kerberos
11 ResultsDictionary
Kerberos
An access control system that was developed at MIT in the 1980s. Turned over to the IETF for standardization in 2003, it was designed to operate in both small companies and large enterprises with...
Dictionary
Definition: Kerberos
An access control system that was developed at MIT in the 1980s. Turned over to the IETF for standardization in 2003, it was designed to operate in both small companies and large enterprises with multiple domains and authentication servers. The Kerberos concept uses a "master ticket" obtained at logon, which is used to obtain additional "service tickets" when a particular resource is required.
Kerberos Checks Passwords Once
When users log in to a Kerberos system, their password is encrypted and sent to the authentication service in the Key Distribution Center (KDC). If successfully authenticated, the KDC creates a master ticket that is sent back to the user's machine. Each time the user wants access to a service, the master ticket is presented to the KDC in order to obtain a service ticket for that service. The master-service ticket method keeps the password more secure by sending it only once at logon. From then on, service tickets are used, which function like session keys.
From the Greeks
The name comes from Greek mythology in which a three-headed dog guards the gates to Hades (Hades is the home of the dead beneath the earth, otherwise known as hell).
It's About Tickets
After users are authenticated, they are granted a master ticket that is used to obtain service tickets. Service tickets act like session keys in other security systems.
THIS DEFINITION IS FOR PERSONAL USE ONLY
All other reproduction is strictly prohibited without permission from the publisher.
© 1981-2010 The Computer Language Company Inc. All rights reserved.
Sponsored White Papers, Webcasts & Resources
-
Optimizing Your Virtual Platform Without Messing it Up
Read this white paper to learn how to come up with a virtualization strategy that optimizes your network while avoiding costly pitfalls. Read it now to learn more.
-
Universities foster the next big tech innovation through open source
The next big breakthrough in technology may not come from their own development teams, but from groups of students and educators collaborating through the Internet.
-
Dan Geer leaves Verdasys for In-Q-Tel
Dan Geer, a risk-management pioneer who is often described as "the dean of the security deep-thinkers' set," has left Verdasys to join In-Q-Tel as chief information security officer. Geer (left)...
-
Security flaw hits Windows, Mac, Linux
CERT warns of a bug in widely-used communications software could let attackers gain control of computers and authentication systems.
-
Microsoft takes trustworthy tack on .Net
To take advantage of Web services, you need to start planning now. Microsoft hopes its new strategy will open the door to federated IDs--and close the door on questionable security.
-
Bridging the gap between Liberty and Microsoft
It appears that we are closer to a solution for single sign-on and identity management. But what if Microsoft chooses not to support Liberty’s specifications?
-
-
Microsoft unveils Web services security plans
New technology called TrustBridge, due next year, will allow businesses to authenticate user identities between companies and applications using Web services standards.
-
Who do you trust?
Members of the recently formed Liberty Alliance are banking on the fact that it's not Microsoft.
-
Single sign-on--harder than it sounds
Single Internet sign-on sounds like a great idea. But the practical technology problems of making it work are nothing to sneeze at.
-
The war over 802.11x security
COMMENTARY--Not long ago, when wireless networking was new and rare, security was an afterthought. The reason? The scarcity of 802.11b cards acted as a form of back-handed security. If no one had...
-
Is the GPL really "user hostile"?
One size does not fit all when it comes to licensing free software.
-
Fatal flaw in BSD?
The Kerberos Affair shows weakness of BSD software license.
Additional Results
-
Universities foster the next big tech innovation through open source
The next big breakthrough in technology may not come from their own development teams, but from groups of students and educators collaborating through the Internet.
-
Dan Geer leaves Verdasys for In-Q-Tel
Dan Geer, a risk-management pioneer who is often described as "the dean of the security deep-thinkers' set," has left Verdasys to join In-Q-Tel as chief information security officer. Geer (left)...
-
Security pros warn of critical flaws in Kerberos
Vulnerabilities in technology widely used for network authentication leave computers open to attack.
-
Security pros warn of critical flaws in Kerberos
Vulnerabilities in technology widely used for network authentication leave computers open to attack.
-
"Critical" Kerberos flaw revealed
The US government warns of a "critical" flaw in MIT Kerberos 5, used for authentication in internal networks of big businesses.
-
Security flaw hits Windows, Mac, Linux
CERT warns of a bug in widely-used communications software could let attackers gain control of computers and authentication systems.
-
Microsoft takes trustworthy tack on .Net
To take advantage of Web services, you need to start planning now. Microsoft hopes its new strategy will open the door to federated IDs--and close the door on questionable security.
-
Bridging the gap between Liberty and Microsoft
It appears that we are closer to a solution for single sign-on and identity management. But what if Microsoft chooses not to support Liberty’s specifications?
-
Microsoft unveils Web services security plans
New technology called TrustBridge, due next year, will allow businesses to authenticate user identities between companies and applications using Web services standards.
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
Facebook Activity
