How does kerberos authentication works: Authentication applications
November 13, 2016 · 3 mins read
Today we are going to discuss some of the application of the authentications systems. These are the applications of the authentication where the user is identified differentely and various services are provided to the user. Authentication also helps in keeping a seprate user experience for every authencated user and working for each user with different stratergy. First of all we are going to discuss about one of the important authentication application that is widely used in the servers running on windows environment. Yes we are talking about kerberos. Kerberos uses a ticket system where ticket is used to identify the user integrily. Some applications of kerberos include web authentication, signing in into a server and using various services provided by the server. Now while working with kerberos two type of tickets are generated
- Ticket-granting ticket: This ticket identifies the user globally and defferntiate the other users form this specific user
- Service ticket: This ticket allows the user to get a particular service from the server for a particular amount of time.
- Now the part doing the authentication is called authentication server.
- The part providing the tickets are called Ticket granting server.
* The client server( user) authenticate to the authentication server by requesting for the service along with the keys. In the return authentication server gives back Ticket-granting session key and ticket itself which will be used in the next step with the Ticket Grating server. * After this the client server authenticates itself to the Ticket granting server with the stuff that it received in the earlier process. In the result the TGS gives back the items that are required by the client server to get its hands on the services that it wants to explore on the server. * In the final step with the items that it received in the last step and make use of the various services till the expiration is achieved.
- Can work fine on even an insecure network.
- As all the processes are done under the shed of a secret key the attacker cannot attack and make use of the services.
- It is computationally efficient because of the use of symmetric key.
- It is Open-source.
- If the third party doesn’t function properly then the whole system shatters.
- If third party have less security then the data of users is at risk.
- As time stamps are used so everyone involved should have synchronized clocks.
Please share your Feedback:
Did you enjoy reading or think it can be improved? Don’t forget to leave your thoughts in the comments section below! If you liked this article, please share it with your friends, and read a few more!