Kerberos uses electronic tickets to authenticate a user to a server. The ticket is an encrypted message containing the names of the user and server, the user’s network address, a time stamp, and a session key. A ticket is for a single server, a single user, and a certain period of time.
The user can use the ticket to access the server as many times as desired until the ticket expires. The user cannot decrypt the ticket. Nobody listening in on the network can read or modify the ticket as it passes through the network without detection or invalidation.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|