logging in or signing up Kerberos ankit3990 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 67 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: July 14, 2011 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Kerberos : Kerberos Abhishek YagnikAnkit Agarwal What is Kerberos? : What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open source or in supported commercial software Why Kerberos? : Why Kerberos? Sending usernames and passwords in the clear text possess threat to the security of the network. Each time a password is sent in the clear, there is a chance for interception. Firewall vs. Kerberos? : Firewall vs. Kerberos? Firewalls make a risky assumption: that attackers are coming from the outside. In reality, attacks frequently come from within. Kerberos assumes that network connections (rather than servers and work stations) are the weak link in network security. Design Requirements : Design Requirements Interactions between hosts and clients should be encrypted. Must be convenient for users (or they won’t use it). Protect against intercepted credentials. Cryptography Approach : Cryptography Approach Private Key: Each party uses the same secret key to encode and decode messages. Uses a trusted third party which can vouch for the identity of both parties in a transaction. Security of third party is imperative. How does Kerberos work? : How does Kerberos work? Instead of client sending password to application server: Request Ticket from authentication server Ticket and encrypted request sent to application server How to request tickets without repeatedly sending credentials? Ticket granting ticket (TGT) How does Kerberos work?: Authentication Exchange : How does Kerberos work?: Authentication Exchange How does Kerberos Work?: The Ticket Granting Service : How does Kerberos Work?: The Ticket Granting Service How does Kerberos work?: Client/Server Exchange : How does Kerberos work?: Client/Server Exchange Slide 11: How does Kerberos work?: Secure Communication Weaknesses and Solutions : Weaknesses and Solutions Applications : Applications Authentication Authorization Confidentiality Within networks and small sets of networks Questions? : Questions? You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Kerberos ankit3990 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 67 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: July 14, 2011 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Kerberos : Kerberos Abhishek YagnikAnkit Agarwal What is Kerberos? : What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open source or in supported commercial software Why Kerberos? : Why Kerberos? Sending usernames and passwords in the clear text possess threat to the security of the network. Each time a password is sent in the clear, there is a chance for interception. Firewall vs. Kerberos? : Firewall vs. Kerberos? Firewalls make a risky assumption: that attackers are coming from the outside. In reality, attacks frequently come from within. Kerberos assumes that network connections (rather than servers and work stations) are the weak link in network security. Design Requirements : Design Requirements Interactions between hosts and clients should be encrypted. Must be convenient for users (or they won’t use it). Protect against intercepted credentials. Cryptography Approach : Cryptography Approach Private Key: Each party uses the same secret key to encode and decode messages. Uses a trusted third party which can vouch for the identity of both parties in a transaction. Security of third party is imperative. How does Kerberos work? : How does Kerberos work? Instead of client sending password to application server: Request Ticket from authentication server Ticket and encrypted request sent to application server How to request tickets without repeatedly sending credentials? Ticket granting ticket (TGT) How does Kerberos work?: Authentication Exchange : How does Kerberos work?: Authentication Exchange How does Kerberos Work?: The Ticket Granting Service : How does Kerberos Work?: The Ticket Granting Service How does Kerberos work?: Client/Server Exchange : How does Kerberos work?: Client/Server Exchange Slide 11: How does Kerberos work?: Secure Communication Weaknesses and Solutions : Weaknesses and Solutions Applications : Applications Authentication Authorization Confidentiality Within networks and small sets of networks Questions? : Questions?