-->Dog in Greek mythology guarding gates of hell Software used in a network to establish user’s identity.
-->Uses symmetric key encryption
-->Users/systems are given tickets that can be used to identify themselves to other systems and secret crypto keys are provisioned for secure communications.
-->Three components: Key Distribution Center (KDC), Authentication Service (AS) exchange, and Ticket granting Service (TGS) exchange.
-->Four basic steps:
a. KDC knows secret keys of all clients and servers on network;
b. KDC initially exchanges information with the client and server by using
the secret keys;
c. Kerberos authenticates a client to a requested service on a server
through the TGS, and by issuing temporary symmetric session keys for
communications between the client and KDC, the server and the KDC,
and the client and server; and
d. Communication then takes place between client and server using those
temporary session keys.
No comments:
Post a Comment