Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Chapter 11. I Hear You Loud and Clear > Countermeasure: Kerberos

    Countermeasure: Kerberos

    Kerberos [STE88, KOH94] is a network authentication protocol designed to provide strong authentication for client/server applications by using secret key cryptography. Kerberos implements both authentication and access authorization by means of capabilities, called tickets, secured with symmetric cryptography. Microsoft has based much of its access control in its enterprise operating systems on Kerberos.

    Kerberos requires two systems, called the authentication server (AS) and the ticket-granting server (TGS), which are both part of the key distribution center (KDC). A user presents an authenticating credential (such as a password) to the authentication server and receives a ticket showing that the user has passed authentication. Obviously, the ticket must prevent the user from modifying or forging one claiming to be a different user, and the ticket must prevent one user from acquiring another user’s ticket to impersonate that user.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial