14-11-2012, 06:13 PM
Case study on Security (KERBEROSE)
KERBEROSE.ppt (Size: 199 KB / Downloads: 24)
Kerberos can be viewed as a security system that assists clients in setting up a secure channel with any server in distributed system.
Security is based on shared secret keys.
There are 2 different components:-
Authentication Server (AS).
Ticket Granting Service (TGS).
Kerberos was developed at M.I.T and is based on the Needham Schroeder authentication protocol.
Two version of Kerberos use version 4 (V4) and version 5 (V5) .
V5 is much more flexible and scalable.
User send a login request and Authentication Server(AS) handle it.
AS authenticates a user and provide a key that can be used to set up a secure channel with servers.
Setting up a Secure channel is handled by a TGS.
TGS hands out a special message, known as ticket.
Ticket used to convince a server that client is really who he or she claims to be.
Alice and Bob example
Alice log onto a distributed server that uses Kerberos. Let us see, how she set up a secure channel with server Bob.
Alice log onto to workstation.
Workstation send her name in plaintext to AS.
AS in return send a session key KA,TGS and a ticket [KAS,TGS (A,KA,TGS )] that she will hand over to TGS.
Ticket will contains the identity of Alice and a secret key (KA,TGS ) with which Alice and TGS will communicate.