[ Team LiB ] [ Team LiB ] 1.2 What Is Kerberos? The full definition of what Kerberos provides is a secure, single-sign-on, trusted, third-party mutual authentication service. What does that mean? Lets break that definition down into its parts and quickly describe each one. Secure Kerberos is secure since it never transmits passwords over the network in the clear. Kerberos is unique in its use of tickets, time-limited cryptographic messages that prove a users identity to a given server without sending passwords over the network or caching passwords on the local users hard disk. Single-sign-on Single-sign-on means that end users only need to log in once to access all network resources that support Kerberos. Once a user has authenticated to Kerberos at the start of her login session, her credentials are transparently passed to every other resource she accesses during the day. Trusted third-party Trusted third-party refers to the fact that Kerberos works through a centralized authentication server that all systems in the network inherently trust. All authentication requests are routed through the centralized Kerberos server. Mutual authentication Mutual authentication ensures that not only is the person behind the keyboard who he claims to be, but also proves that the server he is communicating with is who it claims to be. Mutual authentication protects the confidentiality of sensitive information by ensuring that the service the user is communicating with is genuine. These three concepts describe the basis of the Kerberos network authentication service. Well take a closer look at these concepts and the surrounding terminology in the following chapter. [ Team LiB ] [ Team LiB ]

1.3 Goals

The Kerberos system has several goals. It strives to improve security and convenience at the same time. First is the goal of centralizing authentication into one server or set of servers. The Kerberos system operates through a set of centralized Key Distribution Centers, or KDCs. Each KDC on your network contains a database of usernames and passwords for both users and Kerberos-enabled services. Centralizing this information eases the burden on administrators, as they now only need to maintain this single usernamepassword database. In addition, it provides an advantage to security administrators, who now only have a small set of machines on which usernames and passwords are stored, and can specially harden and protect these machines accordingly. Kerberos provides a secure means of authentication over insecure networks. Instead of sending plain-text passwords over the network in the clear, Kerberos uses encrypted tickets to prove the identity of both end users and network servers. These tickets are generated by the centralized Key Distribution Centers on behalf of users who wish to authenticate to the network. When using Kerberos, user passwords are never sent over the network in the clear. In addition, implementing the other two elements of the three As authorization and auditing—authentication, of course, is the third A are made easier using Kerberos. While Kerberos does not directly provide authorization or auditing services, Kerberos ability to accurately identify both users and services allows programmers and administrators to provide authorization and auditing to further enhance the security of their network. Well talk more about what exactly authorization and auditing are in the next chapter. [ Team LiB ] [ Team LiB ]

1.4 Evolution