Problem Statement on the Cross-Realm Operation of Kerberos
نویسندگان
چکیده
This document provides background information regarding large-scale Kerberos deployments in the industrial sector, with the aim of identifying issues in the current Kerberos cross-realm authentication model as defined in RFC 4120. This document describes some examples of actual large-scale industrial systems, and lists requirements and restrictions regarding authentication operations in such environments. It also identifies a number of requirements derived from the industrial automation field. Although they are found in the field of industrial automation, these requirements are general enough and are applicable to the problem of Kerberos cross-realm operations.
منابع مشابه
Engineering Task Force ( IETF ) S . Sakane
This document provides background information regarding large-scale Kerberos deployments in the industrial sector, with the aim of identifying issues in the current Kerberos cross-realm authentication model as defined in RFC 4120. This document describes some examples of actual large-scale industrial systems, and lists requirements and restrictions regarding authentication operations in such en...
متن کاملA Survey of Kerberos V and Public-Key Kerberos Security
Kerberos was initially developed at MIT as a part of Project Athena and in these days it is widely deployed single sign-on protocol that is developed to authenticate clients to multiple networked services. Furthermore, Cross-realm authentication is a useful and interesting component of Kerberos aimed at enabling secure access to services astride organizational boundaries. Also, Kerberos has con...
متن کاملXKDCP: An Inter-KDC Protocol for Dependable Kerberos Cross-Realm Operations
The wide popularity of Kerberos made it the de-facto standard for authentication in enterprise networks. Moreover, the lightweight nature of Kerberos makes it a candidate of choice for securing network communications in emerging non-enterprise information systems such as industrial control networks, building automation and intelligent transportation systems. Many of these potential applications...
متن کاملKerberos Working Group
The draft documents a method for a Kerberos Key Distribution Center (KDC) to respond to client requests for Kerberos tickets when the client does not have detailed configuration information on the realms of users or services. The KDC will handle requests for principals in other realms by returning either a referral error or a cross-realm TGT to another realm on the referral path. The clients wi...
متن کاملRFC 6806 KDC Referrals
This memo documents a method for a Kerberos Key Distribution Center (KDC) to respond to client requests for Kerberos tickets when the client does not have detailed configuration information on the realms of users or services. The KDC will handle requests for principals in other realms by returning either a referral error or a cross-realm Ticket-Granting Ticket (TGT) to another realm on the refe...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- RFC
دوره 5868 شماره
صفحات -
تاریخ انتشار 2010