Overview

Authentication Process

 

The figure shown below depicts the components of the secure

 

environment and the Kerberos protocol. Also, given below is a step-wise

 

procedure of how a client and server authenticate each other using

 

Kerberos. The step numbers match with the numbered arrows in the

 

figure below.

Figure 1-1

Authentication Process

Step

1.

The user begins to use a Kerberos-secured application by entering the

 

 

user principal name and password. Optionally, the user can request for

 

 

specific ticket flags and specify the key type to be used to construct the

 

 

secret key. The user can also accept the default, configured for the client.

Step

2.

The Key Distribution Center (KDC) transforms the password into the

 

 

user’s secret key and uses it to construct a message, which it sends to the

 

 

Authentication Service (AS), requesting a TGT for the user. The AS is

 

 

the component of the Kerberos Server that grants initial tickets.

28

Chapter 1

Page 28
Image 28
HP UX Kerberos Data Security Software manual Authentication Process, Step