SEARCH
0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PARTS:
Part 3
Part 4
Part 5
Part 6
Part 7
Part 8
Part 9
Part 10
Part 11
Part 12
Part 13
Part 14
Part 15
Part 16
Part 17
Part 18
Part 19
Part 20
Part 21
Part 22
Prev | Current Page 129 | Next

Vittorio Bertocci, Garrett Serack, Caleb Baker

"Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities"

) Every principal in a realm is
assigned a symmetric key. Such a key is known only by the key
owner itself and by a central service known as the Key
Distribution Center (KDC). The KDC knows the key of every
principal. In a nutshell, the KDC is the authority that is involved
every time a principal needs to authenticate for using another
principal; the currency used in the operation is a security token,
which in Kerberos terms is called a ticket.
We can use once more the help of our friend Alice for understanding,
at least in general terms, how the Kerberos protocol
works. Alice owns an account in our Kerberos realm; she wants
to access service B, also a principal in the same realm.
1. Before everything else, Alice needs to log into the system.
She accomplishes that by sending her credentials to
the authentication service (AS), a component of the
KDC. ???Sending her credentials??? is not actually accurate,
but it should be enough for the purpose of the discussion.
Kerberos is a
widely adopted
technology
Principal, realms,
KDC, and tickets
are the basic entities
and concepts
behind Kerberos
The Babel of Cryptography 73
2. If the AS recognizes Alice as a principal in the realm, it
sends back to her two pieces of data:
 A symmetric key that will work as a session key for
all future communications between Alice and the
KDC.


Pages:
117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141
Beginners Guide to SQL Server Integration Services Using Visual Studio 2005 (page 1) Pro ASP.NET 3.5 Server Controls and AJAX Components (page 24) Practical Reporting with Ruby and Rails (page 286)