Shared secret keys between clients and services are more efficient than public-keys.
6. Many implementations of Keberos have a large support base and have been put through serious testing.
7. Authenticators, created by clients, can only be used once. This feature prevents the use of stolen authenticators.
Four Scenes. February 1997. Massachusetts Institute of Technology. 1 November 2004 <http://web.mit.edu/kerberos/www/dialogue.html>.
< http://www.oit.duke.edu/~rob/kerberos/kerbasnds.html >.
Computer Networks. September 1994. Information Sciences Institute, USC. 15 November 2004 <http://gost.isi.edu/publications/kerberos-neuman-tso.html>.
Information Sciences Institute, USC. 11 November 2004 <http://www.isi.edu/gost/brian/security/kerberos.html>.