The design of Kerberos has goals in three areas:
authentication, authorization, and accounting. In addition, any function that
benefits from the secure distribution of encryption keys will benefit.
There is much discussion in the security industry of how
particular systems fit into the government-trusted host classification system.
Kerberos by itself does not fit into the trust classifications because it does not
offer a full security environment. It can, however, be used as a component when
building a secure network. Kerberos provides an authentication mechanism and
encryption tools that can be used to implement a secure networking environment.
Authentication
Any user can make a claim to an ID. The authentication
process tests this claim. During basic authentication, the user is asked to
provide a password. During enhanced authentication, the user is asked to use a
piece of hardware (a token) assigned to the legitimate owner of that ID.
Alternatively, the user can be asked to provide biometric
measurements (thumbprints, voiceprints, or retinal scans) to authenticate the
claim to that ID. Kerberos’ goal is to remove authentication from the insecure
workstation to a centralized authentication server. This authentication server
can be physically secured, and can be controlled to ensure its reliability.
This ensures that all users within a Kerberos realm have been authenticated to
the same standard or policy.
Authorization
After a user has been authenticated, the application or
network service can administrate authorization. It looks at the requested
resource or application function and verifies that the owner of the ID has
permission to use the resource or perform the application function. Kerberos’
goal is to provide a trusted authentication of the ID on which a system can
base its authorizations.
Accounting
The goal of accounting is to support quotas charged against
the client (to limit consumption) and/or charges based on consumption. In
addition, accounting audits users’ activities to ensure that responsibility for
an action can be traced to the initiator of the action. Auditing, for example,
can trace the originator of an invoice back to the individual who entered it
into the system. Security of the accounting and auditing system is important.
If an intruder is able to modify accounting and auditing information, it is no
longer possible to ensure that a user is responsible for his/her actions. The
goal of Kerberos is to permit attachment of an integrated, secure, reliable
accounting system.
No comments:
Post a Comment