📄 055-057.html
字号:
<option value="/reference/dir.hardware1.html">Hardware
<option value="/reference/dir.intranetandextranetdevelopment1.html">Intranet Dev
<option value="/reference/dir.middleware.html">Middleware
<option value="/reference/dir.multimediaandgraphicdesign1.html">Multimedia
<option value="/reference/dir.networkservices1.html">Networks
<option value="/reference/dir.operatingsystems.html">OS
<option value="/reference/dir.productivityapplications1.html">Prod Apps
<option value="/reference/dir.programminglanguages.html">Programming
<option value="/reference/dir.security1.html">Security
<!-- <option value="/reference/dir.ewtraining1.html">Training Guides -->
<option value="/reference/dir.userinterfaces.html">UI
<option value="/reference/dir.webservices.html">Web Services
<option value="/reference/dir.webmasterskills1.html">Webmaster
<option value="/reference/dir.y2k1.html">Y2K
<option value="">-----------
<option value="/reference/whatsnew.html">New Titles
<option value="">-----------
<option value="/reference/dir.archive1.html">Free Archive
</SELECT>
</font></td>
</tr>
</table>
</form>
<!-- LEFT NAV SEARCH END -->
</td>
<!-- PUB PARTNERS END -->
<!-- END LEFT NAV -->
<td rowspan="8" align="right" valign="top"><img src="/images/iswbls.gif" width=1 height=400 alt="" border="0"></td>
<td><img src="/images/white.gif" width="5" height="1" alt="" border="0"></td>
<!-- end of ITK left NAV -->
<!-- begin main content -->
<td width="100%" valign="top" align="left">
<!-- END SUB HEADER -->
<!--Begin Content Column -->
<FONT FACE="Arial,Helvetica" SIZE="-1">
To access the contents, click the chapter and section titles.
</FONT>
<P>
<B>Intrusion Detection: Network Security beyond the Firewall</B>
<FONT SIZE="-1">
<BR>
<I>(Publisher: John Wiley & Sons, Inc.)</I>
<BR>
Author(s): Terry Escamilla
<BR>
ISBN: 0471290009
<BR>
Publication Date: 11/01/98
</FONT>
<P>
<form name="Search" method="GET" action="http://search.earthweb.com/search97/search_redir.cgi">
<INPUT TYPE="hidden" NAME="Action" VALUE="Search">
<INPUT TYPE="hidden" NAME="SearchPage" VALUE="http://search.earthweb.com/search97/samples/forms/srchdemo.htm">
<INPUT TYPE="hidden" NAME="Collection" VALUE="ITK">
<INPUT TYPE="hidden" NAME="ResultTemplate" VALUE="itk-full.hts">
<INPUT TYPE="hidden" NAME="ViewTemplate" VALUE="view.hts">
<font face="arial, helvetica" size=2><b>Search this book:</b></font><br>
<INPUT NAME="queryText" size=50 VALUE=""> <input type="submit" name="submitbutton" value="Go!">
<INPUT type=hidden NAME="section_on" VALUE="on">
<INPUT type=hidden NAME="section" VALUE="http://www.itknowledge.com/reference/standard/0471290009/">
</form>
<!-- Empty Reference Subhead -->
<!--ISBN=0471290009//-->
<!--TITLE=Intrusion Detection: Network Security Beyond the Firewall//-->
<!--AUTHOR=Terry Escamilla//-->
<!--PUBLISHER=John Wiley & Sons, Inc.//-->
<!--IMPRINT=Wiley Computer Publishing//-->
<!--CHAPTER=2//-->
<!--PAGES=055-057//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="053-055.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="057-060.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<P>The KDC is further divided into an <I>Authentication Server</I> (AS) and a <I>Ticket Granting Server</I> (TGS). The responsibility of the AS is to authenticate the identity of entities in the network. Secure dialogues in a network are accomplished when the communicating parties share at least one secret that can be used to encrypt and decrypt the information they exchange. The Kerberos TGS is responsible for generating a unique session key to be shared between two parties. The parties then use this session key to encrypt their messages or to guarantee the integrity of messages sent. Both the TGS and the AS are combined into a single server in Kerberos. The distinction between the AS and the TGS is conceptual and based on the role being played by the Kerberos KDC server at any given time. Therefore, the term KDC sometimes will be used to jointly refer to both the AS and the TGS.</P>
<P><FONT SIZE="+1"><B><I>Third-Party Authentication Steps</I></B></FONT></P>
<P>Consider the high-level steps and requirements for authenticated and secure communications between two entities using Kerberos. Assume that <I>X</I> wants to communicate with <I>Y</I> in a network. <I>X</I> and <I>Y</I> could be users, software processes, or workstations. <I>X</I> contacts the KDC with a request for a secure session with <I>Y</I>. Because the KDC knows the secrets for both <I>X</I> and <I>Y</I>, and neither <I>X</I> nor <I>Y</I> knows the other’s secret, the KDC can rely on cryptography to fulfill the request.</P>
<DL>
<DD><B>1.</B> A random session key SK<SUB>x,y</SUB> to be shared by <I>X</I> and <I>Y</I> is generated by the KDC.
<DD><B>2.</B> Several values are combined to form a ticket that is needed to prove <I>X</I>’s identity to <I>Y</I> and to deliver the shared secret securely to <I>Y</I>. The ticket includes SK<SUB>x,y</SUB>, the principal name for <I>X</I>, and some other fields. Finally, the ticket is encrypted by the KDC with <I>K</I><SUB>y</SUB>, the secret key of <I>Y</I>, so that only <I>Y</I> can decrypt the result.
<DD><B>3.</B> SK<SUB>x,y</SUB> and the ticket are encrypted by the KDC with <I>K</I><SUB>x</SUB>, the secret key of <I>X</I>, so that only <I>X</I> can decrypt the result. The encrypted ticket and session key are sent from the KDC back to <I>X</I>. Let the notation { SK<SUB>x,y</SUB>}K<SUB>x</SUB> represent the encryption of the session key with the secret key of <I>X</I> and the converse for <I>Y</I>.
<DD><B>4.</B> The KDC has sent SK<SUB>x,y</SUB> and { SK<SUB>x,y</SUB>}K<SUB>y</SUB> encrypted with <I>K</I><SUB>x</SUB> to <I>X</I>, who decrypts the message to obtain the session key SK<SUB>x,y</SUB>. Using the preceding notation, the message received by <I>X</I> is { SK<SUB>x,y</SUB> and { SK<SUB>x,y</SUB>}K<SUB>y</SUB>}K<SUB>x</SUB>.
<DD><B>5.</B> <I>X</I> sends { SK<SUB>x,y</SUB>}K<SUB>y</SUB> and the rest of the ticket encrypted with K<SUB>y</SUB> to <I>Y</I>, who likewise decrypts this message to obtain the session key. In looking at the contents of the ticket, <I>Y</I> also deduces that this message could have been created only by the KDC, and that <I>X</I> is indeed legitimate. For example, part of the ticket, encrypted with K<SUB>y</SUB>, contains the principal name <I>X</I>. When <I>X</I> sends the ticket to <I>Y</I>, the principal name <I>X</I> also is included as part of the message header. <I>Y</I> compares the value in the header with the decrypted value from the ticket to help verify the identify of <I>X</I>. Again, because the ticket was encrypted by the KDC using K<SUB>y</SUB>, and only the KDC could have known this secret, <I>Y</I> can trust that the identity of <I>X</I> is authenticated by the KDC.
</DL>
<P><I>X</I> and <I>Y</I> now share a secret SK<SUB>x,y</SUB> which can be used for secure communications. <I>Y</I> knows that the session key received in the message from <I>X</I> must be valid because only the KDC, which shares K<SUB>y</SUB> with <I>Y</I>, could have appropriately encrypted the ticket containing the session key. Notice how both <I>X</I> and <I>Y</I> must trust the KDC to authenticate each other. How did the KDC verify the identity of <I>X</I> in the first place?</P>
<P><FONT SIZE="+1"><B><I>Kerberos Login</I></B></FONT></P>
<P>Because the Kerberos KDC acts as an authentication server, it controls its own security domain or model. A user or entity that wants to communicate in the domain of Kerberos must first establish an identity with the Kerberos server. The Kerberos administrator adds names, passwords, and other information for each of the principals in the realm. Only the system administrator of the secure Kerberos server should be allowed to modify these entries. After a user is added as a principal in the database, login to the Kerberos environment is possible.
</P>
<P>Assume that <I>X</I> is a user. The login process begins in the familiar fashion when the user sits down in front of a terminal displaying a login prompt. <I>X</I> enters a username that the login program captures. The login program klogin, in the role of Kerberos client, sends an authentication request containing the username and current timestamp to the KDC. The KDC and the login workstation could be the same system, but it’s more interesting to think of them as different nodes in the network. If the user enters an incorrect username, the KDC responds to klogin with an error.</P>
<P>If the user enters a correct username, the KDC sends to klogin a response message encrypted with K<SUB>x</SUB>, the secret key of <I>X</I>. As you might suspect, K<SUB>x</SUB> is a DES key derived from the user’s password and stored in the KDC database. At this point, the AS component of the KDC has fulfilled its role. That is, the KDC is not involved from this point forward in completing the authentication process. The program klogin assumes responsibility for completing authentication by asking <I>X</I> for a password and then converting the password into a DES key. The result will be equivalent to K<SUB>x</SUB> if <I>X</I> entered the correct password. An attempt is made by klogin to decrypt the message received from the KDC using the hashed value computed from the password. If the decryption is successful, <I>X</I> has been authenticated and can proceed to use the system. Note that the password itself is never sent in the clear over the network to the KDC.</P><P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="053-055.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="057-060.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<!-- all of the reference materials (books) have the footer and subfoot reveresed -->
<!-- reference_subfoot = footer -->
<!-- reference_footer = subfoot -->
<!-- BEGIN SUB FOOTER -->
<br><br>
</TD>
</TR>
</TABLE>
<table width="640" border=0 cellpadding=0 cellspacing=0>
<tr>
<td align="left" width=135><img src="/images/white.gif" width=100 height="1" alt="" border="0"></td>
<!-- END SUB FOOTER -->
<!-- all of the books have the footer and subfoot reveresed -->
<!-- reference_subfoot = footer -->
<!-- reference_footer = subfoot -->
<!-- FOOTER -->
<td width="515" align="left" bgcolor="#FFFFFF">
<font face="arial, helvetica" size="1"><b><a href="/products.html"><font color="#006666">Products</font></a> | <a href="/contactus.html"><font color="#006666">Contact Us</font></a> | <a href="/aboutus.html"><font color="#006666">About Us</font></a> | <a href="http://www.earthweb.com/corporate/privacy.html" target="_blank"><font color="#006666">Privacy</font></a> | <a href="http://www.itmarketer.com/" target="_blank"><font color="#006666">Ad Info</font></a> | <a href="/"><font color="#006666">Home</font></a></b>
<br><br>
Use of this site is subject to certain <a href="/agreement.html">Terms & Conditions</a>, <a href="/copyright.html">Copyright © 1996-1999 EarthWeb Inc.</a><br>
All rights reserved. Reproduction whole or in part in any form or medium without express written permision of EarthWeb is prohibited.</font><p>
</td>
</tr>
</table>
</BODY>
</HTML>
<!-- END FOOTER -->
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -