Kerberos


Also found in: Financial, Wikipedia.

Kerberos

(security)
The authentication system of MIT's Project Athena. It is based on symmetric key cryptography. Adopted by OSF as the basis of security for DME.

Kerberos

An access control system that was developed at MIT in the 1980s. Turned over to the IETF for standardization in 2003, it was designed to operate in both small companies and large enterprises with multiple domains and authentication servers. The Kerberos concept uses a "master ticket" obtained at logon, which is used to obtain additional "service tickets" when a particular resource is required.

Kerberos Checks Passwords Once
When users log in to a Kerberos system, their password is encrypted and sent to the authentication service in the Key Distribution Center (KDC). If successfully authenticated, the KDC creates a master ticket that is sent back to the user's machine. Each time the user wants access to a service, the master ticket is presented to the KDC in order to obtain a service ticket for that service. The master-service ticket method keeps the password more secure by sending it only once at logon. From then on, service tickets are used, which function like session keys.

From the Greeks
The name comes from Greek mythology in which a three-headed dog guards the gates to Hades (Hades is the home of the dead beneath the earth, otherwise known as hell).


It's About Tickets
After users are authenticated, they are granted a master ticket that is used to obtain service tickets. Service tickets act like session keys in other security systems.
References in periodicals archive ?
Preview Analysis of Global Network Access Control Market research report Segmented By Deployment Type (On-premises, Cloud), By Authentication Type (802.1X, MAC Based Authentication, Web Based Authentication, Static Port/MAC Configuration, Dynamic Port/MAC Configuration, Kerberos Snooping, Others), By Component Type (Hardware, Software, Services), By Vertical (Banking and Financial Services, Healthcare & Life Sciences, Government, Education, IT & Telecom, Others), & By Region -- https://www.factmr.com/report/4061/network-access-control-market
SSO support for SAML 2.0 and Kerberos as well as integration with LDAP and Active Directory allow CISOs to simplify and secure the user experience across Web, mobile, SFTP, Windows, Mac, and APIs.
in motion integrating with security frameworks such as Kerberos.
It integrates with the Kafka schema registry to support data governance and protects data in motion integrating with security frameworks such as Kerberos.
Kerberos (Neuman, Yu, Hartman, & Raeburn, 2005) utiliza encriptacion para generar el token.
In [13], a number-less credit card Kerberos Cryptographic-based system is presented as a solution to the rising cases of credit card frauds.
- Integration with Microsoft Active Directory, Kerberos and other authentication services;
"APT15 was also observed using Mimikatz to dump credentials and generate Kerberos golden tickets.
Kerberos is a mechanism for authenticating users on a network.
If the network topology allows it, we suggest using solely Kerberos protocol for authenticating domain users.
Security features include - open LDAP, Kerberos, and Active Directory for authentication, Role-based access control for authorization, and encryption of data in motion and rest with SSL, PLS, and AES-256.