Kerberos provides a centralize authentication server whose function is to authenticate users to servers and servers to users. In Kerberos Authentication server and database is used for client authentication. Kerberos run as a third-party trusted server known as the Key Distribution Center (KDC). Each user and service on the network is a principal.
The main components of Kerberos are:
- Authentication Server (AS):
The Authentication Server performs the initial authentication and ticket for Ticket Granting Service.
The Authentication Server verifies access rightd of users in database.
- Ticket Granting Server (TGS):
The Ticket Granting Server issues the ticket for the Server
User logon and request services on host. Thus user request for ticket-granting-service.
Authentication Server verifies user’s access right using database and then gives ticket-granting-ticket and session key. Results are encrypted using Password of user.
Decryption of message is done using the password then send the ticket to Ticket Granting Server. The Ticket contain authenticators like user name and network address.
Ticket Granting Server decrypts the ticket send by User and authenticator verifies the request then creates the ticket for requesting services from the Server.
User send the Ticket and Authenticator to the Server.
Server verifies the Ticket and authenticators then generate the access to the service. After this User can access the services.
- Difference between Fixed and Dynamic Channel Allocations
- Difference between Spoofing and Phishing
- Introduction of Botnet in Computer Networks
- Difference between Bandwidth and Throughput
- Difference between EIGRP and OSPF
- OSI, TCP/IP and Hybrid models
- Local Broadcast and Loopback Address
- Internet of Things Based on Compressive Sensing
- Voice Biometric Technique in Network Security
- Hamming code Implementation in Java
- TCP Client-Server Program to Check if a Given String is Palindrome
- Difference between Private and Public IP addresses
- Classful Vs Classless Addressing
- Encryption, Its Algorithms And Its Future
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.