[an error occurred while processing this directive]

HP OpenVMS Systems Documentation
Content starts here
HP Open Source Security for OpenVMS Volume 3: Kerberos

Chapter 1 Introduction to Kerberos

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

Table of Contents

Kerberos Terminology
Understanding Kerberos
Realms
Security Limitations in Kerberos
Kerberos Components
KDC
Authentication Service
Ticket-Granting Service
The Kerberos Database
Kerberos Utility Programs

Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications by using secret-key cryptography. It was developed at the Massachusetts Institute of Technology as part of Project Athena in the mid-1980s. Project Athena’s mandate was to explore diverse uses of computing and to build the knowledge base needed for longer-term strategic decisions about how computers fit into the MIT curriculum.

Kerberos is the name of the three-headed dog that guarded the gates of Hades in Greek mythology. Cerberus, who many argue should be the name used, is the Latin name for the equivalent entity in Roman mythology.

Until Kerberos V4, this technology was not available to the general public. Prior versions were for only internal Project Athena use. Kerberos V5, the current implementation, is the first commercial-ready release.

The Kerberos protocol uses strong cryptography, so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server have used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity.

OpenVMS provides support for both Kerberos clients and servers, beginning with OpenVMS Version 7.3-1. Kerberos Version 3.0 for OpenVMS is based on MIT Kerberos V5 Release 1.4.1.



Conventions
  		 


Kerberos Terminology