Authentication and authorization techniques in distributed systems
暂无分享,去创建一个
The authors consider the following techniques for performing the authentication of user identity and the granting of proper authorization in distributed environments: user login and routing constraints at the network level; special-purpose, challenge-response systems; private key based systems such as Kerberos; and public key based systems with smart cards. They describe and discuss the strengths and weaknesses (i.e., residual vulnerabilities) of each technique and provide guidance with respect to their applicability and deployment.<<ETX>>
[1] B. Clifford Neuman,et al. Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.
[2] David Balenson,et al. An Overview of the Advanced Smartcard Access Control System (ASACS) , 1993 .
[3] Simson L. Garfinkel,et al. Practical UNIX Security , 1991 .
[4] Morrie Gasser,et al. The Digital Distributed System Security Architecture , 1989 .
[5] Dorothy E. Denning,et al. Cryptography and Data Security , 1982 .