Joining Security Realms: A Single Login for NetWare and Kerberos

Accommodating disjoint security realms is a challenge for administrators who have to maintain duplicate data sets and for users who need to recall multiple pass phrases, yet joining security realms together can expose one realm to the weaknesses of the other. In this paper, we compare the Kerberos and NetWare security realms, examine methods of joining the two realms under a single login, and propose an attractive single login design. second section lists some known current security lapses in the two security realms, organized by attacks. The third section discusses security lapses that might be caused by single login. The fourth section presents two single login designs. In the last section, we describe our conclusion, and discuss ways to increase the level of security of the single login. 2. Overview of Security Services We assume the reader is familiar with Kerberos and NetWare security realms, and offer the following overview.