论文信息 - Improving Kerberos Security System for Cross-Realm Collaborative Interactions: An Innovative Example of Knowledge Technology for Evolving & Verifiable E-Society

Improving Kerberos Security System for Cross-Realm Collaborative Interactions: An Innovative Example of Knowledge Technology for Evolving & Verifiable E-Society

In this paper, we clarify the role of authentication systems as building blocks for Knowledge Technologies that constitutes the basis of an evolvable and trustworthy e-society. Such frameworks support the trustworthy cross-realm collaboration and user-friendly service provision through proper measures of authentication, privacy, integrity and secrecy of information. We define the requirements that such authentication systems must fulfill. Then, we present Kerberos as a candidate. We overview the basic operations and the cross-realm authentication model of Kerberos. Then we present the XKDCP extension as a solution for scalability and reliability issues in Kerberos cross-realm operations. With the proposed enhancements , we have achieved our goal on selecting an authentication system that matches the requirements for evolvable and verifiable e-society.

Saber Zrelli | Tunç D. Medeni | Yoichi Shinoda | Tolga Medeni

[1] Maria Manuela Cunha,et al. Encyclopedia of Networked and Virtual Organizations , 2007 .

[2] Bohn Stafleu van Loghum,et al. Online … , 2002, LOG IN.

[3] J. Habermas,et al. Knowledge and Human Interests , 1972 .

[4] I. Nonaka,et al. How Japanese Companies Create the Dynamics of Innovation , 1995 .

[5] John T. Kohl,et al. The Kerberos Network Authentication Service (V5 , 2004 .

[6] Morten T. Hansen,et al. What's your strategy for managing knowledge? , 1999, Harvard business review.

[7] Rikard Lindgren,et al. The Evolution of Knowledge Management , 2002 .

[8] Andre Scedrov,et al. Specifying Kerberos 5 cross-realm authentication , 2005, WITS '05.

[9] Saber Zrelli. XKDCP, the Inter-KDC protocol for cross-realm operations in Kerberos. , 2006 .

[10] Allan C. Rubens,et al. Remote Authentication Dial In User Service (RADIUS) , 2000, RFC.

[11] Larry J. Blunk,et al. PPP Extensible Authentication Protocol (EAP) , 1998, RFC.

[12] Paul V. Mockapetris,et al. Domain names: Concepts and facilities , 1983, RFC.