12th Annual Computer Security Applications Conference (ACSAC '96) Design Choices For Symmetric Key Based Inter-Domain Authentication Protocols In Distributed Systems San Diego California December 09-December 13 ISBN: 0-8186-7606-X
Authentication is a key requirement in the establishment of secure interactions between network entities. Several authentication and key establishment protocols have been proposed in recent years. Most of these protocols were designed for an intra-domain environment (i.e. one where the communicating parties reside in a single domain) and then extrapolated to the inter-domain environment. In this paper, the design of inter-domain protocols is investigated. We present the different design choices that need to be carefully considered when designing inter-domain protocols in large distributed systems. We propose three different inter-domain protocols with varying degrees of responsibility placed on the client and the trusted servers. In each case, the assumptions made in the design are explicitly stated. This helps to illustrate the rationale behind the choices made. The proposed protocols use symmetric key systems and are based on Kerberos. The arguments, rationales and designs presented in this paper are also applicable to OSF's Distributed Computing Environment (DCE).
Index Terms:
message authentication; design choices; authentication protocols; distributed systems; secure interactions; key establishment protocols; client responsibility; trusted server responsibility; inter-domain protocols; symmetric key systems; Kerberos; OSF Distributed Computing Environment
Citation:
M. Hitchens, V. Varadharajan, "Design Choices For Symmetric Key Based Inter-Domain Authentication Protocols In Distributed Systems," acsac, pp.105, 12th Annual Computer Security Applications Conference (ACSAC '96), 1996 Usage of this product signifies your acceptance of the Terms of Use. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb