Kerberos

by Werner Schlicker

What is it:

Kerberos is a network authentication protocol. The protocol is mainly used for authentication purposes on intranets or extranets where the users are known in adavance. The main difference to SSL and digital certificates are that Kerberos needs a trusted third party. That thrusted third party is called a Key Distribution Centre and is a seperate server that holds the private keys for the parties involved. The second difference is that Kerberos has a time-stamp on the ticket. That means that communication between a client and server is restricted to a certain timelimit. This timelimit can be set by the administrator and is normally set to around 8 hours.

What is the outcome of my research:

After having done the research on the Kerberos protocol, I found out that it is the best solution for B2B (Business to Business) transactions. The reason being, if two parties trust each other they can establish very good network security with the help of Kerberos.

Links:

Understanding the Kerberos Protocol http://www.zdnetindia.com/techzone/networking/stories/8723.html

RFC (Request for Comments) 1510 http://www.ietf.org/rfc/rfc1510.txt

Windows 2000 Kerberos authentication White paper http://www.microsoft.com/windows2000/techinfo/howitworks/security/kerberos.asp

Securing E-Business http://www.techguide.com/titles/secebus.shtml