Essay about Kerberos

1295 Words Sep 4th, 2008 6 Pages
Kerberos was conceived as a secure network authentication technology at Massachusetts Institute of Technology (MIT), where it continues to evolve. Using encryption as a seal, Kerberos credentials, or tickets, vouch for authenticated users. Because every node on the network exclusively trusts the Kerberos server, users' credentials are valid throughout the network. This way, they theoretically have to log in only once. In addition, Kerberos can provide support for real-time encryption of network communications. This is like keeping the doors in your city locked, but giving authorized citizens a key to every door. (Salowey)
In the Open Systems Interconnect (OSI) model, Kerberos sits above the Network and Transport layers (above TCP/IP),
…show more content…
We found that most Kerberized applications are often incompatible with ticket management utilities or simply didn't work.
DOS clients are provided by MIT, but are limited to a Novell LAN WorkPlace environment. A dedicated user of Kerberos, the University of Michigan has developed fully functional Kerberos clients for both Windows95 and Macintosh, which are available via the Internet. However, we were unable to find Kerberized applications that worked with them. (Rubin)
However, on the commercial side, we did find products like Cisco Systems' (formerly TGV's) TCP/IP Suite 100 that include ticket-management applications and Kerberized IP utilities. Also, QUALCOMM's Eudora E-Mail package includes support for Kerberized Post Office Protocol (POP) sessions, providing users in a Kerberos environment with secure access to their e-mail. However, if you're looking for commercial support, consider DCE, which uses Kerberos as the foundation for its Security Service.
The Kerberos Security Model. Kerberos is an implementation of a security model based on trust. It specifies an algorithm for authenticating users without transmitting passwords across the network in plain text. It provides a facility to distribute secret encryption keys in a secure fashion. Each host on a network trusts none other than the Kerberos server, pushing all security into a central location, which can be guarded more easily.
To use Kerberos, a user first logs in

Related Documents