Kerberos: An Authentication Service for Open Network Systems

نویسندگان

  • Jennifer G. Steiner
  • B. Clifford Neuman
  • Jeffrey I. Schiller
چکیده

In an open network computing environment, a workstation cannot be trusted to identify its users correctly to network services. Kerberos provides an alternative approach whereby a trusted third-party authentication service is used to verify users’ identities. This paper gives an overview of the Kerberos authentication model as implemented for MIT’s Project Athena. It describes the protocols used by clients, servers, and Kerberos to achieve authentication. It also describes the management and replication of the database required. The views of Kerberos as seen by the user, programmer, and administrator are described. Finally, the role of Kerberos in the larger Athena picture is given, along with a list of applications that presently use Kerberos for user authentication. We describe the addition of Kerberos authentication to the Sun Network File System as a case study for integrating Kerberos with an existing application.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Kerberos Overview− An Authentication Service for Open Network Systems

What is Kerberos? What Does Kerberos Do? Kerberos Software Components Kerberos Names How Kerberos Works Kerberos Credentials Get the Initial Kerberos Ticket Request a Kerberos Service Get Kerberos Server Tickets The Kerberos Database The KDBM Server The kadmin and kpasswd Programs Kerberos Database Replication Kerberos From the Outside Looking In Kerberos User's Eye View Kerberos From the Progr...

متن کامل

The Kerberos Network Authentication Service (V5)

This document gives an overview and specification of Version 5 of the protocol for the Kerberos network authentication system. Version 4, described elsewhere [1,2], is presently in production use at MIT’s Project Athena, and at other Internet sites. Overview Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, and Zephyr are trademarks of the Massachusetts Institute of Technol...

متن کامل

An Analysis of the Kerberos Authentication System

The first of this project’s two objectives was to review the current level of trustworthiness inherent to MIT’s implementation of the Kerberos authentication standard. The second objective was to consider how various probable abuses could be detected by host-based or network-based Intrusion Detection Systems and demonstrate that Kerberos produces enough auditable information to make intrusion d...

متن کامل

Retrofitting Network Security to Third-Party Applications - The SecureBase Experience

Systems such as Kerberos, designed to provide secure user and service authentication over insecure open networks, continue to gain acceptance in the UNIX world. There are both freely available and commercial products which reduce the vulnerabilities inherent in trusting “traditional” UNIX security in a distributed environment. However, such products generally do not provide similar protection f...

متن کامل

Extending the Kerberos Protocol for Distributed Data as a Service

Whilst much of the research on authentication in peer to peer networks focuses on distributed authentication services, in current military systems the use of a centralized authority, such as the Kerberos ticketing framework predominates. Kerberos v5 is targeted at giving users access to a specific service with the option of delegating credentials to other authenticated nodes to enable them to a...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1988