File:Document for Publication-joaosousa2010.pdf
From Navigators
Document_for_Publication-joaosousa2010.pdf (file size: 1.86 MB, MIME type: application/pdf)
Summary
The Kerberos v5 standard specifies how the clients and services of a distributed system may mutually authenticate through the use of a centralized authentication service. If this service fails, by crash or in an arbitrary way (e.g., software bug, hardware problem, intrusion), the clients and services that depend on it are not able to authenticate between themselves. This work presents an authentication and authorization service that complies with RFC 4120 (Kerberos v5), and that uses Byzantine-fault-tolerant state machine replication and secure components to make the service more resilient. These secure components guarantee that clients’ and services’ secret keys are kept private even in the presence of intrusions. During the course of this work it was used the BFT-SMaRt library in order to implement the state machine replication. This work was also dedicated in part to introduce a new functionality in the library, which is a state transfer protocol. The evaluation results show that the proposed service has similar latency and throughput values to the ones of a well known Kerberos implementation, and also show expected values of latency in the state transfer protocol for states different sizes. Finally, as far as we know, this work is the first to present an autententication and authorization service which is intrusion tolerant while still respecting the Kerberos v5 specification.
Licensing
File history
Click on a date/time to view the file as it appeared at that time.
Date/Time | Dimensions | User | Comment | |
---|---|---|---|---|
current | 19:58, 20 January 2013 | (1.86 MB) | Jcs (Talk | contribs) | (The Kerberos v5 standard specifies how the clients and services of a distributed system may mutually authenticate through the use of a centralized authentication service. If this service fails, by crash or in an arbitrary way (e.g., software bug, hardware) |
- Edit this file using an external application (See the setup instructions for more information)
File links
The following page links to this file: