Specifying Kerberos over EAP: Towards an integrated network access and Kerberos single sign-on process

A
AINA
2007
21st International Conference on Advanced Networking and Applications (AINA '07)
Abstract - Specifying Kerberos over EAP: Towards an integrated network access and Kerberos single sign-on process

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Saber Zrelli Articles by Yoichi Shinoda

21st International Conference on Advanced Networking and Applications (AINA '07)

Niagara Falls, Ontario, Canada

May 21-May 23

ISBN: 0-7695-2846-5

	ASCII Text	x
	Saber Zrelli, Yoichi Shinoda, "Specifying Kerberos over EAP: Towards an integrated network access and Kerberos single sign-on process," Advanced Information Networking and Applications, International Conference on, pp. 490-497, 21st International Conference on Advanced Networking and Applications (AINA '07), 2007.

	BibTex	x
	@article{ 10.1109/AINA.2007.130, author = {Saber Zrelli and Yoichi Shinoda}, title = {Specifying Kerberos over EAP: Towards an integrated network access and Kerberos single sign-on process}, journal ={Advanced Information Networking and Applications, International Conference on}, volume = {0}, year = {2007}, issn = {1550-445X}, pages = {490-497}, doi = {http://doi.ieeecomputersociety.org/10.1109/AINA.2007.130}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Advanced Information Networking and Applications, International Conference on TI - Specifying Kerberos over EAP: Towards an integrated network access and Kerberos single sign-on process SN - 1550-445X SP490 EP497 A1 - Saber Zrelli, A1 - Yoichi Shinoda, PY - 2007 KW - null VL - 0 JA - Advanced Information Networking and Applications, International Conference on ER -

Saber Zrelli, Japan Advanced Institute of Science and Technology School of Information Science

Yoichi Shinoda, Japan Advanced Institute of Science and Technology School of Information Science

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/AINA.2007.130

Kerberos is a widely deployed authentication system used for authenticating users to various types of applica- tion services in open networks. Network access on the other hand is a service that is generally handled separately using authentication frameworks based on the Extensible Authen- tication Protocol (EAP). The EAP protocol specified by the IETF in RFC3748 is well on its way to becoming an in- dustry standard for network access control. It provides an extensible, link layer agnostic protocol for carrying vari- ous authentication methods. In this paper, we design the integration of the Kerberos protocol as an authentication method in existing EAP-based authentication frameworks. We define the architectural elements and their interactions, then we specify the encapsulation of Kerberos messages in EAP packets. The use of Kerberos as an EAP authentication mechanism allows institutions managing their individuals using a Kerberos system to re-use the same credentials for network access authentication instead of managing a dif- ferent set of credentials such as Unix passwords or public key certificates. Moreover, the proposed framework allows users to sign-on in the network as a consequence of suc- cessful network access authentication, eliminating the need for additional login procedures necessary for accessing ap- plication services.

Citation:

Saber Zrelli, Yoichi Shinoda, "Specifying Kerberos over EAP: Towards an integrated network access and Kerberos single sign-on process," aina, pp.490-497, 21st International Conference on Advanced Networking and Applications (AINA '07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.