Kerberos: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Howard C. Berkowitz
No edit summary
imported>Sandy Harris
(links to vendors)
Line 1: Line 1:
{{subpages}}
{{subpages}}
[[Kerberos]] is a network authentication system  developed at MIT [http://web.mit.edu/Kerberos/] and used (not without controversy [http://slashdot.org/article.pl?sid=00/05/02/158204]) by all versions of [[Microsoft Windows]] since [[Windows 2000]] [http://technet.microsoft.com/en-us/library/bb742431.aspx]. It is also used by various Unix-based systems. A central trusted server provides "tickets" which allow other machines to authenticate each other. Granting of specific rights, called credentialing, to authenticated machines can be by a separate secure server.
[[Kerberos]] is a network authentication system  developed at MIT [http://web.mit.edu/Kerberos/] and used (not without controversy [http://slashdot.org/article.pl?sid=00/05/02/158204]) by all versions of [[Microsoft Windows]] since [[Windows 2000]] [http://technet.microsoft.com/en-us/library/bb742431.aspx]. It is also used by various Unix-based systems, including [http://www.sun.com/security/kerberos/index.jsp Sun], [http://developer.apple.com/opensource/kerberosintro.html Apple], [https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1417AA HP] and [http://www.ibm.com/developerworks/ibm/library/it-kerbero.html IBM].
 
A central trusted server provides "tickets" which allow other machines to authenticate each other. Granting of specific rights, called credentialing, to authenticated machines can be by a separate secure server.


The Kerberos protocol is specified in RFC 4120. There is an active [http://www.ietf.org/html.charters/krb-wg-charter.html working group] at the [[IETF]] with many more documents. Microsoft's usage is documented in RFC 3244 and RFC 4757.  
The Kerberos protocol is specified in RFC 4120. There is an active [http://www.ietf.org/html.charters/krb-wg-charter.html working group] at the [[IETF]] with many more documents. Microsoft's usage is documented in RFC 3244 and RFC 4757.  


There is a [http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html FAQ]. IBM provide a [http://www.ibm.com/developerworks/ibm/library/it-kerbero.html Kerberos primer].
There is a [http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html FAQ]. IBM provide a [http://www.ibm.com/developerworks/ibm/library/it-kerbero.html Kerberos primer].

Revision as of 07:45, 11 November 2010

This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

Kerberos is a network authentication system developed at MIT [1] and used (not without controversy [2]) by all versions of Microsoft Windows since Windows 2000 [3]. It is also used by various Unix-based systems, including Sun, Apple, HP and IBM.

A central trusted server provides "tickets" which allow other machines to authenticate each other. Granting of specific rights, called credentialing, to authenticated machines can be by a separate secure server.

The Kerberos protocol is specified in RFC 4120. There is an active working group at the IETF with many more documents. Microsoft's usage is documented in RFC 3244 and RFC 4757.

There is a FAQ. IBM provide a Kerberos primer.