Kerberos is one of the works of Athena project, a collaboration between MIT, IBM and DEC. Kerberos was designed for supporting autentisasi and encryption of data in a distributed environment through modification of standards of client or server. Some operating system vendors have included Kerberos into their products. MIT itself provides for free many versions of Unix that has been in-Kerberizing. Even for the interests ported to the operating system or client-server software that does not support Kerberos, MIT provides its source-code, also is free. Project Athena Kerberos itself implement in many applications such as NFS, rlogin, email, and system passwords. Secure RPC (Sun Microsystems) also implements the same thing.
There are several things to consider in the implementation of Kerberos. Modification of the client and server software will cause the restriction application options. Unfortunately there are no alternative methods as a substitute for source-code modification (as in a proxy that allows custom user procedure or custom client software). Then, most people also agreed to call: "Kerberos is relatively difficult to implement / manage".
The package offered by systems other autentisasi TIS-FWTK: authentication-server. This server is designed in a modular, flexible mechanism that supports many popular autentisasi as standard reusable password system, S / Key, SecurdID card from Security Dynamics (systems with time-stamps), card-004 Digital Pathways SNK (CR system) and ease of integration new mechanism. Back to the conversation at the beginning of this writing, if our primary interest is how to prepare the 'defense' for non-anonymous inbound service, perhaps the authentication-server is a solution worth considering. Why? How does this system work? Not much space in this paper to load all our discussions about autentisasi, but the cover illustration below will give some idea for your interest in network security, concerning the authentication-server.
No comments:
Post a Comment