Introduction to Seminar Topic on Kerberos Server:
Kerberos is a network authentication protocol based on trusted third party. It provides strong authentication for client and server applications by employing secret-key cryptography. This is useful when nodes are communicating over a non-secure network to prove their identity to one another in a secure manner. When mutual authentication is required between client and server, Kerberos protocol protects messages against eavesdropping and replay attacks.
Kerberos provides authenticated access for users and services on network. Kerberos works on the basis of time-sensitive tickets. Client should be kerberized, means that it can obtain tickets from Kerberos server and negotiate with Kerberos service. All Programs and also services should be made Kerberos-aware. Web browsers, telnet applications, POP email clients and print utilities are few programs and web sites, printers, file servers and pop mail servers are services.
Every user and service has password, and only the owner of the password and Kerberos server know this password, and it must remain confidential.
Client program makes initial request to the Kerberos server, and then it will ask for Kerberos username and password. The client program then sends a ticket request to the Kerberos server, server will respond by sending ticket-granting ticket containing an encrypted password. Now only Kerberos server and client know the password, and only client will be able to decrypt it. The ticket-granting ticket will expire in eight hours after it is issued.
After getting ticket-granting ticket, client can use kerberized programs to request services from Kerberos-aware servers. Even client has an option to encrypt data sent over the network, means the entire transaction between client and Kerberos-aware service will be in unreadable format.
Kerberos has strict time requirements, means involved hosts must be synchronized within configured limits. If hosts are not synchronized then authentication will fail.
Kerberos provides a solution to network security problems and provides tools for authentication and strong cryptography over network to secure information. This requires continuous availability of a central server, if server is down, the clients cannot get tickets to access the service, so log in becomes a problem. so multiple Kerberos servers and fall back authentication mechanism need to be deployed.
Download CSE Latest Seminar Topic on Kerberos Server .