Network Security - PowerPoint PPT Presentation

About This Presentation
Title:

Network Security

Description:

Network Security Kerberos INTRODUCTION Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server ... – PowerPoint PPT presentation

Number of Views:201
Avg rating:3.0/5.0
Slides: 16
Provided by: hari60
Category:

less

Transcript and Presenter's Notes

Title: Network Security


1
Network Security Kerberos
2
INTRODUCTION
  • Kerberos is a network authentication protocol. It
    is designed to provide strong authentication for
    client/server applications by using secret-key
    cryptography.
  • Authentication is the process of verifying
    whether the client is genuine or not. It is
    widely used in Internet to prevent corruption of
    files and to provide safe networking

3
encrypted database.
The Kerberos keeps a database of its clients
and their private keys. The private key is a
large number known only to Kerberos and the
client it belongs to. In the case that the client
is a user, it is an encrypted password.

4
FOCUS IN DEPTH
  • KERBEROS
  • Kerberos is a trusted third-party authentication
    service. It is trusted in the sense that each of
    its clients believes Kerberos judgment as to the
    identity of each of its other clients to be
    accurate.
  • Timestamps have been added to make the
    authentication and detection of replay.
  • Replay is something that occurs when a message is
    stolen from the network and resent later.

5
CREDENTIALS
  • There are two types of credentials used in the
    Kerberos authentication model tickets and
    authenticators.
  • The ticket is used to securely pass the identity
    of the person to the end server.
  • When single server and single client are
    involved, the ticket contains the name of the
    server, the name of the client, the internet
    address of the client, timestamp, lifetime and a
    random session key.
  • This information is actually encrypted using the
    key of the server. After the ticket is issued,
    the client may use it many times to gain access
    to the server until the ticket is expired.
  • The ticket is actually encrypted by the end
    server.
  • So it is safe for the client to pass it on to the
    server

6
KERBEROS SOFTWARE COMPONENTS
  • DATA ENCRYPTION AND DECRYPTION
  • In Kerberos the encryption is based on the Data
    Encryption Standard (DES).
  • Several encryption methods are provided with
    balance between speed and security.
  • It is responsible to change the data to cipher
    text and is an independent module

7
DATABASE MANAGEMENT SYSTEM
  • WS Work station
  • It has a record for each principal containing the
    name, private key, expiration date of the
    principal and additional information for that
    principal.
  • Sensitive information like passwords should be
    handled carefully using high security measures.

8
ADMINISTRATIVE DATABASE This takes care of the
administrative requests from the user. The user
may wish to change his password. Or there may be
a new principal. This cannot be done in slave
machines. This will be done in the administrative
module maintained by the master.
9
THE WORKING OF KERBEROS
  • Kerberos maintains a database of its clients and
    their corresponding private key. The private key
    is known only to the Kerberos and the client.
  • If the client is a user then the private key will
    be an encrypted password.
  • Since the private key is known only to the
    Kerberos, it convinces its clients that the
    message is truly from the other

10
  • Authentication on the sender.
  • Authentication for all incoming messages.
  • Creating private message
  • i.e., encrypting the message.

11
APPLICATION OF KERBEROS IN WINDOWS 2000
  • Windows 2000 will have a Kerberos client
    installed with extensions that permit initial
    authentication using public key certificates.
  • The windows 2000 implementation of Kerberos (MIT
    KERBEROS V5) encryption based on RC-4 algorithm
    and using a MD5 HMAC.
  • This is of 128 bit key length and provides an
    alternative to the existing DES (Data Encryption
    Standard) based encryption

12
OUR VIEW ON ENHANCING KERBEROS
  • The conversion of the data to cipher text
    involves data encryption module.
  • We presume that the conversion should follow
    different and complicated techniques thereby
    making it difficult for the hackers to work on
    it.
  • The password generated should be highly random
    and non-sequential.
  • So that it is highly securitized.

13
CONCLUSION
  • Network security is a vast ocean and only a drop
    of it has been dealt with. Security is not a
    static thing it is a continually evolving
    process.
  • To obtain true security, constant vigilance is to
    be maintained. Kerberos can keep network
    resources from being exploited by hackers.
  • Kerberos represents a big advance in network
    authentication techniques, and continues to be
    the most widely used single-sign on system. .
    Passwords remain the Achilles heal for Kerberos
    users.

14
NO QUERIES
15
THANK YOU
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Network Security " is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!