1 / 5

Kerberos Authentication for Multi-organization

Kerberos Authentication for Multi-organization. Cross-Realm Kerberos Authentication. User sent request to local Authentication Server Local AS shares cross-realm key to verifier's authentication server(VAS) Local AS sent TGT to client User request a session key with his/her TGT

nuala
Download Presentation

Kerberos Authentication for Multi-organization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Kerberos Authentication for Multi-organization

  2. Cross-Realm Kerberos Authentication • User sent request to local Authentication Server • Local AS shares cross-realm key to verifier's authentication server(VAS) • Local AS sent TGT to client • User request a session key with his/her TGT • VAS Lookup the cross-realm key • The VAS grant client with the session key

  3. Authorization with Kerberos • Kerberos does not itself provide authorization, but V5 Kerberos passes authorization information generated by other services. In this manner, Kerberos can be used as a base for building separate distributed authorization services. (implement in the future)

  4. Authorization structure

More Related