21-03-2012, 03:03 PM
KERBEROS SERVER
Presentation.ppt (Size: 753.5 KB / Downloads: 46)
Computer Network security needs
Authentication
Who is requesting access
Authorization
What user is allowed to do
Auditing
What has user done
Kerberos addresses all of these needs.
PLAN OF ATTACKERS
ATTACKS:
-- direct attack(dos- denial of services)
-- indrect attack( ddos –distributed denial of services)
ATTACKERS PLAN:
-- end system
-- services(ex. Dns ,mail,ftp)
-- vulnerabilities
-- deleting logs
-- open back door
Authentication
Three ways to prove identity
Something you know
Something you have
Something you are
Kerberos is ‘something you know’, but stronger.
Kerberos
Based on secret key encryption (DES).
Every user has a private key (Kc) that is known to Kerberos (stored in a DB).
Key depends upon user’s password
Kerberos also creates (temporary) session keys that are used for secret communication between a user and a server.