Upload
pearl-williams
View
215
Download
0
Embed Size (px)
Citation preview
The Design and Implementation of
a tutorial to illustrate theKerberos protocol
Presenter : Lindy Carter
Supervisors : Peter Wentworth
John Ebden
Kerberos - Some Background…
Trusted third party network authentication protocol.
Implemented in Windows 2000 over the Response Authentication Protocol that Windows NT used.
Uses symmetric key cryptography. Contains 3 “separate” parts –
Authentication Server, Ticket Granting Service and the server.
Background cont…
Central security server shares keys with each controlled resource.
Makes use of authentication tickets that are granted to users.
Both client and server can be authenticated.
The Problem
Difficult to understand and demonstrate.
The aim
Build a web based tutorial which will teach the Kerberos protocol in an effective way.
Tutorial must be able to be extended to cater for other protocols with only slight modification – most security protocols have similar features.– Locks and keys– Message passing
Design Considerations and Implementation Issues
Read up on Kerberos and understand the protocol thoroughly – Read up on other security protocols and try to relate
them to Kerberos.
Examine existing tutorials and see what teaching methods are used.
Consider FAQ’s to try and understand where the problems lie– an indication of what areas to concentrate on
• e.g. why do the system clocks need to be synchronized
Design Considerations and Implementation issues cont Decide on a metaphor on which a physical
model can be based.– Must take into account the other protocols– Final product to be based on the model
Identify how student can be involved in learning process
Build the physical model Implement using Java
The Output
Physical model. Web based tutorial. Some sort of generic platform on which
other authentication protocol tutorials can be based.
Possible extensions
The implementation of tutorials for other authentication protocols
Other generic platforms to build tutorials for other types of protocols
????Questions
?????