All computer networks are prone to access control problems. It is an ongoing challenge to provide access to legitimate users while blocking access from all others. Computer users demand ease of use, while computer custodians strive for tighter controls. Unfortunately, network access is predominantly a perimeter defense. Better controls are sorely needed at the application level. Several technologies made to improve network access controls by implementing a higher-security system that is easier for the user. One of the most common examples is Kerberos, developed by the Massachusetts Institute of Technology.

The Kerberos single sign-on (SSO) system was developed to improve both security and user satisfaction. The name Kerberos refers to the mythical three-headed dog guarding the gates to the underworld. Kerberos provides security when the end points of the network are safe but the transmission path cannot be trusted—for example, when the servers and workstations are trusted but the network is not.

The concept of operation is for the user to log in once to Kerberos. After login, the Kerberos system authenticates the user and grants access to all resources. The process works as follows:

1. The user authenticates to the Kerberos workstation software. Authentication may be a password or a biometric method.
2. The workstation software authenticates to the Kerberos server.
3. Shared encryption keys are used. A network access ticket is created by Kerberos.
4. A Kerberos access ticket is sent to the workstation, signed in the workstation’s shared encryption key. All other network servers receive a similar ticket granting the workstation access to shared servers.
5. The user is automatically signed in to all servers.

The belief is that a user with a strong password and strong encryption will improve overall security. Unfortunately, Kerberos works only with specially modified versions of software designed for use with Kerberos. Merely installing Kerberos will not improve security. There are compatibility problems with different versions of implementation.

Special skills and experience are required to make a Kerberos installation successful. First, a knowledgeable installer will understand how to use separate domains to partition Kerberos access for better security. Second, restoring data from tape backup is quite involved. The Kerberos system must be shut down and the date rolled back to the timestamp of the file being restored. As soon as the file is restored, the time clocks must be rolled forward again with the system resynchronized for the users. Any compromise of the Key Distribution Center (KDC) means that the entire system is compromised and must be shut down. Using Kerberos requires highly experienced system administrators.

To explore in deep about Kerberos, visit this MIT-Kerberos page.

Taken from:
CISA® Study Guide Second Edition (chapter 7) by David L. Cannon
Picture taken by Googling

Related posts:

1. Computer Attacks: Active Attacks (2)
2. Computer Attacks: Passive Attacks
3. Access Control by Network Firewalls
4. Core Principles of Information Security
5. Increasing in Computer Crime/Cybercrime