|  | DataMuseum.dkPresents historical artifacts from the history of: DKUUG/EUUG Conference tapes | 
This is an automatic "excavation" of a thematic subset of
 See our Wiki for more about DKUUG/EUUG Conference tapes Excavated with: AutoArchaeologist - Free & Open Source Software. | 
top - metrics - downloadIndex: T U
    Length: 138543 (0x21d2f)
    Types: TextFile
    Notes: Uncompressed file
└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
    └─⟦7313d0067⟧ »./papers/Kerberos/usenix.PS.Z« 
        └─⟦this⟧ 
%!PS-Adobe-1.0
%%Creator: brahms:steiner (Jennifer Steiner,Jen,E40-318,0169,)
%%Title: stdin (ditroff)
%%CreationDate: Wed Mar 30 18:24:50 1988
%%EndComments
% lib/psdit.pro -- prolog for psdit (ditroff) files
% Copyright (c) 1984, 1985 Adobe Systems Incorporated. All Rights Reserved.
% last edit: shore Sat Nov 23 20:28:03 1985
% RCSID: $Header: psdit.pro,v 2.1 85/11/24 12:19:43 shore Rel $
/$DITroff 140 dict def $DITroff begin
/fontnum 1 def /fontsize 10 def /fontheight 10 def /fontslant 0 def
/xi {0 72 11 mul translate 72 resolution div dup neg scale 0 0 moveto
  /fontnum 1 def /fontsize 10 def /fontheight 10 def /fontslant 0 def F
  /pagesave save def}def
/PB{save /psv exch def currentpoint translate 
  resolution 72 div dup neg scale 0 0 moveto}def
/PE{psv restore}def
/arctoobig 90 def /arctoosmall .05 def
/m1 matrix def /m2 matrix def /m3 matrix def /oldmat matrix def
/tan{dup sin exch cos div}def
/point{resolution 72 div mul}def
/dround	{transform round exch round exch itransform}def
/xT{/devname exch def}def
/xr{/mh exch def /my exch def /resolution exch def}def
/xp{}def
/xs{docsave restore end}def
/xt{}def
/xf{/fontname exch def /slotno exch def fontnames slotno get fontname eq not
 {fonts slotno fontname findfont put fontnames slotno fontname put}if}def
/xH{/fontheight exch def F}def
/xS{/fontslant exch def F}def
/s{/fontsize exch def /fontheight fontsize def F}def
/f{/fontnum exch def F}def
/F{fontheight 0 le {/fontheight fontsize def}if
   fonts fontnum get fontsize point 0 0 fontheight point neg 0 0 m1 astore
   fontslant 0 ne{1 0 fontslant tan 1 0 0 m2 astore m3 concatmatrix}if
   makefont setfont .04 fontsize point mul 0 dround pop setlinewidth}def
/X{exch currentpoint exch pop moveto show}def
/N{3 1 roll moveto show}def
/Y{exch currentpoint pop exch moveto show}def
/S{show}def
/ditpush{}def/ditpop{}def
/AX{3 -1 roll currentpoint exch pop moveto 0 exch ashow}def
/AN{4 2 roll moveto 0 exch ashow}def
/AY{3 -1 roll currentpoint pop exch moveto 0 exch ashow}def
/AS{0 exch ashow}def
/MX{currentpoint exch pop moveto}def
/MY{currentpoint pop exch moveto}def
/MXY{moveto}def
/cb{pop}def	% action on unknown char -- nothing for now
/n{}def/w{}def
/p{pop showpage pagesave restore /pagesave save def}def
/abspoint{currentpoint exch pop add exch currentpoint pop add exch}def
/distance{dup mul exch dup mul add sqrt}def
/dstroke{currentpoint stroke moveto}def
/Dl{2 copy gsave rlineto stroke grestore rmoveto}def
/arcellipse{/diamv exch def /diamh exch def oldmat currentmatrix pop
 currentpoint translate 1 diamv diamh div scale /rad diamh 2 div def
 currentpoint exch rad add exch rad -180 180 arc oldmat setmatrix}def
/Dc{dup arcellipse dstroke}def
/De{arcellipse dstroke}def
/Da{/endv exch def /endh exch def /centerv exch def /centerh exch def
 /cradius centerv centerv mul centerh centerh mul add sqrt def
 /eradius endv endv mul endh endh mul add sqrt def
 /endang endv endh atan def
 /startang centerv neg centerh neg atan def
 /sweep startang endang sub dup 0 lt{360 add}if def
 sweep arctoobig gt
 {/midang startang sweep 2 div sub def /midrad cradius eradius add 2 div def
  /midh midang cos midrad mul def /midv midang sin midrad mul def
  midh neg midv neg endh endv centerh centerv midh midv Da
  currentpoint moveto Da}
 {sweep arctoosmall ge
  {/controldelt 1 sweep 2 div cos sub 3 sweep 2 div sin mul div 4 mul def
  centerv neg controldelt mul centerh controldelt mul
  endv neg controldelt mul centerh add endh add
  endh controldelt mul centerv add endv add
  centerh endh add centerv endv add rcurveto dstroke}
 {centerh endh add centerv endv add rlineto dstroke}ifelse}ifelse}def
/Barray 200 array def % 200 values in a wiggle
/D~{mark}def
/D~~{counttomark Barray exch 0 exch getinterval astore /Bcontrol exch def pop
 /Blen Bcontrol length def Blen 4 ge Blen 2 mod 0 eq and
 {Bcontrol 0 get Bcontrol 1 get abspoint /Ycont exch def /Xcont exch def
  Bcontrol 0 2 copy get 2 mul put Bcontrol 1 2 copy get 2 mul put
  Bcontrol Blen 2 sub 2 copy get 2 mul put
  Bcontrol Blen 1 sub 2 copy get 2 mul put
  /Ybi /Xbi currentpoint 3 1 roll def def 0 2 Blen 4 sub
  {/i exch def
   Bcontrol i get 3 div Bcontrol i 1 add get 3 div
   Bcontrol i get 3 mul Bcontrol i 2 add get add 6 div
   Bcontrol i 1 add get 3 mul Bcontrol i 3 add get add 6 div
   /Xbi Xcont Bcontrol i 2 add get 2 div add def
   /Ybi Ycont Bcontrol i 3 add get 2 div add def
   /Xcont Xcont Bcontrol i 2 add get add def
   /Ycont Ycont Bcontrol i 3 add get add def
   Xbi currentpoint pop sub Ybi currentpoint exch pop sub rcurveto
  }for dstroke}if}def
end
/ditstart{$DITroff begin
 /nfonts 60 def			% NFONTS makedev/ditroff dependent!
 /fonts[nfonts{0}repeat]def
 /fontnames[nfonts{()}repeat]def
/docsave save def
}def
% character outcalls
/oc {/pswid exch def /cc exch def /name exch def
   /ditwid pswid fontsize mul resolution mul 72000 div def
   /ditsiz fontsize resolution mul 72 div def
   ocprocs name known{ocprocs name get exec}{name cb}
   ifelse}def
/fractm [.65 0 0 .6 0 0] def
/fraction
 {/fden exch def /fnum exch def gsave /cf currentfont def
  cf fractm makefont setfont 0 .3 dm 2 copy neg rmoveto
  fnum show rmoveto currentfont cf setfont(\244)show setfont fden show 
  grestore ditwid 0 rmoveto} def
/oce {grestore ditwid 0 rmoveto}def
/dm {ditsiz mul}def
/ocprocs 50 dict def ocprocs begin
(14){(1)(4)fraction}def
(12){(1)(2)fraction}def
(34){(3)(4)fraction}def
(13){(1)(3)fraction}def
(23){(2)(3)fraction}def
(18){(1)(8)fraction}def
(38){(3)(8)fraction}def
(58){(5)(8)fraction}def
(78){(7)(8)fraction}def
(sr){gsave 0 .06 dm rmoveto(\326)show oce}def
(is){gsave 0 .15 dm rmoveto(\362)show oce}def
(->){gsave 0 .02 dm rmoveto(\256)show oce}def
(<-){gsave 0 .02 dm rmoveto(\254)show oce}def
(==){gsave 0 .05 dm rmoveto(\272)show oce}def
end
% an attempt at a PostScript FONT to implement ditroff special chars
% this will enable us to 
%	cache the little buggers
%	generate faster, more compact PS out of psdit
%	confuse everyone (including myself)!
50 dict dup begin
/FontType 3 def
/FontName /DIThacks def
/FontMatrix [.001 0 0 .001 0 0] def
/FontBBox [-260 -260 900 900] def% a lie but ...
/Encoding 256 array def
0 1 255{Encoding exch /.notdef put}for
Encoding
 dup 8#040/space put %space
 dup 8#110/rc put %right ceil
 dup 8#111/lt put %left  top curl
 dup 8#112/bv put %bold vert
 dup 8#113/lk put %left  mid curl
 dup 8#114/lb put %left  bot curl
 dup 8#115/rt put %right top curl
 dup 8#116/rk put %right mid curl
 dup 8#117/rb put %right bot curl
 dup 8#120/rf put %right floor
 dup 8#121/lf put %left  floor
 dup 8#122/lc put %left  ceil
 dup 8#140/sq put %square
 dup 8#141/bx put %box
 dup 8#142/ci put %circle
 dup 8#143/br put %box rule
 dup 8#144/rn put %root extender
 dup 8#145/vr put %vertical rule
 dup 8#146/ob put %outline bullet
 dup 8#147/bu put %bullet
 dup 8#150/ru put %rule
 dup 8#151/ul put %underline
 pop
/DITfd 100 dict def
/BuildChar{0 begin
 /cc exch def /fd exch def
 /charname fd /Encoding get cc get def
 /charwid fd /Metrics get charname get def
 /charproc fd /CharProcs get charname get def
 charwid 0 fd /FontBBox get aload pop setcachedevice
 2 setlinejoin 40 setlinewidth
 newpath 0 0 moveto gsave charproc grestore
 end}def
/BuildChar load 0 DITfd put
%/UniqueID 5 def
/CharProcs 50 dict def
CharProcs begin
/space{}def
/.notdef{}def
/ru{500 0 rls}def
/rn{0 840 moveto 500 0 rls}def
/vr{0 800 moveto 0 -770 rls}def
/bv{0 800 moveto 0 -1000 rls}def
/br{0 750 moveto 0 -1000 rls}def
/ul{0 -140 moveto 500 0 rls}def
/ob{200 250 rmoveto currentpoint newpath 200 0 360 arc closepath stroke}def
/bu{200 250 rmoveto currentpoint newpath 200 0 360 arc closepath fill}def
/sq{80 0 rmoveto currentpoint dround newpath moveto
    640 0 rlineto 0 640 rlineto -640 0 rlineto closepath stroke}def
/bx{80 0 rmoveto currentpoint dround newpath moveto
    640 0 rlineto 0 640 rlineto -640 0 rlineto closepath fill}def
/ci{500 360 rmoveto currentpoint newpath 333 0 360 arc
    50 setlinewidth stroke}def
/lt{0 -200 moveto 0 550 rlineto currx 800 2cx s4 add exch s4 a4p stroke}def
/lb{0 800 moveto 0 -550 rlineto currx -200 2cx s4 add exch s4 a4p stroke}def
/rt{0 -200 moveto 0 550 rlineto currx 800 2cx s4 sub exch s4 a4p stroke}def
/rb{0 800 moveto 0 -500 rlineto currx -200 2cx s4 sub exch s4 a4p stroke}def
/lk{0 800 moveto 0 300 -300 300 s4 arcto pop pop 1000 sub
    0 300 4 2 roll s4 a4p 0 -200 lineto stroke}def
/rk{0 800 moveto 0 300 s2 300 s4 arcto pop pop 1000 sub
    0 300 4 2 roll s4 a4p 0 -200 lineto stroke}def
/lf{0 800 moveto 0 -1000 rlineto s4 0 rls}def
/rf{0 800 moveto 0 -1000 rlineto s4 neg 0 rls}def
/lc{0 -200 moveto 0 1000 rlineto s4 0 rls}def
/rc{0 -200 moveto 0 1000 rlineto s4 neg 0 rls}def
end
/Metrics 50 dict def Metrics begin
/.notdef 0 def
/space 500 def
/ru 500 def
/br 0 def
/lt 416 def
/lb 416 def
/rt 416 def
/rb 416 def
/lk 416 def
/rk 416 def
/rc 416 def
/lc 416 def
/rf 416 def
/lf 416 def
/bv 416 def
/ob 350 def
/bu 350 def
/ci 750 def
/bx 750 def
/sq 750 def
/rn 500 def
/ul 500 def
/vr 0 def
end
DITfd begin
/s2 500 def /s4 250 def /s3 333 def
/a4p{arcto pop pop pop pop}def
/2cx{2 copy exch}def
/rls{rlineto stroke}def
/currx{currentpoint pop}def
/dround{transform round exch round exch itransform} def
end
end
/DIThacks exch definefont pop
ditstart
(psc)xT
576 1 1 xr
1(Times-Roman)xf 1 f
2(Times-Italic)xf 2 f
3(Times-Bold)xf 3 f
4(Times-BoldItalic)xf 4 f
5(Helvetica)xf 5 f
6(Helvetica-Bold)xf 6 f
7(Courier)xf 7 f
8(Courier-Bold)xf 8 f
9(Symbol)xf 9 f
10(DIThacks)xf 10 f
10 s
1 f
xi
%%EndProlog
%%Page: 1 1
10 s 0 xH 0 xS 1 f
32(--)Y
4323(--)X
4 f
12 s
970 984(Kerberos:)N
3 f
1383(An)X
1529(Authentication)X
2166(Service)X
2490(for)X
2637(Open)X
2885(Network)X
3266(Systems)X
2 f
10 s
1979 1296(Jennifer)N
2262(G.)X
2360(Steiner)X
1 f
2043 1440(Project)N
2290(Athena)X
1665 1536(Massachusetts)N
2148(Institute)X
2430(of)X
2517(Technology)X
1900 1632(Cambridge,)N
2296(MA)X
2465(02139)X
1798 1728 0.1577(steiner@ATHENA.MIT.EDU)AN
2 f
1993 1920(Clifford)N
2265(Neuman)X
1 f
2532(\262)X
1623 2064(Department)N
2022(of)X
2109(Computer)X
2449(Science,)X
2739(FR-35)X
1867 2160(University)N
2225(of)X
2312(Washington)X
1967 2256(Seattle,)N
2225(WA)X
2399(98195)X
1765 2352(bcn@CS.WASHINGTON.EDU)N
2 f
2005 2544(Jeffrey)N
2244(I.)X
2311(Schiller)X
1 f
2043 2688(Project)N
2290(Athena)X
1665 2784(Massachusetts)N
2148(Institute)X
2430(of)X
2517(Technology)X
1900 2880(Cambridge,)N
2296(MA)X
2465(02139)X
1867 2976(jis@ATHENA.MIT.EDU)N
2 f
2094 3280(ABSTRACT)N
1 f
1043 3488(In)N
1144(an)X
1254(open)X
1444(network)X
1741(computing)X
2116(environment,)X
2574(a)X
2643(workstation)X
3054(cannot)X
3301(be)X
3410(trusted)X
3661(to)X
843 3584(identify)N
1141(its)X
1265(users)X
1479(correctly)X
1814(to)X
1925(network)X
2236(services.)X
2 f
2583(Kerberos)X
1 f
2936(provides)X
3260(an)X
3384(alternative)X
843 3680(approach)N
1173(whereby)X
1485(a)X
1556(trusted)X
1809(third-party)X
2187(authentication)X
2676(service)X
2939(is)X
3027(used)X
3209(to)X
3305(verify)X
3531(users')X
843 3776(identities.)N
1200(This)X
1366(paper)X
1569(gives)X
1762(an)X
1862(overview)X
2185(of)X
2275(the)X
2 f
2396(Kerberos)X
1 f
2724(authentication)X
3201(model)X
3424(as)X
3514(imple-)X
843 3872(mented)N
1101(for)X
1217(MIT's)X
1444(Project)X
1693(Athena.)X
1987(It)X
2058(describes)X
2379(the)X
2499(protocols)X
2819(used)X
2987(by)X
3088(clients,)X
3338(servers,)X
3607(and)X
2 f
843 3968(Kerberos)N
1 f
1172(to)X
1258(achieve)X
1528(authentication.)X
2046(It)X
2119(also)X
2272(describes)X
2595(the)X
2717(management)X
3151(and)X
3290(replication)X
3656(of)X
843 4064(the)N
975(database)X
1286(required.)X
1628(The)X
1787(views)X
2008(of)X
2 f
2109(Kerberos)X
1 f
2448(as)X
2549(seen)X
2726(by)X
2839(the)X
2970(user,)X
3157(programmer,)X
3607(and)X
843 4160(administrator)N
1294(are)X
1417(described.)X
1789(Finally,)X
2059(the)X
2181(role)X
2330(of)X
2 f
2421(Kerberos)X
1 f
2750(in)X
2836(the)X
2958(larger)X
3169(Athena)X
3424(picture)X
3670(is)X
843 4256(given,)N
1069(along)X
1275(with)X
1445(a)X
1509(list)X
1634(of)X
1729(applications)X
2144(that)X
2292(presently)X
2614(use)X
2 f
2749(Kerberos)X
1 f
3082(for)X
3204(user)X
3366(authentica-)X
843 4352(tion.)N
1032(We)X
1169(describe)X
1462(the)X
1585(addition)X
1872(of)X
2 f
1964(Kerberos)X
1 f
2294(authentication)X
2772(to)X
2858(the)X
2980(Sun)X
3128(Network)X
3433(File)X
3581(Sys-)X
843 4448(tem)N
983(as)X
1070(a)X
1126(case)X
1285(study)X
1478(for)X
1592(integrating)X
2 f
1959(Kerberos)X
1 f
2284(with)X
2446(an)X
2542(existing)X
2815(application.)X
3 f
555 4832(Introduction)N
1 f
755 4956(This)N
923(paper)X
1128(gives)X
1323(an)X
1425(overview)X
1750(of)X
2 f
1842(Kerberos)X
1 f
2147(,)X
555 5052(an)N
661(authentication)X
1145(system)X
1397(designed)X
1712(by)X
1822(Miller)X
2051(and)X
555 5148(Neuman)N
8 s
827 5123(1)N
10 s
896 5148(for)N
1026(open)X
1218(network)X
1517(computing)X
1895(environ-)X
555 5244(ments,)N
803(and)X
956(describes)X
1292(our)X
1435(experience)X
1820(using)X
2029(it)X
2109(at)X
555 5340(MIT's)N
787(Project)X
1041(Athena.)X
8 s
1293 5315(2)N
10 s
1351 5340(In)N
1444(the)X
1568(first)X
1723(section)X
1976(of)X
2069(the)X
555 5436(paper,)N
808(we)X
956(explain)X
1246(why)X
1437(a)X
1526(new)X
1713(authentication)X
8 s
10 f
555 5516(hhhhhhhhhhhhhhhhhh)N
1 f
555 5596(\262)N
608(Clifford)X
835(Neuman)X
1072(was)X
1192(a)X
1241(member)X
1471(of)X
1545(the)X
1644(Project)X
1846(Athena)X
2051(staff)X
2185(during)X
2373(the)X
2472(design)X
2660(and)X
2773(initial)X
2944(implementation)X
3367(phase)X
3533(of)X
2 f
3606(Ker-)X
555 5676(beros)N
1 f
702(.)X
10 s
2399 4832(model)N
2627(is)X
2708(needed)X
2964(for)X
3086(open)X
3269(networks,)X
3610(and)X
3753(what)X
3936(its)X
2399 4928(requirements)N
2861(are.)X
3042(The)X
3209(second)X
3474(section)X
3743(lists)X
3913(the)X
2399 5024(components)N
2859(of)X
2999(the)X
2 f
3169(Kerberos)X
1 f
3546(software)X
3895(and)X
2399 5120(describes)N
2753(how)X
2945(they)X
3137(interact)X
3432(in)X
3548(providing)X
3913(the)X
2399 5216(authentication)N
2880(service.)X
3175(In)X
3269(Section)X
3536(3,)X
3623(we)X
3743(describe)X
2399 5312(the)N
2 f
2517(Kerberos)X
1 f
2842(naming)X
3102(scheme.)X
2599 5436(Section)N
2878(4)X
2956(presents)X
3257(the)X
3393(building)X
3697(blocks)X
3944(of)X
2028 6144(March)N
2258(30,)X
2378(1988)X
2 p
%%Page: 2 2
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2216 416(-)N
2263(2)X
2323(-)X
2 f
555 672(Kerberos)N
1 f
913(authentication)X
9 f
1420(-)X
1 f
1517(the)X
2 f
1668(ticket)X
1 f
1901(and)X
2069(the)X
2 f
555 768(authenticator)N
1 f
993(.)X
1066(This)X
1241(leads)X
1439(to)X
1534(a)X
1603(discussion)X
1969(of)X
2069(the)X
555 864(two)N
705(authentication)X
1189(protocols:)X
1539(the)X
1667(initial)X
1882(authenti-)X
555 960(cation)N
785(of)X
886(a)X
956(user)X
1124(to)X
2 f
1220(Kerberos)X
1 f
1558(\(analogous)X
1943(to)X
2038(log-)X
555 1056(ging)N
727(in\),)X
866(and)X
1012(the)X
1140(protocol)X
1436(for)X
1559(mutual)X
1810(authentica-)X
555 1152(tion)N
708(of)X
804(a)X
869(potential)X
1177(consumer)X
1517(and)X
1661(a)X
1725(potential)X
2033(pro-)X
555 1248(ducer)N
754(of)X
841(a)X
897(network)X
1180(service.)X
2 f
755 1372(Kerberos)N
1 f
1098(requires)X
1395(a)X
1468(database)X
1782(of)X
1886(informa-)X
555 1468(tion)N
700(about)X
899(its)X
995(clients;)X
1247(Section)X
1508(5)X
1569(describes)X
1888(the)X
2006(data-)X
555 1564(base,)N
760(its)X
877(management,)X
1349(and)X
1507(the)X
1647(protocol)X
1956(for)X
2092(its)X
555 1660(modification.)N
1041(Section)X
1317(6)X
1393(describes)X
1728(the)X
2 f
1862(Kerberos)X
1 f
555 1756(interface)N
872(to)X
969(its)X
1079(users,)X
1298(applications)X
1719(programmers,)X
555 1852(and)N
716(administrators.)X
1259(In)X
1371(Section)X
1656(7,)X
1761(we)X
1899(describe)X
555 1948(how)N
715(the)X
835(Project)X
1084(Athena)X
2 f
1338(Kerberos)X
1 f
1664(fits)X
1787(into)X
1932(the)X
2051(rest)X
555 2044(of)N
646(the)X
768(Athena)X
1023(environment.)X
1491(We)X
1626(also)X
1778(describe)X
2069(the)X
555 2140(interaction)N
940(of)X
1049(different)X
2 f
1367(Kerberos)X
1 f
1713(authentication)X
555 2236(domains,)N
894(or)X
2 f
1009(realms)X
1 f
1234(;)X
1304(in)X
1414(our)X
1569(case,)X
1776(the)X
1922(relation)X
555 2332(between)N
868(the)X
1011(Project)X
1283(Athena)X
2 f
1560(Kerberos)X
1 f
1909(and)X
2069(the)X
2 f
555 2428(Kerberos)N
1 f
887(running)X
1163(at)X
1248(MIT's)X
1480(Laboratory)X
1864(for)X
1985(Com-)X
555 2524(puter)N
740(Science.)X
755 2648(In)N
855(Section)X
1128(8,)X
1220(we)X
1346(mention)X
1640(open)X
1828(issues)X
2051(and)X
555 2744(problems)N
880(as)X
974(yet)X
1099(unsolved.)X
1455(The)X
1607(last)X
1745(section)X
1998(gives)X
555 2840(the)N
681(current)X
937(status)X
1147(of)X
2 f
1242(Kerberos)X
1 f
1575(at)X
1661(Project)X
1915(Athena.)X
555 2936(In)N
653(the)X
782(appendix,)X
1127(we)X
1252(describe)X
1551(in)X
1644(detail)X
1852(how)X
2 f
2020(Ker-)X
555 3032(beros)N
1 f
788(is)X
889(applied)X
1173(to)X
1283(a)X
1366(network)X
1676(file)X
1830(service)X
2105(to)X
555 3128(authenticate)N
987(users)X
1195(who)X
1376(wish)X
1570(to)X
1675(gain)X
1856(access)X
2105(to)X
555 3224(remote)N
798(file)X
925(systems.)X
3 f
755 3348(Conventions.)N
1 f
1266(Throughout)X
1689(this)X
1849(paper)X
2073(we)X
555 3444(use)N
703(terms)X
922(that)X
1083(may)X
1262(be)X
1379(ambiguous,)X
1791(new)X
1966(to)X
2069(the)X
555 3540(reader,)N
806(or)X
902(used)X
1078(differently)X
1446(elsewhere.)X
1836(Below)X
2073(we)X
555 3636(state)N
722(our)X
849(use)X
976(of)X
1063(those)X
1252(terms.)X
2 f
755 3760(User,)N
961(Client,)X
1206(Server.)X
1 f
1486(By)X
2 f
1609(user)X
1 f
1754(,)X
1804(we)X
1928(mean)X
2131(a)X
555 3856(human)N
803(being)X
1011(who)X
1179(uses)X
1347(a)X
1413(program)X
1715(or)X
1812(service.)X
2109(A)X
2 f
555 3952(client)N
1 f
768(also)X
925(uses)X
1091(something,)X
1472(but)X
1601(is)X
1681(not)X
1810(necessarily)X
555 4048(a)N
631(person;)X
907(it)X
990(can)X
1141(be)X
1256(a)X
1331(program.)X
1682(Often)X
1904(network)X
555 4144(applications)N
984(consist)X
1248(of)X
1357(two)X
1519(parts;)X
1738(one)X
1895(program)X
555 4240(which)N
773(runs)X
933(on)X
1035(one)X
1173(machine)X
1466(and)X
1603(requests)X
1887(a)X
1944(remote)X
555 4336(service,)N
835(and)X
983(another)X
1256(program)X
1560(which)X
1788(runs)X
1958(on)X
2069(the)X
555 4432(remote)N
814(machine)X
1121(and)X
1272(performs)X
1597(that)X
1752(service.)X
2055(We)X
555 4528(call)N
704(those)X
906(the)X
2 f
1037(client)X
1 f
1255(side)X
1417(and)X
2 f
1566(server)X
1 f
1807(side)X
1969(of)X
2069(the)X
555 4624(application,)N
983(respectively.)X
1463(Often,)X
1718(a)X
2 f
1806(client)X
1 f
2043(will)X
555 4720(contact)N
807(a)X
2 f
863(server)X
1 f
1091(on)X
1191(behalf)X
1412(of)X
1499(a)X
2 f
1555(user)X
1 f
1700(.)X
755 4844(Each)N
944(entity)X
1154(that)X
1302(uses)X
1468(the)X
2 f
1593(Kerberos)X
1 f
1925(system,)X
555 4940(be)N
656(it)X
725(a)X
786(user)X
945(or)X
1037(a)X
1098(network)X
1386(server,)X
1628(is)X
1706(in)X
1793(one)X
1933(sense)X
2131(a)X
555 5036(client,)N
785(since)X
982(it)X
1057(uses)X
1226(the)X
2 f
1355(Kerberos)X
1 f
1691(service.)X
1990(So)X
2105(to)X
555 5132(distinguish)N
2 f
931(Kerberos)X
1 f
1261(clients)X
1495(from)X
1676(clients)X
1910(of)X
2002(other)X
555 5228(services,)N
873(we)X
1006(use)X
1152(the)X
1289(term)X
2 f
1475(principal)X
1 f
1813(to)X
1913(indicate)X
555 5324(such)N
740(an)X
854(entity.)X
1114(Note)X
1308(that)X
1466(a)X
2 f
1540(Kerberos)X
1 f
1882(principal)X
555 5420(can)N
690(be)X
789(either)X
995(a)X
1054(user)X
1211(or)X
1301(a)X
1359(server.)X
1618(\(We)X
1779(describe)X
2069(the)X
555 5516(naming)N
815(of)X
2 f
902(Kerberos)X
1 f
1227(principals)X
1563(in)X
1645(a)X
1701(later)X
1864(section.\))X
2 f
755 5640(Service)N
1027(vs.)X
1149(Server.)X
1 f
1434(We)X
1580(use)X
2 f
1721(service)X
1 f
1990(as)X
2091(an)X
555 5736(abstract)N
837(specification)X
1279(of)X
1378(some)X
1579(actions)X
1837(to)X
1930(be)X
2037(per-)X
555 5832(formed.)N
854(A)X
939(process)X
1207(which)X
1429(performs)X
1745(those)X
1940(actions)X
2399 672(is)N
2478(called)X
2696(a)X
2 f
2757(server)X
1 f
2965(.)X
3030(At)X
3135(a)X
3196(given)X
3399(time,)X
3586(there)X
3772(may)X
3935(be)X
2399 768(several)N
2 f
2684(servers)X
1 f
2979(\(usually)X
3293(running)X
3598(on)X
3734(different)X
2399 864(machines\))N
2749(performing)X
3130(a)X
3186(given)X
2 f
3384(service)X
1 f
3619(.)X
3679(For)X
3810(exam-)X
2399 960(ple,)N
2557(at)X
2655(Athena)X
2927(there)X
3128(is)X
3220(one)X
3375(BSD)X
3569(UNIX)X
2 f
3809(rlogin)X
1 f
2399 1056(server)N
2661(running)X
2975(on)X
3119(each)X
3331(of)X
3462(our)X
3633(timesharing)X
2399 1152(machines.)N
2 f
2599 1276(Key,)N
2801(Private)X
3094(Key,)X
3295(Password.)X
3706(Kerberos)X
1 f
2399 1372(uses)N
2559(private)X
2804(key)X
2942(encryption.)X
3347(Each)X
2 f
3529(Kerberos)X
1 f
3855(prin-)X
2399 1468(cipal)N
2584(is)X
2666(assigned)X
2971(a)X
3036(large)X
3226(number,)X
3520(its)X
3624(private)X
3875(key,)X
2399 1564(known)N
2654(only)X
2833(to)X
2932(that)X
3089(principal)X
3411(and)X
2 f
3563(Kerberos)X
1 f
3868(.)X
3944(In)X
2399 1660(the)N
2518(case)X
2678(of)X
2766(a)X
2823(user,)X
2998(the)X
3117(private)X
3361(key)X
3498(is)X
3572(the)X
3690(result)X
3888(of)X
3975(a)X
2399 1756(one-way)N
2701(function)X
2993(applied)X
3254(to)X
3340(the)X
3462(user's)X
2 f
3678(password)X
1 f
3991(.)X
2399 1852(We)N
2531(use)X
2 f
2658(key)X
1 f
2793(as)X
2880(shorthand)X
3216(for)X
2 f
3330(private)X
3577(key)X
1 f
3692(.)X
2 f
2599 1976(Credentials.)N
1 f
3034(Unfortunately,)X
3525(this)X
3661(word)X
3847(has)X
3975(a)X
2399 2072(special)N
2658(meaning)X
2970(for)X
3100(both)X
3278(the)X
3412(Sun)X
3571(Network)X
3887(File)X
2399 2168(System)N
2665(and)X
2812(the)X
2 f
2940(Kerberos)X
1 f
3275(system.)X
3567(We)X
3709(explicitly)X
2399 2264(state)N
2579(whether)X
2871(we)X
2998(mean)X
3205(NFS)X
3384(credentials)X
3765(or)X
2 f
3864(Ker-)X
2399 2360(beros)N
1 f
2619(credentials,)X
3022(otherwise)X
3368(the)X
3500(term)X
3681(is)X
3768(used)X
3949(in)X
2399 2456(the)N
2517(normal)X
2764(English)X
3028(language)X
3338(sense.)X
2 f
2599 2580(Master)N
2848(and)X
2990(Slave.)X
1 f
3226(It)X
3296(is)X
3370(possible)X
3653(to)X
3736(run)X
2 f
3864(Ker-)X
2399 2676(beros)N
1 f
2617(authentication)X
3104(software)X
3414(on)X
3527(more)X
3725(than)X
3895(one)X
2399 2772(machine.)N
2760(However,)X
3124(there)X
3333(is)X
3434(always)X
3705(only)X
3895(one)X
2399 2868(definitive)N
2746(copy)X
2942(of)X
3049(the)X
2 f
3186(Kerberos)X
1 f
3530(database.)X
3886(The)X
2399 2964(machine)N
2699(which)X
2923(houses)X
3168(this)X
3310(database)X
3614(is)X
3694(called)X
3913(the)X
2 f
2399 3060(master)N
1 f
2686(machine,)X
3039(or)X
3167(just)X
3343(the)X
2 f
3502(master)X
1 f
3727(.)X
3828(Other)X
2399 3156(machines)N
2745(may)X
2925(possess)X
3207(read-only)X
3557(copies)X
3804(of)X
3913(the)X
2 f
2399 3252(Kerberos)N
1 f
2724(database,)X
3041(and)X
3177(these)X
3362(are)X
3481(called)X
2 f
3693(slaves)X
1 f
3896(.)X
3 f
2399 3444(1.)N
2499(Motivation)X
1 f
2599 3568(In)N
2719(a)X
2807(non-networked)X
3345(personal)X
3669(computing)X
2399 3664(environment,)N
2865(resources)X
3209(and)X
3365(information)X
3783(can)X
3935(be)X
2399 3760(protected)N
2751(by)X
2884(physically)X
3265(securing)X
3589(the)X
3739(personal)X
2399 3856(computer.)N
2777(In)X
2879(a)X
2950(timesharing)X
3363(computing)X
3739(environ-)X
2399 3952(ment,)N
2618(the)X
2755(operating)X
3097(system)X
3358(protects)X
3651(users)X
3855(from)X
2399 4048(one)N
2549(another)X
2824(and)X
2974(controls)X
3266(resources.)X
3644(In)X
3745(order)X
3949(to)X
2399 4144(determine)N
2770(what)X
2976(each)X
3174(user)X
3358(is)X
3461(able)X
3645(to)X
3756(read)X
3944(or)X
2399 4240(modify,)N
2673(it)X
2740(is)X
2816(necessary)X
3152(for)X
3269(the)X
3389(timesharing)X
3789(system)X
2399 4336(to)N
2486(identify)X
2759(each)X
2931(user.)X
3129(This)X
3295(is)X
3372(accomplished)X
3837(when)X
2399 4432(the)N
2517(user)X
2671(logs)X
2824(in.)X
2599 4556(In)N
2710(a)X
2790(network)X
3097(of)X
3207(users)X
3415(requiring)X
3752(services)X
2399 4652(from)N
2595(many)X
2813(separate)X
3117(computers,)X
3511(there)X
3712(are)X
3850(three)X
2399 4748(approaches)N
2795(one)X
2945(can)X
3091(take)X
3259(to)X
3355(access)X
3595(control:)X
3877(One)X
2399 4844(can)N
2539(do)X
2647(nothing,)X
2939(relying)X
3194(on)X
3302(the)X
3427(machine)X
3726(to)X
3815(which)X
2399 4940(the)N
2544(user)X
2725(is)X
2825(logged)X
3089(in)X
3197(to)X
3305(prevent)X
3592(unauthorized)X
2399 5036(access;)N
2651(one)X
2791(can)X
2927(require)X
3179(the)X
3301(host)X
3457(to)X
3542(prove)X
3748(its)X
3846(iden-)X
2399 5132(tity,)N
2554(but)X
2685(trust)X
2856(the)X
2983(host's)X
3203(word)X
3397(as)X
3493(to)X
3584(who)X
3751(the)X
3877(user)X
2399 5228(is;)N
2510(or)X
2613(one)X
2765(can)X
2913(require)X
3176(the)X
3309(user)X
3478(to)X
3575(prove)X
3793(her/his)X
2399 5324(identity)N
2663(for)X
2777(each)X
2945(required)X
3233(service.)X
2599 5448(In)N
2720(a)X
2810(closed)X
3069(environment)X
3528(where)X
3779(all)X
3913(the)X
2399 5544(machines)N
2726(are)X
2849(under)X
3056(strict)X
3239(control,)X
3509(one)X
3648(can)X
3783(use)X
3913(the)X
2399 5640(first)N
2568(approach.)X
2943(When)X
3175(the)X
3313(organization)X
3753(controls)X
2399 5736(all)N
2521(the)X
2661(hosts)X
2866(communicating)X
3405(over)X
3589(the)X
3728(network,)X
2399 5832(this)N
2534(is)X
2607(a)X
2663(reasonable)X
3027(approach.)X
2028 6144(March)N
2258(30,)X
2378(1988)X
3 p
%%Page: 3 3
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2216 416(-)N
2263(3)X
2323(-)X
755 672(In)N
866(a)X
946(more)X
1155(open)X
1354(environment,)X
1822(one)X
1981(might)X
555 768(selectively)N
926(trust)X
1096(only)X
1266(those)X
1462(hosts)X
1653(under)X
1863(organiza-)X
555 864(tional)N
776(control.)X
1082(In)X
1188(this)X
1342(case,)X
1540(each)X
1727(host)X
1898(must)X
2091(be)X
555 960(required)N
847(to)X
933(prove)X
1140(its)X
1239(identity.)X
1546(The)X
2 f
1694(rlogin)X
1 f
1919(and)X
2 f
2058(rsh)X
1 f
555 1056(programs)N
891(use)X
1031(this)X
1179(approach.)X
1547(In)X
1647(those)X
1849(protocols,)X
555 1152(authentication)N
1048(is)X
1140(done)X
1335(by)X
1453(checking)X
1781(the)X
1917(Internet)X
555 1248(address)N
828(from)X
1016(which)X
1244(a)X
1311(connection)X
1694(has)X
1832(been)X
2015(esta-)X
555 1344(blished.)N
755 1468(In)N
867(the)X
1009(Athena)X
1285(environment,)X
1754(we)X
1892(must)X
2091(be)X
555 1564(able)N
730(to)X
833(honor)X
1061(requests)X
1365(from)X
1562(hosts)X
1766(that)X
1926(are)X
2065(not)X
555 1660(under)N
779(organizational)X
1279(control.)X
1587(Users)X
1810(have)X
2002(com-)X
555 1756(plete)N
764(control)X
1044(of)X
1163(their)X
1362(workstations:)X
1865(they)X
2055(can)X
555 1852(reboot)N
794(them,)X
1008(bring)X
1211(them)X
1405(up)X
1519(standalone,)X
1915(or)X
2015(even)X
555 1948(boot)N
745(off)X
887(their)X
1082(own)X
1268(tapes.)X
1521(As)X
1657(such,)X
1871(the)X
2016(third)X
555 2044(approach)N
896(must)X
1097(be)X
1219(taken;)X
1461(the)X
1605(user)X
1784(must)X
1984(prove)X
555 2140(her/his)N
821(identity)X
1112(for)X
1253(each)X
1448(desired)X
1727(service.)X
2042(The)X
555 2236(server)N
776(must)X
955(also)X
1108(prove)X
1315(its)X
1413(identity.)X
1720(It)X
1792(is)X
1868(not)X
1993(suffi-)X
555 2332(cient)N
739(to)X
829(physically)X
1185(secure)X
1418(the)X
1543(host)X
1703(running)X
1979(a)X
2042(net-)X
555 2428(work)N
750(server;)X
999(someone)X
1314(elsewhere)X
1666(on)X
1776(the)X
1904(network)X
555 2524(may)N
713(be)X
809(masquerading)X
1279(as)X
1366(the)X
1484(given)X
1682(server.)X
755 2648(Our)N
930(environment)X
1385(places)X
1635(several)X
1912(require-)X
555 2744(ments)N
784(on)X
901(an)X
1014(identification)X
1478(mechanism.)X
1920(First,)X
2123(it)X
555 2840(must)N
741(be)X
848(secure.)X
1125(Circumventing)X
1636(it)X
1711(must)X
1896(be)X
2002(diffi-)X
555 2936(cult)N
699(enough)X
959(that)X
1103(a)X
1162(potential)X
1465(attacker)X
1743(does)X
1913(not)X
2038(find)X
555 3032(the)N
674(authentication)X
1149(mechanism)X
1535(to)X
1618(be)X
1715(the)X
1833(weak)X
2023(link.)X
555 3128(Someone)N
898(watching)X
1237(the)X
1380(network)X
1688(should)X
1945(not)X
2091(be)X
555 3224(able)N
711(to)X
795(obtain)X
1017(the)X
1137(information)X
1536(necessary)X
1870(to)X
1953(imper-)X
555 3320(sonate)N
789(another)X
1059(user.)X
1262(Second,)X
1547(it)X
1619(must)X
1802(be)X
1906(reliable.)X
555 3416(Access)N
834(to)X
946(many)X
1174(services)X
1483(will)X
1657(depend)X
1939(on)X
2069(the)X
555 3512(authentication)N
1049(service.)X
1357(If)X
1451(it)X
1535(is)X
1628(not)X
1769(reliable,)X
2069(the)X
555 3608(system)N
802(of)X
894(services)X
1178(as)X
1270(a)X
1331(whole)X
1552(will)X
1701(not)X
1828(be.)X
1969(Third,)X
555 3704(it)N
627(should)X
868(be)X
972(transparent.)X
1397(Ideally,)X
1668(the)X
1793(user)X
1954(should)X
555 3800(not)N
712(be)X
843(aware)X
1091(of)X
1213(authentication)X
1722(taking)X
1977(place.)X
555 3896(Finally,)N
827(it)X
897(should)X
1136(be)X
1238(scalable.)X
1563(Many)X
1776(systems)X
2055(can)X
555 3992(communicate)N
1012(with)X
1179(Athena)X
1435(hosts.)X
1663(Not)X
1807(all)X
1911(of)X
2002(these)X
555 4088(will)N
707(support)X
975(our)X
1109(mechanism,)X
1521(but)X
1650(software)X
1954(should)X
555 4184(not)N
677(break)X
876(if)X
945(they)X
1103(did.)X
2 f
755 4308(Kerberos)N
1 f
1081(is)X
1155(the)X
1274(result)X
1473(of)X
1561(our)X
1689(work)X
1875(to)X
1958(satisfy)X
555 4404(the)N
675(above)X
889(requirements.)X
1370(When)X
1584(a)X
1641(user)X
1796(walks)X
2004(up)X
2105(to)X
555 4500(a)N
619(workstation)X
1025(s/he)X
1182(``logs)X
1397(in''.)X
1581(As)X
1697(far)X
1814(as)X
1908(the)X
2033(user)X
555 4596(can)N
701(tell,)X
856(this)X
1004(initial)X
1223(identification)X
1683(is)X
1769(sufficient)X
2105(to)X
555 4692(prove)N
766(her/his)X
1012(identity)X
1284(to)X
1374(all)X
1482(the)X
1608(required)X
1904(network)X
555 4788(servers)N
808(for)X
927(the)X
1050(duration)X
1342(of)X
1434(the)X
1557(login)X
1746(session.)X
2042(The)X
555 4884(security)N
854(of)X
2 f
966(Kerberos)X
1 f
1316(relies)X
1535(on)X
1660(the)X
1802(security)X
2100(of)X
555 4980(several)N
808(authentication)X
1287(servers,)X
1560(but)X
1686(not)X
1812(on)X
1916(the)X
2038(sys-)X
555 5076(tem)N
703(from)X
887(which)X
1111(users)X
1304(log)X
1434(in,)X
1544(nor)X
1679(on)X
1787(the)X
1913(security)X
555 5172(of)N
643(the)X
762(end)X
899(servers)X
1148(that)X
1289(will)X
1434(be)X
1530(used.)X
1737(The)X
1882(authenti-)X
555 5268(cation)N
793(server)X
1032(provides)X
1349(a)X
1426(properly)X
1739(authenticated)X
555 5364(user)N
739(with)X
931(a)X
1017(way)X
1201(to)X
1313(prove)X
1545(her/his)X
1812(identity)X
2105(to)X
555 5460(servers)N
803(scattered)X
1109(across)X
1330(the)X
1448(network.)X
755 5584(Authentication)N
1276(is)X
1374(a)X
1455(fundamental)X
1901(building)X
555 5680(block)N
754(for)X
869(a)X
926(secure)X
1153(networked)X
1513(environment.)X
1979(If,)X
2073(for)X
555 5776(example,)N
879(a)X
947(server)X
1176(knows)X
1417(for)X
1543(certain)X
1794(the)X
1923(identity)X
2399 672(of)N
2498(a)X
2566(client,)X
2795(it)X
2870(can)X
3013(decide)X
3254(whether)X
3544(to)X
3637(provide)X
3913(the)X
2399 768(service,)N
2674(whether)X
2959(the)X
3083(user)X
3243(should)X
3482(be)X
3584(given)X
3788(special)X
2399 864(privileges,)N
2757(who)X
2917(should)X
3152(receive)X
3407(the)X
3527(bill)X
3655(for)X
3771(the)X
3890(ser-)X
2399 960(vice,)N
2583(and)X
2728(so)X
2828(forth.)X
3053(In)X
3149(other)X
3343(words,)X
3588(authorization)X
2399 1056(and)N
2537(accounting)X
2911(schemes)X
3204(can)X
3337(be)X
3434(built)X
3601(on)X
3702(top)X
3825(of)X
3913(the)X
2399 1152(authentication)N
2893(that)X
2 f
3052(Kerberos)X
1 f
3396(provides,)X
3731(resulting)X
2399 1248(in)N
2494(equivalent)X
2861(security)X
3148(to)X
3242(the)X
3372(lone)X
3542(personal)X
3846(com-)X
2399 1344(puter)N
2584(or)X
2671(the)X
2789(timesharing)X
3187(system.)X
3 f
2399 1536(2.)N
2499(What)X
2710(is)X
4 f
2783(Kerberos)X
3 f
3081(?)X
2 f
2599 1660(Kerberos)N
1 f
2924(is)X
2997(a)X
3053(trusted)X
3291(third-party)X
3654(authentica-)X
2399 1756(tion)N
2568(service)X
2841(based)X
3069(on)X
3193(the)X
3335(model)X
3579(presented)X
3931(by)X
2399 1852(Needham)N
2755(and)X
2918(Schroeder.)X
8 s
3264 1827(3)N
10 s
3343 1852(It)N
3439(is)X
3539(trusted)X
3804(in)X
3913(the)X
2399 1948(sense)N
2605(that)X
2757(each)X
2937(of)X
3036(its)X
3143(clients)X
3384(believes)X
2 f
3679(Kerberos')X
1 f
2399 2044(judgement)N
2769(as)X
2868(to)X
2961(the)X
3090(identity)X
3365(of)X
3463(each)X
3642(of)X
3740(its)X
3846(other)X
2399 2140(clients)N
2684(to)X
2822(be)X
2973(accurate.)X
3357(Timestamps)X
3823(\(large)X
2399 2236(numbers)N
2708(representing)X
3138(the)X
3268(current)X
3528(date)X
3694(and)X
3842(time\))X
2399 2332(have)N
2583(been)X
2767(added)X
2991(to)X
3085(the)X
3215(original)X
3496(model)X
3727(to)X
3820(aid)X
3949(in)X
2399 2428(the)N
2534(detection)X
2865(of)X
2 f
2968(replay)X
1 f
3180(.)X
3256(Replay)X
3519(occurs)X
3765(when)X
3975(a)X
2399 2524(message)N
2693(is)X
2768(stolen)X
2980(off)X
3095(the)X
3214(network)X
3498(and)X
3635(resent)X
3848(later.)X
2399 2620(For)N
2546(a)X
2617(more)X
2817(complete)X
3146(description)X
3537(of)X
3639(replay,)X
3895(and)X
2399 2716(other)N
2598(issues)X
2823(of)X
2924(authentication,)X
3432(see)X
3568(Voydock)X
3895(and)X
2399 2812(Kent.)N
8 s
2575 2787(4)N
3 f
10 s
2399 3004(2.1.)N
2559(What)X
2770(Does)X
2955(It)X
3033(Do?)X
2 f
2599 3128(Kerberos)N
1 f
2925(keeps)X
3129(a)X
3186(database)X
3484(of)X
3571(its)X
3666(clients)X
3895(and)X
2399 3224(their)N
2 f
2589(private)X
2859(keys)X
1 f
3005(.)X
3087(The)X
3254(private)X
3519(key)X
3677(is)X
3772(a)X
3850(large)X
2399 3320(number)N
2670(known)X
2914(only)X
3082(to)X
2 f
3170(Kerberos)X
1 f
3500(and)X
3641(the)X
3764(client)X
3967(it)X
2399 3416(belongs)N
2673(to.)X
2800(In)X
2892(the)X
3015(case)X
3179(that)X
3324(the)X
3447(client)X
3650(is)X
3728(a)X
3789(user,)X
3967(it)X
2399 3512(is)N
2509(an)X
2642(encrypted)X
3016(password.)X
3415(Network)X
3752(services)X
2399 3608(requiring)N
2732(authentication)X
3225(register)X
3505(with)X
2 f
3686(Kerberos)X
1 f
3991(,)X
2399 3704(as)N
2497(do)X
2607(clients)X
2846(wishing)X
3129(to)X
3221(use)X
3358(those)X
3557(services.)X
3886(The)X
2399 3800(private)N
2642(keys)X
2809(are)X
2928(negotiated)X
3282(at)X
3360(registration.)X
2599 3924(Because)N
2 f
2928(Kerberos)X
1 f
3294(knows)X
3563(these)X
3788(private)X
2399 4020(keys,)N
2594(it)X
2666(can)X
2805(create)X
3025(messages)X
3355(which)X
3578(convince)X
3895(one)X
2399 4116(client)N
2609(that)X
2761(another)X
3034(is)X
3119(really)X
3334(who)X
3504(it)X
3580(claims)X
3821(to)X
3915(be.)X
2 f
2399 4212(Kerberos)N
1 f
2735(also)X
2895(generates)X
3230(temporary)X
3591(private)X
3844(keys,)X
2399 4308(called)N
2 f
2644(session)X
2928(keys)X
1 f
3074(,)X
3147(which)X
3396(are)X
3547(given)X
3777(to)X
3891(two)X
2399 4404(clients)N
2645(and)X
2798(no)X
2915(one)X
3068(else.)X
3270(A)X
3365(session)X
3633(key)X
3786(can)X
3935(be)X
2399 4500(used)N
2566(to)X
2648(encrypt)X
2909(messages)X
3232(between)X
3520(two)X
3660(parties.)X
2 f
2599 4624(Kerberos)N
1 f
2941(provides)X
3253(three)X
3450(distinct)X
3721(levels)X
3944(of)X
2399 4720(protection.)N
2810(The)X
2980(application)X
3381(programmer)X
3823(deter-)X
2399 4816(mines)N
2642(which)X
2890(is)X
2995(appropriate,)X
3432(according)X
3800(to)X
3913(the)X
2399 4912(requirements)N
2864(of)X
2977(the)X
3121(application.)X
3563(For)X
3719(example,)X
2399 5008(some)N
2606(applications)X
3031(require)X
3297(only)X
3476(that)X
3633(authenticity)X
2399 5104(be)N
2504(established)X
2889(at)X
2976(the)X
3102(initiation)X
3418(of)X
3513(a)X
3577(network)X
3868(con-)X
2399 5200(nection,)N
2697(and)X
2855(can)X
3009(assume)X
3287(that)X
3448(further)X
3708(messages)X
2399 5296(from)N
2584(a)X
2649(given)X
2856(network)X
3147(address)X
3416(originate)X
3729(from)X
3913(the)X
2399 5392(authenticated)N
2868(party.)X
3114(Our)X
3280(authenticated)X
3748(network)X
2399 5488(file)N
2526(system)X
2768(uses)X
2926(this)X
3061(level)X
3237(of)X
3324(security.)X
2599 5612(Other)N
2806(applications)X
3216(require)X
3467(authentication)X
3944(of)X
2399 5708(each)N
2567(message,)X
2879(but)X
3001(do)X
3101(not)X
3223(care)X
3378(whether)X
3657(the)X
3775(content)X
2399 5804(of)N
2506(the)X
2644(message)X
2956(is)X
3049(disclosed)X
3387(or)X
3494(not.)X
3676(For)X
3826(these,)X
2028 6144(March)N
2258(30,)X
2378(1988)X
4 p
%%Page: 4 4
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2216 416(-)N
2263(4)X
2323(-)X
2 f
555 672(Kerberos)N
1 f
893(provides)X
2 f
1202(safe)X
1364(messages)X
1 f
1674(.)X
1746(Yet)X
1894(a)X
1962(higher)X
555 768(level)N
734(of)X
824(security)X
1101(is)X
1177(provided)X
1485(by)X
2 f
1588(private)X
1837(messages)X
1 f
2147(,)X
555 864(where)N
774(each)X
943(message)X
1236(is)X
1310(not)X
1433(only)X
1596(authenticated,)X
2065(but)X
555 960(also)N
724(encrypted.)X
1121(Private)X
1387(messages)X
1729(are)X
1867(used,)X
2073(for)X
555 1056(example,)N
878(by)X
989(the)X
2 f
1117(Kerberos)X
1 f
1452(server)X
1679(itself)X
1869(for)X
1993(send-)X
555 1152(ing)N
677(passwords)X
1031(over)X
1194(the)X
1312(network.)X
3 f
555 1344(2.2.)N
715(Software)X
1043(Components)X
1 f
755 1468(The)N
956(Athena)X
1264(implementation)X
1842(comprises)X
555 1564(several)N
823(modules)X
1134(\(see)X
1304(Figure)X
1552(1\).)X
1698(The)X
2 f
1862(Kerberos)X
1 f
555 1660(applications)N
999(library)X
1270(provides)X
1603(an)X
1735(interface)X
2073(for)X
555 1756(application)N
963(clients)X
1224(and)X
1392(application)X
1799(servers.)X
2118(It)X
555 1852(contains,)N
878(among)X
1132(others,)X
1384(routines)X
1677(for)X
1806(creating)X
2100(or)X
555 1948(reading)N
829(authentication)X
1316(requests,)X
1631(and)X
1779(the)X
1909(routines)X
555 2044(for)N
669(creating)X
948(safe)X
1098(or)X
1185(private)X
1428(messages.)X
10 f
796 2284(g)N
2 f
844(Kerberos)X
1 f
1162(applications)X
1569(library)X
10 f
796 2380(g)N
1 f
844(encryption)X
1207(library)X
10 f
796 2476(g)N
1 f
844(database)X
1141(library)X
10 f
796 2572(g)N
1 f
844(database)X
1141(administration)X
1623(programs)X
10 f
796 2668(g)N
1 f
844(administration)X
1326(server)X
10 f
796 2764(g)N
1 f
844(authentication)X
1318(server)X
10 f
796 2860(g)N
1 f
844(db)X
944(propagation)X
1347(software)X
10 f
796 2956(g)N
1 f
844(user)X
998(programs)X
10 f
796 3052(g)N
1 f
844(applications)X
3 f
661 3196(Figure)N
908(1.)X
2 f
1008(Kerberos)X
1 f
1326(Software)X
1636(Components.)X
755 3416(Encryption)N
1145(in)X
2 f
1241(Kerberos)X
1 f
1580(is)X
1667(based)X
1883(on)X
1996(DES,)X
555 3512(the)N
694(Data)X
886(Encryption)X
1282(Standard.)X
8 s
1587 3487(5)N
10 s
1659 3512(The)N
1824(encryption)X
555 3608(library)N
849(implements)X
1301(those)X
1549(routines.)X
1926(Several)X
555 3704(methods)N
859(of)X
959(encryption)X
1335(are)X
1467(provided,)X
1805(with)X
1979(trade-)X
555 3800(offs)N
703(between)X
994(speed)X
1200(and)X
1339(security.)X
1656(An)X
1776(extension)X
2105(to)X
555 3896(the)N
692(DES)X
882(Cypher)X
1157(Block)X
1387(Chaining)X
1718(\(CBC\))X
1969(mode,)X
555 3992(called)N
785(the)X
921(Propagating)X
1346(CBC)X
1542(mode,)X
1777(is)X
1867(also)X
2033(pro-)X
555 4088(vided.)N
825(In)X
944(CBC,)X
1175(an)X
1303(error)X
1512(is)X
1617(propagated)X
2025(only)X
555 4184(through)N
834(the)X
962(current)X
1220(block)X
1428(of)X
1525(the)X
1653(cipher,)X
1903(whereas)X
555 4280(in)N
648(PCBC,)X
902(the)X
1031(error)X
1218(is)X
1301(propagated)X
1688(throughout)X
2069(the)X
555 4376(message.)N
891(This)X
1057(renders)X
1318(the)X
1439(entire)X
1645(message)X
1940(useless)X
555 4472(if)N
631(an)X
733(error)X
916(occurs,)X
1172(rather)X
1386(than)X
1550(just)X
1691(a)X
1753(portion)X
2010(of)X
2103(it.)X
555 4568(The)N
705(encryption)X
1073(library)X
1312(is)X
1390(an)X
1491(independent)X
1907(module,)X
555 4664(and)N
692(may)X
851(be)X
948(replaced)X
1242(with)X
1405(other)X
1591(DES)X
1762(implementa-)X
555 4760(tions)N
730(or)X
817(a)X
873(different)X
1170(encryption)X
1533(library.)X
755 4884(Another)N
1041(replaceable)X
1431(module)X
1694(is)X
1770(the)X
1890(database)X
555 4980(management)N
995(system.)X
1286(The)X
1440(current)X
1697(Athena)X
1958(imple-)X
555 5076(mentation)N
924(of)X
1040(the)X
1187(database)X
1513(library)X
1776(uses)X
2 f
1962(ndbm)X
1 f
2147(,)X
555 5172(although)N
863(Ingres)X
1092(was)X
1244(originally)X
1582(used.)X
1796(Other)X
2006(data-)X
555 5268(base)N
718(management)X
1148(libraries)X
1431(could)X
1629(be)X
1725(used)X
1892(as)X
1979(well.)X
755 5392(The)N
2 f
912(Kerberos)X
1 f
1248(database)X
1556(needs)X
1770(are)X
1900(straight-)X
555 5488(forward;)N
859(a)X
922(record)X
1155(is)X
1235(held)X
1399(for)X
1519(each)X
1693(principal,)X
2024(con-)X
555 5584(taining)N
801(the)X
923(name,)X
1141(private)X
1387(key,)X
1546(and)X
1685(expiration)X
2033(date)X
555 5680(of)N
655(the)X
786(principal,)X
1124(along)X
1334(with)X
1508(some)X
1709(administrative)X
555 5776(information.)N
995(\(The)X
1169(expiration)X
1516(date)X
1671(is)X
1745(the)X
1864(date)X
2019(after)X
2399 672(which)N
2617(an)X
2715(entry)X
2902(is)X
2977(no)X
3079(longer)X
3305(valid.)X
3526(It)X
3596(is)X
3670(usually)X
3922(set)X
2399 768(to)N
2481(a)X
2537(few)X
2678(years)X
2868(into)X
3012(the)X
3130(future)X
3342(at)X
3420(registration.\))X
2599 892(Other)N
2810(user)X
2972(information,)X
3398(such)X
3573(as)X
3668(real)X
3817(name,)X
2399 988(phone)N
2630(number,)X
2930(and)X
3081(so)X
3187(forth,)X
3397(is)X
3484(kept)X
3656(by)X
3770(another)X
2399 1084(server,)N
2643(the)X
2 f
2767(Hesiod)X
1 f
3027(nameserver.)X
8 s
3418 1059(6)N
10 s
3476 1084(This)N
3644(way,)X
3824(sensi-)X
2399 1180(tive)N
2548(information,)X
2975(namely)X
3240(passwords,)X
3623(can)X
3764(be)X
3868(han-)X
2399 1276(dled)N
2592(by)X
2 f
2727(Kerberos)X
1 f
3032(,)X
3106(using)X
3333(fairly)X
3561(high)X
3757(security)X
2399 1372(measures;)N
2773(while)X
3004(the)X
3154(non-sensitive)X
3633(information)X
2399 1468(kept)N
2571(by)X
2 f
2685(Hesiod)X
1 f
2953(is)X
3040(dealt)X
3230(with)X
3406(differently;)X
3801(it)X
3879(can,)X
2399 1564(for)N
2530(example,)X
2859(be)X
2972(sent)X
3138(unencrypted)X
3572(over)X
3752(the)X
3886(net-)X
2399 1660(work.)N
2599 1784(The)N
2 f
2779(Kerberos)X
1 f
3139(servers)X
3421(use)X
3582(the)X
3734(database)X
2399 1880(library,)N
2657(as)X
2747(do)X
2850(the)X
2971(tools)X
3149(for)X
3266(administering)X
3729(the)X
3850(data-)X
2399 1976(base.)N
2599 2100(The)N
2 f
2793(administration)X
3332(server)X
1 f
3609(\(or)X
3771(KDBM)X
2399 2196(server\))N
2646(provides)X
2945(a)X
3004(read-write)X
3358(network)X
3644(interface)X
3949(to)X
2399 2292(the)N
2521(database.)X
2862(The)X
3011(client)X
3213(side)X
3366(of)X
3457(the)X
3578(program)X
3873(may)X
2399 2388(be)N
2520(run)X
2672(on)X
2797(any)X
2957(machine)X
3273(on)X
3397(the)X
3539(network.)X
3886(The)X
2399 2484(server)N
2633(side,)X
2819(however,)X
3153(must)X
3345(run)X
3489(on)X
3605(the)X
3739(machine)X
2399 2580(housing)N
2683(the)X
2 f
2811(Kerberos)X
1 f
3146(database)X
3453(in)X
3545(order)X
3745(to)X
3837(make)X
2399 2676(changes)N
2678(to)X
2760(the)X
2878(database.)X
2599 2800(The)N
2 f
2779(authentication)X
3296(server)X
1 f
3558(\(or)X
2 f
3706(Kerberos)X
1 f
2399 2896(server\),)N
2685(on)X
2807(the)X
2947(other)X
3154(hand,)X
3372(performs)X
3703(read-only)X
2399 2992(operations)N
2757(on)X
2861(the)X
2 f
2983(Kerberos)X
1 f
3312(database,)X
3633(namely,)X
3913(the)X
2399 3088(authentication)N
2900(of)X
3014(principals,)X
3397(and)X
3559(generation)X
3944(of)X
2399 3184(session)N
2662(keys.)X
2881(Since)X
3091(this)X
3238(server)X
3467(does)X
3646(not)X
3780(modify)X
2399 3280(the)N
2 f
2527(Kerberos)X
1 f
2862(database,)X
3189(it)X
3262(may)X
3429(run)X
3565(on)X
3674(a)X
3739(machine)X
2399 3376(housing)N
2677(a)X
2738(read-only)X
3071(copy)X
3252(of)X
3344(the)X
3467(master)X
2 f
3706(Kerberos)X
1 f
2399 3472(database.)N
2599 3596(Database)N
2953(propagation)X
3395(software)X
3730(manages)X
2399 3692(replication)N
2769(of)X
2863(the)X
2 f
2988(Kerberos)X
1 f
3320(database.)X
3664(It)X
3740(is)X
3820(possi-)X
2399 3788(ble)N
2523(to)X
2611(have)X
2789(copies)X
3020(of)X
3112(the)X
3235(database)X
3537(on)X
3642(several)X
3895(dif-)X
2399 3884(ferent)N
2609(machines,)X
2953(with)X
3116(a)X
3173(copy)X
3350(of)X
3438(the)X
3557(authentication)X
2399 3980(server)N
2630(running)X
2913(on)X
3026(each)X
3207(machine.)X
3552(Each)X
3746(of)X
3846(these)X
2 f
2399 4076(slave)N
1 f
2610(machines)X
2952(receives)X
3255(an)X
3370(update)X
3623(of)X
3728(the)X
2 f
3864(Ker-)X
2399 4172(beros)N
1 f
2608(database)X
2909(from)X
3088(the)X
2 f
3209(master)X
1 f
3457(machine)X
3752(at)X
3833(given)X
2399 4268(intervals.)N
2599 4392(Finally,)N
2892(there)X
3100(are)X
3245(end-user)X
3568(programs)X
3917(for)X
2399 4488(logging)N
2691(in)X
2801(to)X
2 f
2910(Kerberos)X
1 f
3215(,)X
3282(changing)X
3623(a)X
2 f
3706(Kerberos)X
1 f
2399 4584(password,)N
2748(and)X
2890(displaying)X
3249(or)X
3342(destroying)X
2 f
3706(Kerberos)X
2399 4680(tickets)N
1 f
2631(\(tickets)X
2887(are)X
3006(explained)X
3338(later)X
3501(on\).)X
3 f
2399 4872(3.)N
4 f
2499(Kerberos)X
3 f
2817(Names)X
1 f
2599 4996(Part)N
2749(of)X
2837(authenticating)X
3312(an)X
3409(entity)X
3612(is)X
3686(naming)X
3947(it.)X
2399 5092(The)N
2558(process)X
2833(of)X
2934(authentication)X
3422(is)X
3509(the)X
3641(verification)X
2399 5188(that)N
2562(the)X
2703(client)X
2924(is)X
3020(the)X
3161(one)X
3320(named)X
3577(in)X
3681(a)X
3759(request.)X
2399 5284(What)N
2599(does)X
2772(a)X
2833(name)X
3032(consist)X
3279(of?)X
3427(In)X
2 f
3519(Kerberos)X
1 f
3824(,)X
3869(both)X
2399 5380(users)N
2615(and)X
2782(servers)X
3061(are)X
3211(named.)X
3516(As)X
3656(far)X
3796(as)X
3913(the)X
2399 5476(authentication)N
2917(server)X
3178(is)X
3295(concerned,)X
3710(they)X
3912(are)X
2399 5572(equivalent.)N
2802(A)X
2889(name)X
3092(consists)X
3374(of)X
3470(a)X
3535(primary)X
3817(name,)X
2399 5668(an)N
2561(instance,)X
2930(and)X
3132(a)X
3254(realm,)X
3542(expressed)X
3944(as)X
2 f
2399 5764(name.instance@realm)N
1 f
3148(\(see)X
3298(Figure)X
3527(2\).)X
2028 6144(March)N
2258(30,)X
2378(1988)X
5 p
%%Page: 5 5
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2216 416(-)N
2263(5)X
2323(-)X
1303 816(bcn)N
1192 912(treese.root)N
1037 1008(jis@LCS.MIT.EDU)N
784 1104(rlogin.priam@ATHENA.MIT.EDU)N
3 f
907 1296(Figure)N
1154(2.)X
2 f
1254(Kerberos)X
1 f
1572(Names.)X
755 1468(The)N
2 f
908(primary)X
1194(name)X
1 f
1403(is)X
1484(the)X
1610(name)X
1812(of)X
1907(the)X
2033(user)X
555 1564(or)N
643(the)X
762(service.)X
1051(The)X
2 f
1197(instance)X
1 f
1492(is)X
1566(used)X
1734(to)X
1817(distinguish)X
555 1660(among)N
827(variations)X
1197(on)X
1331(the)X
1482(primary)X
1789(name.)X
2056(For)X
555 1756(users,)N
776(an)X
888(instance)X
1187(may)X
1360(entail)X
1573(special)X
1831(privileges,)X
555 1852(such)N
737(as)X
839(the)X
972(``root'')X
1244(or)X
1346(``admin'')X
1688(instances.)X
2056(For)X
555 1948(services)N
844(in)X
935(the)X
1062(Athena)X
1323(environment,)X
1777(the)X
1904(instance)X
555 2044(is)N
636(usually)X
895(the)X
1020(name)X
1221(of)X
1315(the)X
1440(machine)X
1739(on)X
1846(which)X
2069(the)X
555 2140(server)N
781(runs.)X
988(For)X
1128(example,)X
1448(the)X
2 f
1574(rlogin)X
1 f
1804(service)X
2060(has)X
555 2236(different)N
957(instances)X
1376(on)X
1580(different)X
1981(hosts:)X
2 f
555 2332(rlogin.priam)N
1 f
1017(is)X
1119(the)X
2 f
1265(rlogin)X
1 f
1515(server)X
1760(on)X
1888(the)X
2034(host)X
555 2428(named)N
792(priam.)X
1042(A)X
2 f
1123(Kerberos)X
1 f
1451(ticket)X
1652(is)X
1727(only)X
1891(good)X
2073(for)X
555 2524(a)N
616(single)X
832(named)X
1071(server.)X
1333(As)X
1447(such,)X
1639(a)X
1700(separate)X
1989(ticket)X
555 2620(is)N
632(required)X
923(to)X
1008(gain)X
1169(access)X
1398(to)X
1483(different)X
1783(instances)X
2100(of)X
555 2716(the)N
686(same)X
884(service.)X
1185(The)X
2 f
1343(realm)X
1 f
1570(is)X
1656(the)X
1786(name)X
1992(of)X
2091(an)X
555 2812(administrative)N
1035(entity)X
1239(that)X
1381(maintains)X
1713(authentication)X
555 2908(data.)N
783(For)X
947(example,)X
1292(different)X
1622(institutions)X
2029(may)X
555 3004(each)N
724(have)X
896(their)X
1063(own)X
2 f
1221(Kerberos)X
1 f
1546(machine,)X
1858(housing)X
2131(a)X
555 3100(different)N
856(database.)X
1197(They)X
1386(have)X
1562(different)X
2 f
1862(Kerberos)X
1 f
555 3196(realms.)N
839(\(Realms)X
1136(are)X
1265(discussed)X
1601(further)X
1849(in)X
1940(section)X
555 3292(8.2.\))N
3 f
555 3484(4.)N
655(How)X
835(It)X
913(Works)X
1 f
755 3608(This)N
917(section)X
1164(describes)X
1483(the)X
2 f
1601(Kerberos)X
1 f
1926(authen-)X
555 3704(tication)N
837(protocols.)X
1217(The)X
1383(following)X
1735(abbreviations)X
555 3800(are)N
674(used)X
841(in)X
923(the)X
1041(figures.)X
720 3992(c)N
1135(->)X
1327(client)X
720 4088(s)N
1135(->)X
1327(server)X
720 4184(addr)N
1135(->)X
1327(client's)X
1583(network)X
1866(address)X
720 4280(life)N
1135(->)X
1327(lifetime)X
1596(of)X
1683(ticket)X
720 4376(tgs,)N
853(TGS)X
1135(->)X
1327(ticket-granting)X
1819(server)X
720 4472(Kerberos)N
1135(->)X
1327(authentication)X
1801(server)X
720 4568(KDBM)N
1135(->)X
1327(administration)X
1809(server)X
720 4664(K)N
8 s
778 4689(x)N
10 s
1135 4664(->)N
1327(x's)X
1445(private)X
1688(key)X
720 4760(K)N
8 s
778 4785(x,y)N
10 s
1135 4760(->)N
1327(session)X
1578(key)X
1714(for)X
1828(x)X
1888(and)X
2024(y)X
720 4856({abc}K)N
8 s
966 4881(x)N
10 s
1135 4856(->)N
1327(abc)X
1459(encrypted)X
1796(in)X
1878(x's)X
1996(key)X
720 4952(T)N
8 s
769 4977(x,y)N
10 s
1135 4952(->)N
1327(x's)X
1445(ticket)X
1643(to)X
1725(use)X
1852(y)X
720 5048(A)N
8 s
778 5073(x)N
10 s
1135 5048(->)N
1327(authenticator)X
1766(for)X
1880(x)X
720 5144(WS)N
1135(->)X
1327(workstation)X
555 5432(As)N
668(mentioned)X
1029(above,)X
1264(the)X
2 f
1385(Kerberos)X
1 f
1713(authentication)X
555 5528(model)N
791(is)X
880(based)X
1099(on)X
1214(the)X
1347(Needham)X
1690(and)X
1841(Schroeder)X
555 5624(key)N
694(distribution)X
1085(protocol.)X
1415(When)X
1630(a)X
1689(user)X
1846(requests)X
2131(a)X
555 5720(service,)N
834(her/his)X
1083(identity)X
1358(must)X
1544(be)X
1651(established.)X
2078(To)X
555 5816(do)N
665(this,)X
830(a)X
896(ticket)X
1104(is)X
1187(presented)X
1525(to)X
1616(the)X
1743(server,)X
1989(along)X
2399 672(with)N
2567(proof)X
2767(that)X
2912(the)X
3035(ticket)X
3238(was)X
3388(originally)X
3724(issued)X
3949(to)X
2399 768(the)N
2535(user,)X
2727(not)X
2867(stolen.)X
3136(There)X
3362(are)X
3499(three)X
3698(phases)X
3949(to)X
2399 864(authentication)N
2907(through)X
2 f
3210(Kerberos)X
1 f
3515(.)X
3609(In)X
3730(the)X
3882(first)X
2399 960(phase,)N
2634(the)X
2764(user)X
2930(obtains)X
3192(credentials)X
3571(to)X
3664(be)X
3771(used)X
3949(to)X
2399 1056(request)N
2669(access)X
2912(to)X
3011(other)X
3213(services.)X
3549(In)X
3653(the)X
3788(second)X
2399 1152(phase,)N
2657(the)X
2810(user)X
2999(requests)X
3317(authentication)X
3826(for)X
3975(a)X
2399 1248(specific)N
2699(service.)X
3017(In)X
3134(the)X
3282(final)X
3478(phase,)X
3730(the)X
3877(user)X
2399 1344(presents)N
2682(those)X
2871(credentials)X
3239(to)X
3321(the)X
3439(end)X
3575(server.)X
3 f
2399 1536(4.1.)N
2559(Credentials)X
1 f
2599 1660(There)N
2818(are)X
2948(two)X
3098(types)X
3297(of)X
3394(credentials)X
3772(used)X
3949(in)X
2399 1756(the)N
2 f
2538(Kerberos)X
1 f
2884(authentication)X
3379(model:)X
2 f
3642(tickets)X
1 f
3895(and)X
2 f
2399 1852(authenticators)N
1 f
2868(.)X
2950(Both)X
3146(are)X
3286(based)X
3510(on)X
3631(private)X
3895(key)X
2399 1948(encryption,)N
2786(but)X
2912(they)X
3074(are)X
3197(encrypted)X
3538(using)X
3734(different)X
2399 2044(keys.)N
2615(A)X
2702(ticket)X
2909(is)X
2991(used)X
3167(to)X
3258(securely)X
3554(pass)X
3720(the)X
3846(iden-)X
2399 2140(tity)N
2535(of)X
2632(the)X
2760(person)X
3003(to)X
3094(whom)X
3323(the)X
3450(ticket)X
3657(was)X
3811(issued)X
2399 2236(between)N
2712(the)X
2854(authentication)X
3352(server)X
3593(and)X
3753(the)X
3895(end)X
2399 2332(server.)N
2664(A)X
2750(ticket)X
2956(also)X
3113(passes)X
3346(information)X
3752(that)X
3899(can)X
2399 2428(be)N
2511(used)X
2693(to)X
2790(make)X
2999(sure)X
3168(that)X
3323(the)X
3456(person)X
3705(using)X
3913(the)X
2399 2524(ticket)N
2606(is)X
2688(the)X
2815(same)X
3009(person)X
3252(to)X
3342(which)X
3566(it)X
3638(was)X
3791(issued.)X
2399 2620(The)N
2545(authenticator)X
2985(contains)X
3272(the)X
3390(additional)X
3730(informa-)X
2399 2716(tion)N
2563(which,)X
2818(when)X
3031(compared)X
3387(against)X
3653(that)X
3812(in)X
3913(the)X
2399 2812(ticket)N
2598(proves)X
2832(that)X
2972(the)X
3090(client)X
3288(presenting)X
3642(the)X
3760(ticket)X
3958(is)X
2399 2908(the)N
2517(same)X
2702(one)X
2838(to)X
2920(which)X
3136(the)X
3254(ticket)X
3452(was)X
3597(issued.)X
2599 3032(A)N
2690(ticket)X
2901(is)X
2987(good)X
3180(for)X
3307(a)X
3375(single)X
3598(server)X
3827(and)X
3975(a)X
2399 3128(single)N
2620(client.)X
2867(It)X
2945(contains)X
3241(the)X
3368(name)X
3571(of)X
3667(the)X
3794(server,)X
2399 3224(the)N
2522(name)X
2721(of)X
2813(the)X
2936(client,)X
3159(the)X
3282(Internet)X
3557(address)X
3822(of)X
3913(the)X
2399 3320(client,)N
2622(a)X
2683(timestamp,)X
3061(a)X
3122(lifetime,)X
3416(and)X
3557(a)X
3617(random)X
3886(ses-)X
2399 3416(sion)N
2556(key.)X
2735(This)X
2900(information)X
3301(is)X
3377(encrypted)X
3717(using)X
3913(the)X
2399 3512(key)N
2536(of)X
2623(the)X
2741(server)X
2958(for)X
3072(which)X
3288(the)X
3406(ticket)X
3604(will)X
3748(be)X
3844(used.)X
2399 3608(Once)N
2601(the)X
2731(ticket)X
2941(has)X
3079(been)X
3262(issued,)X
3513(it)X
3588(may)X
3757(be)X
3864(used)X
2399 3704(multiple)N
2690(times)X
2888(by)X
2993(the)X
3116(named)X
3355(client)X
3557(to)X
3643(gain)X
3805(access)X
2399 3800(to)N
2483(the)X
2603(named)X
2839(server,)X
3077(until)X
3244(the)X
3363(ticket)X
3562(expires.)X
3855(Note)X
2399 3896(that)N
2547(because)X
2830(the)X
2956(ticket)X
3162(is)X
3243(encrypted)X
3587(in)X
3676(the)X
3801(key)X
3944(of)X
2399 3992(the)N
2525(server,)X
2770(it)X
2842(is)X
2922(safe)X
3079(to)X
3168(allow)X
3373(the)X
3498(user)X
3659(to)X
3748(pass)X
3913(the)X
2399 4088(ticket)N
2613(on)X
2728(to)X
2825(the)X
2958(server)X
3190(without)X
3469(having)X
3722(to)X
3819(worry)X
2399 4184(about)N
2597(the)X
2715(user)X
2869(modifying)X
3222(the)X
3340(ticket)X
3538(\(see)X
3688(Figure)X
3917(3\).)X
2637 4424({s,)N
2746(c,)X
2822(addr,)X
3005(timestamp,)X
3378(life,)X
3525(K)X
8 s
3583 4449(s,c)N
10 s
3652 4424(}K)N
8 s
3748 4449(s)N
3 f
10 s
2721 4616(Figure)N
2968(3.)X
1 f
3068(A)X
2 f
3146(Kerberos)X
1 f
3464(Ticket.)X
2599 4788(Unlike)N
2839(the)X
2958(ticket,)X
3177(the)X
3296(authenticator)X
3736(can)X
3869(only)X
2399 4884(be)N
2497(used)X
2666(once.)X
2880(A)X
2960(new)X
3116(one)X
3254(must)X
3431(be)X
3529(generated)X
3863(each)X
2399 4980(time)N
2562(a)X
2619(client)X
2818(wants)X
3026(to)X
3109(use)X
3236(a)X
3292(service.)X
3580(This)X
3742(does)X
3909(not)X
2399 5076(present)N
2669(a)X
2742(problem)X
3046(because)X
3338(the)X
3473(client)X
3688(is)X
3778(able)X
3949(to)X
2399 5172(build)N
2606(the)X
2747(authenticator)X
3209(itself.)X
3452(An)X
3592(authenticator)X
2399 5268(contains)N
2692(the)X
2815(name)X
3014(of)X
3106(the)X
3229(client,)X
3452(the)X
3575(workstation's)X
2399 5364(IP)N
2492(address,)X
2775(and)X
2913(the)X
3033(current)X
3283(workstation)X
3683(time.)X
3886(The)X
2399 5460(authenticator)N
2846(is)X
2927(encrypted)X
3272(in)X
3362(the)X
3488(session)X
3747(key)X
3891(that)X
2399 5556(is)N
2472(part)X
2617(of)X
2704(the)X
2822(ticket)X
3020(\(see)X
3170(Figure)X
3399(4\).)X
2028 6144(March)N
2258(30,)X
2378(1988)X
6 p
%%Page: 6 6
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2216 416(-)N
2263(6)X
2323(-)X
963 816({c,)N
1077(addr,)X
1260(timestamp}K)X
8 s
1689 841(s,c)N
3 f
10 s
759 1008(Figure)N
1006(4.)X
1 f
1106(A)X
2 f
1184(Kerberos)X
1 f
1502(Authenticator.)X
3 f
555 1248(4.2.)N
715(Getting)X
993(the)X
1120(Initial)X
1348(Ticket)X
1 f
755 1372(When)N
980(the)X
1110(user)X
1276(walks)X
1495(up)X
1607(to)X
1701(a)X
1769(workstation,)X
555 1468(only)N
730(one)X
879(piece)X
1081(of)X
1180(information)X
1590(can)X
1734(prove)X
1949(her/his)X
555 1564(identity:)N
902(the)X
1081(user's)X
1353(password.)X
1776(The)X
1981(initial)X
555 1660(exchange)N
932(with)X
1147(the)X
1318(authentication)X
1845(server)X
2114(is)X
555 1756(designed)N
877(to)X
976(minimize)X
1315(the)X
1450(chance)X
1711(that)X
1868(the)X
2002(pass-)X
555 1852(word)N
762(will)X
928(be)X
1046(compromised,)X
1544(while)X
1764(at)X
1863(the)X
2002(same)X
555 1948(time)N
725(not)X
855(allowing)X
1163(a)X
1227(user)X
1389(to)X
1479(properly)X
1779(authenticate)X
555 2044(her/himself)N
949(without)X
1221(knowledge)X
1601(of)X
1696(that)X
1844(password.)X
555 2140(The)N
711(process)X
982(of)X
1079(logging)X
1353(in)X
1445(appears)X
1721(to)X
1813(the)X
1941(user)X
2105(to)X
555 2236(be)N
652(the)X
771(same)X
956(as)X
1043(logging)X
1307(in)X
1389(to)X
1471(a)X
1527(timesharing)X
1925(system.)X
555 2332(Behind)N
826(the)X
964(scenes,)X
1234(though,)X
1516(it)X
1599(is)X
1691(quite)X
1890(different)X
555 2428(\(see)N
705(Figure)X
934(5\).)X
791 2736(Client)N
720 2720 MXY
336 238 De
1332 2688(c,)N
1408(tgs)X
10 f
1056 2720(hhhhhhhhhhhhhhhhhh)N
1727 2732 MXY
48 -12 Dl
1727 2708 MXY
48 12 Dl
1 f
1796 2736(Kerberos)N
1775 2720 MXY
336 238 De
791 3157(Client)N
720 3141 MXY
336 238 De
1038 3237({K)N
8 s
1134 3262(c,tgs)N
10 s
1253 3237(,{T)N
8 s
1360 3262(c,tgs)N
10 s
1479 3237(})N
1537(K)X
8 s
1595 3262(tgs)N
10 s
1670 3237(}K)N
8 s
1766 3262(c)N
10 s
1104 3129 MXY
-48 12 Dl
1104 3153 MXY
-48 -12 Dl
10 f
(hhhhhhhhhhhhhhhhhh)S
1 f
1796 3157(Kerberos)N
1775 3141 MXY
336 238 De
3 f
835 3510(Figure)N
1082(5.)X
1 f
1182(Getting)X
1442(the)X
1560(Initial)X
1771(Ticket.)X
755 3682(The)N
906(user)X
1066(is)X
1145(prompted)X
1477(for)X
1596(her/his)X
1839(username.)X
555 3778(Once)N
753(it)X
825(has)X
959(been)X
1138(entered,)X
1422(a)X
1485(request)X
1744(is)X
1824(sent)X
1980(to)X
2069(the)X
555 3874(authentication)N
1041(server)X
1270(containing)X
1640(the)X
1770(user's)X
1993(name)X
555 3970(and)N
703(the)X
833(name)X
1039(of)X
1138(a)X
1206(special)X
1461(service)X
1721(known)X
1971(as)X
2069(the)X
2 f
555 4066(ticket-granting)N
1051(service)X
1 f
1286(.)X
755 4190(The)N
931(authentication)X
1436(server)X
1684(checks)X
1953(that)X
2123(it)X
555 4286(knows)N
792(about)X
998(the)X
1124(client.)X
1370(If)X
1452(so,)X
1571(it)X
1643(generates)X
1974(a)X
2037(ran-)X
555 4382(dom)N
719(session)X
971(key)X
1108(which)X
1325(will)X
1470(later)X
1634(be)X
1731(used)X
1899(between)X
555 4478(the)N
686(client)X
897(and)X
1045(the)X
1175(ticket-granting)X
1679(server.)X
1948(It)X
2029(then)X
555 4574(creates)N
832(a)X
920(ticket)X
1150(for)X
1296(the)X
1446(ticket-granting)X
1970(server)X
555 4670(which)N
774(contains)X
1064(the)X
1185(client's)X
1444(name,)X
1661(the)X
1782(name)X
1979(of)X
2069(the)X
555 4766(ticket-granting)N
1052(server,)X
1294(the)X
1417(current)X
1670(time,)X
1857(a)X
1918(lifetime)X
555 4862(for)N
673(the)X
795(ticket,)X
1017(the)X
1139(client's)X
1399(IP)X
1493(address,)X
1777(and)X
1916(the)X
2037(ran-)X
555 4958(dom)N
763(session)X
1060(key)X
1242(just)X
1423(created.)X
1762(This)X
1969(is)X
2087(all)X
555 5054(encrypted)N
917(in)X
1024(a)X
1105(key)X
1266(known)X
1528(only)X
1714(to)X
1820(the)X
1962(ticket-)X
555 5150(granting)N
842(server)X
1059(and)X
1195(the)X
1313(authentication)X
1787(server.)X
755 5274(The)N
925(authentication)X
1424(server)X
1665(then)X
1847(sends)X
2069(the)X
555 5370(ticket,)N
786(along)X
997(with)X
1172(a)X
1241(copy)X
1430(of)X
1529(the)X
1659(random)X
1936(session)X
555 5466(key)N
697(and)X
839(some)X
1034(additional)X
1380(information,)X
1804(back)X
1982(to)X
2069(the)X
555 5562(client.)N
803(This)X
975(response)X
1285(is)X
1367(encrypted)X
1713(in)X
1804(the)X
1931(client's)X
555 5658(private)N
823(key,)X
1004(known)X
1267(only)X
1454(to)X
2 f
1560(Kerberos)X
1 f
1909(and)X
2069(the)X
555 5754(client,)N
773(which)X
989(is)X
1062(derived)X
1323(from)X
1499(the)X
1617(user's)X
1829(password.)X
2599 672(Once)N
2791(the)X
2911(response)X
3214(has)X
3343(been)X
3517(received)X
3812(by)X
3913(the)X
2399 768(client,)N
2618(the)X
2737(user)X
2892(is)X
2966(asked)X
3170(for)X
3285(her/his)X
3523(password.)X
3886(The)X
2399 864(password)N
2730(is)X
2811(converted)X
3156(to)X
3246(a)X
3310(DES)X
3489(key)X
3632(and)X
3775(used)X
3949(to)X
2399 960(decrypt)N
2697(the)X
2852(response)X
3190(from)X
3403(the)X
3557(authentication)X
2399 1056(server.)N
2658(The)X
2805(ticket)X
3005(and)X
3142(the)X
3261(session)X
3513(key,)X
3670(along)X
3869(with)X
2399 1152(some)N
2615(of)X
2729(the)X
2874(other)X
3086(information,)X
3530(are)X
3675(stored)X
3917(for)X
2399 1248(future)N
2617(use,)X
2769(and)X
2910(the)X
3033(user's)X
3250(password)X
3578(and)X
3719(DES)X
3895(key)X
2399 1344(are)N
2518(erased)X
2744(from)X
2920(memory.)X
2599 1468(Once)N
2791(the)X
2911(exchange)X
3237(has)X
3365(been)X
3538(completed,)X
3913(the)X
2399 1564(workstation)N
2805(possesses)X
3140(information)X
3546(that)X
3694(it)X
3765(can)X
3904(use)X
2399 1660(to)N
2486(prove)X
2693(the)X
2815(identity)X
3083(of)X
3174(its)X
3273(user)X
3431(for)X
3549(the)X
3671(lifetime)X
3944(of)X
2399 1756(the)N
2519(ticket-granting)X
3013(ticket.)X
3253(As)X
3364(long)X
3527(as)X
3615(the)X
3734(software)X
2399 1852(on)N
2508(the)X
2635(workstation)X
3042(had)X
3187(not)X
3318(been)X
3498(previously)X
3864(tam-)X
2399 1948(pered)N
2608(with,)X
2800(no)X
2910(information)X
3318(exists)X
3530(that)X
3680(will)X
3833(allow)X
2399 2044(someone)N
2710(else)X
2861(to)X
2949(impersonate)X
3367(the)X
3491(user)X
3651(beyond)X
3913(the)X
2399 2140(life)N
2526(of)X
2613(the)X
2731(ticket.)X
3 f
2399 2332(4.3.)N
2559(Requesting)X
2961(a)X
3021(Service)X
1 f
2599 2456(For)N
2733(the)X
2853(moment,)X
3157(let)X
3259(us)X
3352(pretend)X
3615(that)X
3757(the)X
3877(user)X
2399 2552(already)N
2677(has)X
2825(a)X
2902(ticket)X
3121(for)X
3256(the)X
3395(desired)X
3667(server.)X
3944(In)X
2399 2648(order)N
2595(to)X
2683(gain)X
2847(access)X
3079(to)X
3167(the)X
3290(server,)X
3532(the)X
3655(application)X
2399 2744(builds)N
2644(an)X
2770(authenticator)X
3239(containing)X
3627(the)X
3775(client's)X
2399 2840(name)N
2604(and)X
2750(IP)X
2851(address,)X
3142(and)X
3288(the)X
3416(current)X
3674(time.)X
3886(The)X
2399 2936(authenticator)N
2844(is)X
2923(then)X
3087(encrypted)X
3429(in)X
3516(the)X
3639(session)X
3895(key)X
2399 3032(that)N
2553(was)X
2712(received)X
3019(with)X
3194(the)X
3325(ticket)X
3536(for)X
3663(the)X
3794(server.)X
2399 3128(The)N
2547(client)X
2748(then)X
2908(sends)X
3108(the)X
3228(authenticator)X
3669(along)X
3869(with)X
2399 3224(the)N
2520(ticket)X
2720(to)X
2804(the)X
2924(server)X
3143(in)X
3227(a)X
3285(manner)X
3548(defined)X
3811(by)X
3913(the)X
2399 3320(individual)N
2743(application.)X
2599 3444(Once)N
2791(the)X
2910(authenticator)X
3350(and)X
3487(ticket)X
3686(have)X
3859(been)X
2399 3540(received)N
2712(by)X
2832(the)X
2970(server,)X
3227(the)X
3365(server)X
3602(decrypts)X
3913(the)X
2399 3636(ticket,)N
2625(uses)X
2790(the)X
2915(session)X
3173(key)X
3316(included)X
3619(in)X
3708(the)X
3833(ticket)X
2399 3732(to)N
2492(decrypt)X
2764(the)X
2893(authenticator,)X
3362(compares)X
3700(the)X
3828(infor-)X
2399 3828(mation)N
2645(in)X
2731(the)X
2853(ticket)X
3055(with)X
3221(that)X
3365(in)X
3451(the)X
3572(authenticator,)X
2399 3924(the)N
2554(IP)X
2682(address)X
2980(from)X
3192(which)X
3444(the)X
3598(request)X
3886(was)X
2399 4020(received,)N
2741(and)X
2906(the)X
3053(present)X
3334(time.)X
3565(If)X
3668(everything)X
2399 4116(matches,)N
2703(it)X
2768(allows)X
2998(the)X
3117(request)X
3370(to)X
3453(proceed)X
3728(\(see)X
3878(Fig-)X
2399 4212(ure)N
2522(6\).)X
2635 4520(Client)N
2564 4504 MXY
336 238 De
2957 4440({A)N
8 s
3053 4465(c)N
10 s
3081 4440(}K)N
8 s
3177 4465(c,s)N
10 s
3246 4440(,)N
3286({T)X
8 s
3373 4465(c,s)N
10 s
3442 4440(}K)N
8 s
3538 4465(s)N
10 s
10 f
2900 4504(hhhhhhhhhhhhhhhhhh)N
3571 4516 MXY
48 -12 Dl
3571 4492 MXY
48 12 Dl
1 f
3682 4520(Server)N
3619 4504 MXY
336 238 De
3 f
2738 4777(Figure)N
2985(6.)X
1 f
3085(Requesting)X
3465(a)X
3521(Service.)X
2599 4949(It)N
2679(is)X
2763(assumed)X
3069(that)X
3219(clocks)X
3454(are)X
3583(synchronized)X
2399 5045(to)N
2508(within)X
2759(several)X
3034(minutes.)X
3373(If)X
3473(the)X
3617(time)X
3805(in)X
3913(the)X
2399 5141(request)N
2669(is)X
2759(too)X
2898(far)X
3025(in)X
3124(the)X
3259(future)X
3488(or)X
3592(the)X
3727(past,)X
3913(the)X
2399 5237(server)N
2622(treats)X
2822(the)X
2946(request)X
3204(as)X
3296(an)X
3397(attempt)X
3662(to)X
3749(replay)X
3975(a)X
2399 5333(previous)N
2710(request.)X
3017(The)X
3177(server)X
3409(is)X
3497(also)X
3661(allowed)X
3949(to)X
2399 5429(keep)N
2588(track)X
2786(of)X
2889(all)X
3005(past)X
3170(requests)X
3469(with)X
3647(timestamps)X
2399 5525(that)N
2547(are)X
2673(still)X
2819(valid.)X
3046(In)X
3140(order)X
3337(to)X
3426(further)X
3672(foil)X
3810(replay)X
2399 5621(attacks,)N
2677(a)X
2748(request)X
3015(received)X
3323(with)X
3500(the)X
3633(same)X
3833(ticket)X
2399 5717(and)N
2536(timestamp)X
2890(as)X
2977(one)X
3113(already)X
3370(received)X
3663(can)X
3795(be)X
3891(dis-)X
2399 5813(carded.)N
2028 6144(March)N
2258(30,)X
2378(1988)X
7 p
%%Page: 7 7
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2216 416(-)N
2263(7)X
2323(-)X
755 672(Finally,)N
1031(if)X
1110(the)X
1238(client)X
1446(specifies)X
1757(that)X
1907(it)X
1980(wants)X
555 768(the)N
674(server)X
892(to)X
975(prove)X
1179(its)X
1275(identity)X
1540(too,)X
1683(the)X
1802(server)X
2020(adds)X
555 864(one)N
693(to)X
777(the)X
897(timestamp)X
1252(the)X
1372(client)X
1572(sent)X
1723(in)X
1807(the)X
1926(authen-)X
555 960(ticator,)N
805(encrypts)X
1102(the)X
1225(result)X
1428(in)X
1514(the)X
1636(session)X
1891(key,)X
2051(and)X
555 1056(sends)N
753(the)X
871(result)X
1069(back)X
1241(to)X
1323(the)X
1441(client)X
1639(\(see)X
1789(Figure)X
2018(7\).)X
791 1364(Client)N
720 1348 MXY
336 238 De
1076 1444({timestamp)N
1467(+)X
1532(1})X
1630(K)X
8 s
1688 1469(c,s)N
10 s
1104 1336 MXY
-48 12 Dl
1104 1360 MXY
-48 -12 Dl
10 f
(hhhhhhhhhhhhhhhhhh)S
1 f
1838 1364(Server)N
1775 1348 MXY
336 238 De
3 f
869 1621(Figure)N
1116(7.)X
1 f
1216(Mutual)X
1467(Authentication.)X
755 1793(At)N
868(the)X
999(end)X
1148(of)X
1248(this)X
1396(exchange,)X
1753(the)X
1884(server)X
2114(is)X
555 1889(certain)N
806(that,)X
978(according)X
1327(to)X
2 f
1420(Kerberos)X
1 f
1725(,)X
1776(the)X
1905(client)X
2114(is)X
555 1985(who)N
718(it)X
787(says)X
950(it)X
1018(is.)X
1135(If)X
1213(mutual)X
1459(authentication)X
1937(occurs,)X
555 2081(the)N
698(client)X
921(is)X
1019(also)X
1193(convinced)X
1567(that)X
1731(the)X
1873(server)X
2114(is)X
555 2177(authentic.)N
910(Moreover,)X
1268(the)X
1387(client)X
1586(and)X
1723(server)X
1941(share)X
2131(a)X
555 2273(key)N
713(which)X
951(no)X
1072(one)X
1229(else)X
1395(knows,)X
1665(and)X
1822(can)X
1975(safely)X
555 2369(assume)N
872(that)X
1073(a)X
1190(reasonably)X
1618(recent)X
1895(message)X
555 2465(encrypted)N
911(in)X
1011(that)X
1169(key)X
1323(originated)X
1686(with)X
1866(the)X
2002(other)X
555 2561(party.)N
3 f
555 2753(4.4.)N
715(Getting)X
993(Server)X
1241(Tickets)X
1 f
755 2877(Recall)N
982(that)X
1124(a)X
1182(ticket)X
1382(is)X
1457(only)X
1621(good)X
1803(for)X
1919(a)X
1976(single)X
555 2973(server.)N
844(As)X
985(such,)X
1204(it)X
1299(is)X
1403(necessary)X
1767(to)X
1880(obtain)X
2131(a)X
555 3069(separate)N
841(ticket)X
1041(for)X
1157(each)X
1327(service)X
1577(the)X
1697(client)X
1897(wants)X
2105(to)X
555 3165(use.)N
768(Tickets)X
1070(for)X
1230(individual)X
1620(servers)X
1914(can)X
2091(be)X
555 3261(obtained)N
864(from)X
1053(the)X
1184(ticket-granting)X
1689(service.)X
1989(Since)X
555 3357(the)N
692(ticket-granting)X
1203(service)X
1470(is)X
1562(itself)X
1761(a)X
1836(service,)X
2123(it)X
555 3453(makes)N
833(use)X
1013(of)X
1152(the)X
1322(service)X
1622(access)X
1900(protocol)X
555 3549(described)N
883(in)X
965(the)X
1083(previous)X
1379(section.)X
755 3673(When)N
978(a)X
1045(program)X
1347(requires)X
1636(a)X
1702(ticket)X
1910(that)X
2060(has)X
555 3769(not)N
688(already)X
955(been)X
1137(requested,)X
1495(it)X
1569(sends)X
1777(a)X
1843(request)X
2105(to)X
555 3865(the)N
699(ticket-granting)X
1217(server)X
1460(\(see)X
1636(Figure)X
1890(8\).)X
2042(The)X
555 3961(request)N
811(contains)X
1102(the)X
1224(name)X
1422(of)X
1513(the)X
1634(server)X
1854(for)X
1971(which)X
555 4057(a)N
648(ticket)X
883(is)X
992(requested,)X
1376(along)X
1610(with)X
1808(the)X
1962(ticket-)X
555 4153(granting)N
880(ticket)X
1115(and)X
1288(an)X
1421(authenticator)X
1897(built)X
2100(as)X
555 4249(described)N
883(in)X
965(the)X
1083(previous)X
1379(section.)X
719 4557(Client)N
648 4541 MXY
336 238 De
999 4477(s,{T)N
8 s
1137 4502(c,tgs)N
10 s
1256 4477(}K)N
8 s
1352 4502(tgs)N
10 s
1427 4477(,{A)N
8 s
1543 4502(c)N
10 s
1571 4477(}K)N
8 s
1667 4502(c,tgs)N
10 s
10 f
984 4541(h)N
999(hhhhhhhhhhhhhhhhhhhh)X
1751 4553 MXY
48 -12 Dl
1751 4529 MXY
48 12 Dl
1 f
1892 4557(TGS)N
1799 4541 MXY
336 238 De
719 4978(Client)N
648 4962 MXY
336 238 De
1054 5058({{T)N
8 s
1179 5083(c,s)N
10 s
1248 5058(}K)N
8 s
1344 5083(s)N
10 s
1369 5058(,K)N
8 s
1447 5083(c,s)N
10 s
1516 5058(}K)N
8 s
1612 5083(c,tgs)N
10 s
1032 4950 MXY
-48 12 Dl
1032 4974 MXY
-48 -12 Dl
10 f
(h)S
999(hhhhhhhhhhhhhhhhhhhh)X
1 f
1892 4978(TGS)N
1799 4962 MXY
336 238 De
3 f
833 5331(Figure)N
1080(8.)X
1 f
1180(Getting)X
1440(a)X
1496(Server)X
1726(Ticket.)X
755 5503(The)N
913(ticket-granting)X
1418(server)X
1648(then)X
1818(checks)X
2069(the)X
555 5599(authenticator)N
1064(and)X
1270(ticket-granting)X
1832(ticket)X
2100(as)X
555 5695(described)N
917(above.)X
1203(If)X
1311(valid,)X
1544(the)X
1695(ticket-granting)X
555 5791(server)N
779(generates)X
1110(a)X
1173(new)X
1333(random)X
1604(session)X
1861(key)X
2003(to)X
2091(be)X
2399 672(used)N
2582(between)X
2886(the)X
3020(client)X
3234(and)X
3386(the)X
3520(new)X
3690(server.)X
3962(It)X
2399 768(then)N
2563(builds)X
2784(a)X
2846(ticket)X
3050(for)X
3169(the)X
3292(new)X
3451(server)X
3673(containing)X
2399 864(the)N
2536(client's)X
2811(name,)X
3044(the)X
3180(server)X
3415(name,)X
3647(the)X
3783(current)X
2399 960(time,)N
2590(the)X
2716(client's)X
2980(IP)X
3079(address)X
3348(and)X
3492(the)X
3618(new)X
3780(session)X
2399 1056(key)N
2554(it)X
2637(just)X
2791(generated.)X
3183(The)X
3347(lifetime)X
3635(of)X
3741(the)X
3877(new)X
2399 1152(ticket)N
2598(is)X
2672(the)X
2791(minimum)X
3122(of)X
3209(the)X
3327(remaining)X
3672(life)X
3799(for)X
3913(the)X
2399 1248(ticket-granting)N
2902(ticket)X
3111(and)X
3257(the)X
3385(default)X
3638(for)X
3762(the)X
3890(ser-)X
2399 1344(vice.)N
2599 1468(The)N
2765(ticket-granting)X
3278(server)X
3516(then)X
3695(sends)X
3913(the)X
2399 1564(ticket,)N
2621(along)X
2822(with)X
2987(the)X
3108(session)X
3362(key)X
3501(and)X
3640(other)X
3828(infor-)X
2399 1660(mation,)N
2676(back)X
2862(to)X
2958(the)X
3090(client.)X
3342(This)X
3518(time,)X
3714(however,)X
2399 1756(the)N
2523(reply)X
2714(is)X
2792(encrypted)X
3134(in)X
3221(the)X
3344(session)X
3600(key)X
3741(that)X
3886(was)X
2399 1852(part)N
2549(of)X
2641(the)X
2764(ticket-granting)X
3261(ticket.)X
3504(This)X
3671(way,)X
3850(there)X
2399 1948(is)N
2481(no)X
2590(need)X
2771(for)X
2894(the)X
3021(user)X
3183(to)X
3273(enter)X
3462(her/his)X
3708(password)X
2399 2044(again.)N
2656(Figure)X
2908(9)X
2991(summarizes)X
3417(the)X
3557(authentication)X
2399 2140(protocols.)N
2406 2482(Kerberos)N
2399 2466 MXY
307 Dc
2946 2914(User/)N
2936 3010(Client)N
2879 2946 MXY
307 Dc
3437 2482(TGS)N
3359 2466 MXY
307 Dc
3767 2962(Server)N
3719 2946 MXY
307 Dc
2686 2846(1)N
2879 2946 MXY
-326 -327 Dl
2595 2645 MXY
-42 -26 Dl
2578 2662 MXY
-25 -43 Dl
2859 2597(2)N
2706 2466 MXY
327 326 Dl
2990 2766 MXY
43 26 Dl
3007 2750 MXY
26 42 Dl
3176 2597(3)N
3033 2792 MXY
326 -326 Dl
3333 2508 MXY
26 -42 Dl
3316 2491 MXY
43 -25 Dl
3329 2750(4)N
3512 2619 MXY
-326 327 Dl
3212 2903 MXY
-26 43 Dl
3229 2920 MXY
-43 26 Dl
3432 2914(5)N
10 f
3186 2946(h)N
3199(hhhhhhhhhhhhh)X
3671 2958 MXY
48 -12 Dl
3671 2934 MXY
48 12 Dl
1 f
2639 3252(1.)N
2739(Request)X
3017(for)X
3131(TGS)X
3302(ticket)X
2639 3348(2.)N
2739(Ticket)X
2964(for)X
3078(TGS)X
2639 3444(3.)N
2739(Request)X
3017(for)X
3131(Server)X
3361(ticket)X
2639 3540(4.)N
2739(Ticket)X
2964(for)X
3078(Server)X
2639 3636(5.)N
2739(Request)X
3017(for)X
3131(service)X
3 f
2465 3828(Figure)N
2712(9.)X
1 f
2812(Kerberos)X
3127(Authentication)X
3623(Protocols.)X
3 f
2399 4068(5.)N
2499(The)X
4 f
2652(Kerberos)X
3 f
2970(Database)X
1 f
2599 4192(Up)N
2725(to)X
2815(this)X
2958(point,)X
3170(we)X
3292(have)X
3471(discussed)X
3805(opera-)X
2399 4288(tions)N
2585(requiring)X
2910(read-only)X
3249(access)X
3486(to)X
3578(the)X
2 f
3706(Kerberos)X
1 f
2399 4384(database.)N
2743(These)X
2961(operations)X
3321(are)X
3446(performed)X
3807(by)X
3913(the)X
2399 4480(authentication)N
2899(service,)X
3193(which)X
3435(can)X
3592(run)X
3744(on)X
3869(both)X
2399 4576(master)N
2633(and)X
2769(slave)X
2954(machines)X
3277(\(see)X
3427(Figure)X
3656(10\).)X
2028 6144(March)N
2258(30,)X
2378(1988)X
8 p
%%Page: 8 8
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2216 416(-)N
2263(8)X
2323(-)X
746 1084 MXY
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
1226 MX
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
1706 MX
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
986 1564 MXY
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
1466 MX
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
806 780(WS)N
1286(WS)X
1766(WS)X
1017 1660(Slave)N
1475(Master)X
866 1084 MXY
240 240 Dl
1064 1299 MXY
42 25 Dl
1081 1282 MXY
25 42 Dl
1346 1084 MXY
-240 240 Dl
1131 1282 MXY
-25 42 Dl
1148 1299 MXY
-42 25 Dl
1826 1084 MXY
-720 240 Dl
1148 1297 MXY
-42 27 Dl
1155 1320 MXY
-49 4 Dl
866 1084 MXY
720 240 Dl
1537 1320 MXY
49 4 Dl
1544 1297 MXY
42 27 Dl
1346 1084 MXY
240 240 Dl
1544 1299 MXY
42 25 Dl
1561 1282 MXY
25 42 Dl
1826 1084 MXY
-240 240 Dl
1611 1282 MXY
-25 42 Dl
1628 1299 MXY
-42 25 Dl
3 f
870 1909(Figure)N
1117(10.)X
1 f
1257(Authentication)X
1753(Requests.)X
755 2081(In)N
856(this)X
1005(section,)X
1286(we)X
1414(discuss)X
1679(operations)X
2047(that)X
555 2177(require)N
841(write)X
1064(access)X
1327(to)X
1446(the)X
1601(database.)X
1975(These)X
555 2273(operations)N
930(are)X
1070(performed)X
1446(by)X
1567(the)X
1705(administration)X
555 2369(service,)N
841(called)X
1071(the)X
2 f
1207(Kerberos)X
1 f
1549(Database)X
1881(Manage-)X
555 2465(ment)N
740(Service)X
2 f
1006(\(KDBM\))X
1 f
1294(.)X
1359(The)X
1509(current)X
1762(implementa-)X
555 2561(tion)N
706(stipulates)X
1035(that)X
1182(changes)X
1468(may)X
1633(only)X
1802(be)X
1905(made)X
2105(to)X
555 2657(the)N
691(master)X
2 f
943(Kerberos)X
1 f
1286(database;)X
1623(slave)X
1826(copies)X
2068(are)X
555 2753(read-only.)N
954(Therefore,)X
1343(the)X
1492(KDBM)X
1782(server)X
2029(may)X
555 2849(only)N
735(run)X
880(on)X
998(the)X
1134(master)X
2 f
1386(Kerberos)X
1 f
1728(machine)X
2037(\(see)X
555 2945(Figure)N
784(11\).)X
744 3453 MXY
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
1224 MX
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
1704 MX
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
984 3933 MXY
24 0 Dl
1038 MX
24 0 Dl
1092 MX
24 0 Dl
1146 MX
24 0 Dl
1200 MX
24 0 Dl
0 -24 Dl
3879 MY
0 -24 Dl
3825 MY
0 -24 Dl
3771 MY
0 -24 Dl
3717 MY
0 -24 Dl
-24 0 Dl
1170 MX
-24 0 Dl
1116 MX
-24 0 Dl
1062 MX
-24 0 Dl
1008 MX
-24 0 Dl
0 24 Dl
3747 MY
0 24 Dl
3801 MY
0 24 Dl
3855 MY
0 24 Dl
3909 MY
0 24 Dl
1464 MX
0 -240 Dl
240 0 Dl
0 240 Dl
-240 0 Dl
804 3149(WS)N
1284(WS)X
1764(WS)X
1015 4029(Slave)N
1473(Master)X
864 3453 MXY
720 240 Dl
1535 3689 MXY
49 4 Dl
1542 3666 MXY
42 27 Dl
1344 3453 MXY
240 240 Dl
1542 3668 MXY
42 25 Dl
1559 3651 MXY
25 42 Dl
1824 3453 MXY
-240 240 Dl
1609 3651 MXY
-25 42 Dl
1626 3668 MXY
-42 25 Dl
3 f
864 4278(Figure)N
1111(11.)X
1 f
1251(Administration)X
1755(Requests.)X
555 4422(Note)N
735(that,)X
899(while)X
1101(authentication)X
1579(can)X
1715(still)X
1858(occur)X
2060(\(on)X
555 4518(slaves\),)N
845(administration)X
1354(requests)X
1664(cannot)X
1924(be)X
2046(ser-)X
555 4614(viced)N
774(if)X
868(the)X
1011(master)X
1270(machine)X
1587(is)X
1685(down.)X
1948(In)X
2060(our)X
555 4710(experience,)N
956(this)X
1103(has)X
1242(not)X
1376(presented)X
1715(a)X
1782(problem,)X
2100(as)X
555 4806(administration)N
1037(requests)X
1320(are)X
1439(infrequent.)X
755 4930(The)N
906(KDBM)X
1172(handles)X
1443(requests)X
1732(from)X
1914(users)X
2105(to)X
555 5026(change)N
819(their)X
1002(passwords.)X
1412(The)X
1573(client)X
1786(side)X
1950(of)X
2052(this)X
555 5122(program,)N
867(which)X
1083(sends)X
1281(requests)X
1564(to)X
1646(the)X
1764(KDBM)X
2024(over)X
555 5218(the)N
714(network,)X
1058(is)X
1172(the)X
2 f
1331(kpasswd)X
1 f
1670(program.)X
2042(The)X
555 5314(KDBM)N
852(also)X
1038(accepts)X
1331(requests)X
1650(from)X
2 f
1862(Kerberos)X
1 f
555 5410(administrators,)N
1078(who)X
1261(may)X
1443(add)X
1603(principals)X
1963(to)X
2069(the)X
555 5506(database,)N
882(as)X
979(well)X
1147(as)X
1244(change)X
1502(passwords)X
1866(for)X
1989(exist-)X
555 5602(ing)N
685(principals.)X
1069(The)X
1222(client)X
1427(side)X
1583(of)X
1677(the)X
1802(administra-)X
555 5698(tion)N
718(program,)X
1049(which)X
1284(also)X
1452(sends)X
1668(requests)X
1969(to)X
2069(the)X
555 5794(KDBM)N
815(over)X
978(the)X
1096(network,)X
1399(is)X
1472(the)X
2 f
1590(kadmin)X
1 f
1853(program.)X
3 f
2399 672(5.1.)N
2559(The)X
2712(KDBM)X
2981(Server)X
1 f
2599 796(The)N
2753(KDBM)X
3022(server)X
3248(accepts)X
3514(requests)X
3805(to)X
3895(add)X
2399 892(principals)N
2758(to)X
2863(the)X
3004(database)X
3324(or)X
3434(change)X
3705(the)X
3846(pass-)X
2399 988(words)N
2644(for)X
2787(existing)X
3088(principals.)X
3492(This)X
3682(service)X
3958(is)X
2399 1084(unique)N
2644(in)X
2733(that)X
2880(the)X
3005(ticket-granting)X
3504(service)X
3759(will)X
3909(not)X
2399 1180(issue)N
2579(tickets)X
2808(for)X
2922(it.)X
3026(Instead,)X
3298(the)X
3416(authentication)X
3890(ser-)X
2399 1276(vice)N
2561(itself)X
2749(must)X
2932(be)X
3036(used)X
3211(\(the)X
3364(same)X
3556(service)X
3811(that)X
3958(is)X
2399 1372(used)N
2571(to)X
2658(get)X
2781(a)X
2842(ticket-granting)X
3339(ticket\).)X
3608(The)X
3757(purpose)X
2399 1468(of)N
2494(this)X
2637(is)X
2718(to)X
2807(require)X
3062(the)X
3187(user)X
3348(to)X
3437(enter)X
3625(a)X
3688(password.)X
2399 1564(If)N
2495(this)X
2651(were)X
2849(not)X
2992(so,)X
3124(then)X
3303(if)X
3393(a)X
3470(user)X
3645(left)X
3793(her/his)X
2399 1660(workstation)N
2799(unattended,)X
3193(a)X
3251(passerby)X
3554(could)X
3754(walk)X
3931(up)X
2399 1756(and)N
2539(change)X
2791(her/his)X
3032(password)X
3358(for)X
3475(them,)X
3678(something)X
2399 1852(which)N
2651(should)X
2919(be)X
3050(prevented.)X
3462(Likewise,)X
3831(if)X
3935(an)X
2399 1948(administrator)N
2857(left)X
2995(her/his)X
3244(workstation)X
3652(unguarded,)X
2399 2044(a)N
2458(passerby)X
2762(could)X
2963(change)X
3214(any)X
3353(password)X
3678(in)X
3762(the)X
3882(sys-)X
2399 2140(tem.)N
2599 2264(When)N
2814(the)X
2934(KDBM)X
3196(server)X
3415(receives)X
3701(a)X
3759(request,)X
2399 2360(it)N
2484(authorizes)X
2855(it)X
2940(by)X
3061(comparing)X
3445(the)X
3583(authenticated)X
2399 2456(principal)N
2714(name)X
2918(of)X
3015(the)X
3143(requester)X
3468(of)X
3565(the)X
3692(change)X
3949(to)X
2399 2552(the)N
2521(principal)X
2830(name)X
3028(of)X
3119(the)X
3241(target)X
3448(of)X
3539(the)X
3661(request.)X
3957(If)X
2399 2648(they)N
2576(are)X
2714(the)X
2851(same,)X
3075(the)X
3211(request)X
3481(is)X
3572(permitted.)X
3957(If)X
2399 2744(they)N
2562(are)X
2685(not)X
2811(the)X
2933(same,)X
3142(the)X
3264(KDBM)X
3528(server)X
3749(consults)X
2399 2840(an)N
2500(access)X
2731(control)X
2983(list)X
3105(\(stored)X
3352(in)X
3438(a)X
3498(file)X
3629(on)X
3733(the)X
3855(mas-)X
2399 2936(ter)N
2 f
2508(Kerberos)X
1 f
2837(system\).)X
3150(If)X
3228(the)X
3350(requester's)X
3726(principal)X
2399 3032(name)N
2594(is)X
2668(found)X
2876(in)X
2959(this)X
3094(file,)X
3241(the)X
3359(request)X
3611(is)X
3684(permitted,)X
2399 3128(otherwise)N
2731(it)X
2795(is)X
2868(denied.)X
2599 3252(By)N
2760(convention,)X
3204(names)X
3477(with)X
3686(a)X
3 f
3789(NULL)X
1 f
2399 3348(instance)N
2698(\(the)X
2859(default)X
3118(instance\))X
3444(do)X
3560(not)X
3698(appear)X
3949(in)X
2399 3444(the)N
2542(access)X
2793(control)X
3065(list)X
3207(file;)X
3381(instead,)X
3673(an)X
3 f
3794(admin)X
1 f
2399 3540(instance)N
2687(is)X
2765(used.)X
2977(Therefore,)X
3339(for)X
3457(a)X
3517(user)X
3675(to)X
3761(become)X
2399 3636(an)N
2506(administrator)X
2963(of)X
2 f
3060(Kerberos)X
1 f
3395(an)X
3 f
3501(admin)X
1 f
3748(instance)X
2399 3732(for)N
2523(that)X
2673(username)X
3011(must)X
3196(be)X
3301(created,)X
3583(and)X
3728(added)X
3949(to)X
2399 3828(the)N
2520(access)X
2749(control)X
2999(list.)X
3159(This)X
3324(convention)X
3703(allows)X
3935(an)X
2399 3924(administrator)N
2849(to)X
2934(use)X
3064(a)X
3123(different)X
3423(password)X
3748(for)X
2 f
3864(Ker-)X
2399 4020(beros)N
1 f
2608(administration)X
3094(then)X
3255(s/he)X
3407(would)X
3630(use)X
3760(for)X
3877(nor-)X
2399 4116(mal)N
2539(login.)X
2599 4240(All)N
2772(requests)X
3106(to)X
3239(the)X
3408(KDBM)X
3719(program,)X
2399 4336(whether)N
2678(permitted)X
3005(or)X
3092(denied,)X
3346(are)X
3465(logged.)X
3 f
2399 4528(5.2.)N
2559(The)X
4 f
2712(kadmin)X
3 f
2980(and)X
4 f
3128(kpasswd)X
3 f
3423(Programs)X
1 f
2599 4652(Administrators)N
3102(of)X
2 f
3192(Kerberos)X
1 f
3519(use)X
3648(the)X
2 f
3768(kadmin)X
1 f
2399 4748(program)N
2717(to)X
2825(add)X
2987(principals)X
3349(to)X
3457(the)X
3601(database,)X
3944(or)X
2399 4844(change)N
2657(the)X
2785(passwords)X
3149(of)X
3246(existing)X
3528(principals.)X
3913(An)X
2399 4940(administrator)N
2847(is)X
2921(required)X
3210(to)X
3293(enter)X
3475(the)X
3594(password)X
3917(for)X
2399 5036(their)N
2 f
2574(admin)X
1 f
2809(instance)X
3100(name)X
3302(when)X
3503(they)X
3668(invoke)X
3913(the)X
2 f
2399 5132(kadmin)N
1 f
2655(program.)X
2987(This)X
3149(password)X
3472(is)X
3545(used)X
3712(to)X
3794(fetch)X
3975(a)X
2399 5228(ticket)N
2597(for)X
2711(the)X
2829(KDBM)X
3089(server)X
3306(\(see)X
3456(Figure)X
3685(12\).)X
2028 6144(March)N
2258(30,)X
2378(1988)X
9 p
%%Page: 9 9
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2216 416(-)N
2263(9)X
2323(-)X
763 918(Kerberos)N
756 902 MXY
307 Dc
1303 1350(User/)N
1279 1446(Admin)N
1236 1382 MXY
307 Dc
1749 918(KDBM)N
1716 902 MXY
307 Dc
1043 1282(1)N
1236 1382 MXY
-326 -327 Dl
952 1081 MXY
-42 -26 Dl
935 1098 MXY
-25 -43 Dl
1216 1033(2)N
1063 902 MXY
327 326 Dl
1347 1202 MXY
43 26 Dl
1364 1186 MXY
26 42 Dl
1609 1110(3)N
1498 1273 MXY
263 -263 Dl
1735 1053 MXY
26 -43 Dl
1718 1036 MXY
43 -26 Dl
824 1688(1.)N
924(Request)X
1202(for)X
1316(KDBM)X
1576(ticket)X
824 1784(2.)N
924(Ticket)X
1149(for)X
1263(KDBM)X
824 1880(3.)N
2 f
924(kadmin)X
1 f
1180(or)X
2 f
1267(kpasswd)X
1 f
1558(request)X
3 f
641 2072(Figure)N
888(12.)X
1 f
1028(Kerberos)X
1343(Administration)X
1847(Protocol.)X
755 2244(Users)N
988(may)X
1175(change)X
1452(their)X
2 f
1648(Kerberos)X
1 f
2002(pass-)X
555 2340(words)N
800(using)X
1022(the)X
2 f
1169(kpasswd)X
1 f
1495(program.)X
1855(They)X
2068(are)X
555 2436(required)N
860(to)X
959(enter)X
1157(their)X
1341(old)X
1480(password)X
1819(when)X
2029(they)X
555 2532(invoke)N
813(the)X
951(program.)X
1303(This)X
1485(password)X
1827(is)X
1919(used)X
2105(to)X
555 2628(fetch)N
736(a)X
792(ticket)X
990(for)X
1104(the)X
1222(KDBM)X
1482(server.)X
3 f
555 2820(5.3.)N
715(Database)X
1051(Replication)X
1 f
755 2944(Each)N
2 f
958(Kerberos)X
1 f
1305(realm)X
1529(has)X
1677(a)X
2 f
1754(master)X
2020(Ker-)X
555 3040(beros)N
1 f
767(machine,)X
1086(which)X
1309(houses)X
1554(the)X
1678(master)X
1918(copy)X
2100(of)X
555 3136(the)N
729(authentication)X
1259(database.)X
1652(It)X
1777(is)X
1905(possible)X
555 3232(\(although)N
924(not)X
1088(necessary\))X
1490(to)X
1614(have)X
1827(additional,)X
555 3328(read-only)N
931(copies)X
1204(of)X
1339(the)X
1504(database)X
1848(on)X
2 f
1995(slave)X
1 f
555 3424(machines)N
895(elsewhere)X
1254(in)X
1353(the)X
1488(system.)X
1787(The)X
1948(advan-)X
555 3520(tages)N
756(of)X
859(having)X
1113(multiple)X
1415(copies)X
1655(of)X
1757(the)X
1890(database)X
555 3616(are)N
700(those)X
915(usually)X
1192(cited)X
1393(for)X
1532(replication:)X
1962(higher)X
555 3712(availability)N
939(and)X
1079(better)X
1285(performance.)X
1755(If)X
1832(the)X
1953(master)X
555 3808(machine)N
882(is)X
990(down,)X
1243(authentication)X
1752(can)X
1918(still)X
2091(be)X
555 3904(achieved)N
865(on)X
968(one)X
1107(of)X
1197(the)X
1318(slave)X
1506(machines.)X
1872(The)X
2020(abil-)X
555 4000(ity)N
693(to)X
809(perform)X
1122(authentication)X
1629(on)X
1762(any)X
1931(one)X
2100(of)X
555 4096(several)N
831(machines)X
1181(reduces)X
1474(the)X
1619(probability)X
2017(of)X
2131(a)X
555 4192(bottleneck)N
909(at)X
987(the)X
1105(master)X
1339(machine.)X
755 4316(Keeping)N
1073(multiple)X
1385(copies)X
1635(of)X
1747(the)X
1890(database)X
555 4412(introduces)N
920(the)X
1049(problem)X
1347(of)X
1445(data)X
1610(consistency.)X
2055(We)X
555 4508(have)N
738(found)X
956(that)X
1107(very)X
1280(simple)X
1523(methods)X
1824(suffice)X
2073(for)X
555 4604(dealing)N
820(with)X
991(inconsistency.)X
1495(The)X
1648(master)X
1890(database)X
555 4700(is)N
630(dumped)X
910(every)X
1111(hour.)X
1320(The)X
1467(database)X
1765(is)X
1839(sent,)X
2009(in)X
2092(its)X
555 4796(entirety,)N
842(to)X
926(the)X
1046(slave)X
1233(machines,)X
1577(which)X
1794(then)X
1953(update)X
555 4892(their)N
739(own)X
914(databases.)X
1299(A)X
1394(program)X
1703(on)X
1819(the)X
1953(master)X
555 4988(host,)N
730(called)X
2 f
944(kprop)X
1 f
1138(,)X
1180(sends)X
1379(the)X
1498(update)X
1733(to)X
1816(a)X
1873(peer)X
2033(pro-)X
555 5084(gram,)N
762(called)X
2 f
976(kpropd)X
1 f
1210(,)X
1252(running)X
1523(on)X
1625(each)X
1795(of)X
1883(the)X
2002(slave)X
555 5180(machines)N
897(\(see)X
1066(Figure)X
1314(13\).)X
1499(First)X
2 f
1683(kprop)X
1 f
1915(sends)X
2131(a)X
555 5276(checksum)N
900(of)X
991(the)X
1113(new)X
1271(database)X
1571(it)X
1638(is)X
1714(about)X
1915(to)X
2000(send.)X
555 5372(The)N
705(checksum)X
1051(is)X
1129(encrypted)X
1471(in)X
1558(the)X
2 f
1681(Kerberos)X
1 f
2011(mas-)X
555 5468(ter)N
663(database)X
963(key,)X
1122(which)X
1341(both)X
1506(the)X
1627(master)X
1864(and)X
2002(slave)X
2 f
555 5564(Kerberos)N
1 f
906(machines)X
1255(possess.)X
1581(The)X
1752(data)X
1931(is)X
2029(then)X
555 5660(transferred)N
928(over)X
1095(the)X
1217(network)X
1503(to)X
1588(the)X
2 f
1709(kpropd)X
1 f
1966(on)X
2069(the)X
555 5756(slave)N
744(machine.)X
1080(The)X
1229(slave)X
1418(propagation)X
1825(server)X
2046(cal-)X
555 5852(culates)N
815(a)X
887(checksum)X
1244(of)X
1347(the)X
1481(data)X
1651(it)X
1731(has)X
1874(received,)X
2399 672(and)N
2535(if)X
2604(it)X
2668(matches)X
2951(the)X
3069(checksum)X
3410(sent)X
3559(by)X
3659(the)X
3777(master,)X
2399 768(the)N
2523(new)X
2683(information)X
3087(is)X
3166(used)X
3339(to)X
3426(update)X
3665(the)X
3788(slave's)X
2399 864(database.)N
3125 1316(kprop)N
3038 1372 MXY
0 -240 Dl
10 f
(hhhhhhhhh)S
0 240 Dl
3038(hhhhhhhhh)X
1 f
2505 1700(kpropd)N
2438 1852 MXY
0 -240 Dl
10 f
(hhhhhhhhh)S
0 240 Dl
2438(hhhhhhhhh)X
1 f
3105 1700(kpropd)N
3038 1852 MXY
0 -240 Dl
10 f
(hhhhhhhhh)S
0 240 Dl
3038(hhhhhhhhh)X
1 f
3705 1700(kpropd)N
3638 1852 MXY
0 -240 Dl
10 f
(hhhhhhhhh)S
0 240 Dl
3638(hhhhhhhhh)X
1 f
3107 1068(Master)N
2529 1948(Slave)N
3129(Slave)X
3729(Slave)X
3218 1372 MXY
-600 240 Dl
2658 1583 MXY
-40 29 Dl
2667 1605 MXY
-49 7 Dl
3218 1372 MXY
0 240 Dl
3206 1564 MXY
12 48 Dl
3230 1564 MXY
-12 48 Dl
1372 MY
600 240 Dl
3769 1605 MXY
49 7 Dl
3778 1583 MXY
40 29 Dl
3 f
2663 2197(Figure)N
2910(13.)X
1 f
3050(Database)X
3365(Propagation.)X
2599 2369(All)N
2724(passwords)X
3081(in)X
3166(the)X
2 f
3286(Kerberos)X
1 f
3613(database)X
3912(are)X
2399 2465(encrypted)N
2748(in)X
2842(the)X
2972(master)X
3218(database)X
3526(key)X
3673(Therefore,)X
2399 2561(the)N
2523(information)X
2927(passed)X
3167(from)X
3349(master)X
3589(to)X
3677(slave)X
3868(over)X
2399 2657(the)N
2542(network)X
2850(is)X
2948(not)X
3095(useful)X
3336(to)X
3442(an)X
3562(eavesdropper.)X
2399 2753(However,)N
2762(it)X
2854(is)X
2954(essential)X
3277(that)X
3444(only)X
3633(information)X
2399 2849(from)N
2588(the)X
2719(master)X
2966(host)X
3131(be)X
3239(accepted)X
3553(by)X
3665(the)X
3795(slaves,)X
2399 2945(and)N
2547(that)X
2699(tampering)X
3056(of)X
3155(data)X
3321(be)X
3429(detected,)X
3749(thus)X
3913(the)X
2399 3041(checksum.)N
3 f
2399 3233(6.)N
4 f
2499(Kerberos)X
3 f
2817(From)X
3029(the)X
3156(Outside)X
3442(Looking)X
3745(In)X
1 f
2599 3357(The)N
2766(section)X
3035(will)X
3200(describe)X
2 f
3509(Kerberos)X
1 f
3855(from)X
2399 3453(the)N
2532(practical)X
2844(point)X
3043(of)X
3145(view,)X
3356(first)X
3520(as)X
3622(seen)X
3799(by)X
3913(the)X
2399 3549(user,)N
2604(then)X
2793(from)X
3000(the)X
3149(application)X
3556(programmer's)X
2399 3645(viewpoint,)N
2776(and)X
2929(finally,)X
3195(through)X
3480(the)X
3614(tasks)X
3810(of)X
3913(the)X
2 f
2399 3741(Kerberos)N
1 f
2724(administrator.)X
3 f
2399 3933(6.1.)N
2559(User's)X
2798(Eye)X
2947(View)X
1 f
2599 4057(If)N
2680(all)X
2787(goes)X
2961(well,)X
3146(the)X
3271(user)X
3432(will)X
3583(hardly)X
3815(notice)X
2399 4153(that)N
2 f
2539(Kerberos)X
1 f
2864(is)X
2937(present.)X
3229(In)X
3316(our)X
3443(UNIX)X
3664(implemen-)X
2399 4249(tation,)N
2631(the)X
2759(ticket-granting)X
3261(ticket)X
3468(is)X
3550(obtained)X
3855(from)X
2 f
2399 4345(Kerberos)N
1 f
2758(as)X
2879(part)X
3057(of)X
3177(the)X
2 f
3328(login)X
1 f
3552(process.)X
3886(The)X
2399 4441(changing)N
2715(of)X
2804(a)X
2861(user's)X
2 f
3074(Kerberos)X
1 f
3400(password)X
3724(is)X
3798(part)X
3944(of)X
2399 4537(the)N
2 f
2532(passwd)X
1 f
2809(program.)X
3156(And)X
2 f
3329(Kerberos)X
1 f
3669(tickets)X
3912(are)X
2399 4633(automatically)N
2855(destroyed)X
3187(when)X
3381(a)X
3437(user)X
3591(logs)X
3744(out.)X
2599 4757(If)N
2680(the)X
2805(user's)X
3024(login)X
3215(session)X
3473(lasts)X
3642(longer)X
3873(than)X
2399 4853(the)N
2520(lifetime)X
2791(of)X
2880(the)X
3000(ticket-granting)X
3494(ticket)X
3694(\(currently)X
2399 4949(8)N
2465(hours\),)X
2716(the)X
2840(user)X
3000(will)X
3150(notice)X
2 f
3372(Kerberos')X
1 f
3729(presence)X
2399 5045(because)N
2691(the)X
2826(next)X
3001(time)X
3179(a)X
2 f
3251(Kerberos)X
1 f
3556(-authenticated)X
2399 5141(application)N
2777(is)X
2852(executed,)X
3180(it)X
3246(will)X
3392(fail.)X
3560(The)X
2 f
3706(Kerberos)X
1 f
2399 5237(ticket)N
2606(for)X
2729(it)X
2802(will)X
2955(have)X
3136(expired.)X
3445(At)X
3553(that)X
3701(point,)X
3913(the)X
2399 5333(user)N
2568(can)X
2715(run)X
2856(the)X
2 f
2988(kinit)X
1 f
3171(program)X
3477(to)X
3573(obtain)X
3807(a)X
3877(new)X
2399 5429(ticket)N
2598(for)X
2712(the)X
2830(ticket-granting)X
3322(server.)X
3579(As)X
3688(when)X
3882(log-)X
2399 5525(ging)N
2568(in,)X
2677(a)X
2740(password)X
3070(must)X
3252(be)X
3354(provided)X
3665(in)X
3753(order)X
3949(to)X
2399 5621(get)N
2520(it.)X
2627(A)X
2708(user)X
2865(executing)X
3200(the)X
2 f
3320(klist)X
1 f
3482(command)X
3820(out)X
3944(of)X
2399 5717(curiosity)N
2702(may)X
2863(be)X
2962(surprised)X
3279(at)X
3360(all)X
3463(the)X
3584(tickets)X
3815(which)X
2399 5813(have)N
2581(silently)X
2845(been)X
3026(obtained)X
3331(on)X
3440(her/his)X
3687(behalf)X
3917(for)X
2028 6144(March)N
2258(30,)X
2378(1988)X
10 p
%%Page: 10 10
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2196 416(-)N
2243(10)X
2343(-)X
555 672(services)N
834(which)X
1050(require)X
2 f
1298(Kerberos)X
1 f
1623(authentication.)X
3 f
555 864(6.2.)N
715(From)X
927(the)X
1054 0.2841(Programmer's)AX
1579(Viewpoint)X
1 f
755 988(A)N
839(programmer)X
1261(writing)X
1517(a)X
2 f
1578(Kerberos)X
1 f
1908(applica-)X
555 1084(tion)N
724(will)X
893(often)X
1103(be)X
1224(adding)X
1487(authentication)X
1985(to)X
2091(an)X
555 1180(already)N
815(existing)X
1091(network)X
1376(application)X
1754(consisting)X
2100(of)X
555 1276(a)N
633(client)X
853(and)X
1011(server)X
1250(side.)X
1460(We)X
1613(call)X
1770(this)X
1926(process)X
555 1372 0.2500(``Kerberizing'')AN
1087(a)X
1162(program.)X
1513(Kerberizing)X
1936(usually)X
555 1468(involves)N
852(making)X
1118(a)X
1180(call)X
1322(to)X
1410(the)X
2 f
1534(Kerberos)X
1 f
1865(library)X
2105(in)X
555 1564(order)N
780(to)X
896(perform)X
1209(authentication)X
1717(at)X
1829(the)X
1981(initial)X
555 1660(request)N
819(for)X
945(service.)X
1245(It)X
1326(may)X
1496(also)X
1656(involve)X
1927(calls)X
2105(to)X
555 1756(the)N
695(DES)X
888(library)X
1144(to)X
1248(encrypt)X
1531(messages)X
1876(and)X
2033(data)X
555 1852(which)N
781(are)X
909(subsequently)X
1356(sent)X
1514(between)X
1811(application)X
555 1948(client)N
753(and)X
889(application)X
1265(server.)X
755 2072(The)N
907(most)X
1088(commonly)X
1456(used)X
1629(library)X
1869(functions)X
555 2168(are)N
2 f
737(krb_mk_req)X
1 f
1215(on)X
1378(the)X
1559(client)X
1820(side,)X
2051(and)X
2 f
555 2264(krb_rd_req)N
1 f
957(on)X
1067(the)X
1194(server)X
1420(side.)X
1618(The)X
2 f
1772(krb_mk_req)X
1 f
555 2360(routine)N
820(takes)X
1023(as)X
1128(parameters)X
1518(the)X
1653(name,)X
1884(instance,)X
555 2456(and)N
715(realm)X
942(of)X
1053(the)X
1195(target)X
1422(server,)X
1683(which)X
1923(will)X
2091(be)X
555 2552(requested,)N
906(and)X
1045(possibly)X
1334(a)X
1393(checksum)X
1737(of)X
1827(the)X
1948(data)X
2105(to)X
555 2648(be)N
685(sent.)X
908(The)X
1087(client)X
1319(then)X
1511(sends)X
1743(the)X
1895(message)X
555 2744(returned)N
845(by)X
947(the)X
2 f
1067(krb_mk_req)X
1 f
1484(call)X
1621(over)X
1785(the)X
1904(network)X
555 2840(to)N
652(the)X
785(server)X
1017(side)X
1180(of)X
1281(the)X
1413(application.)X
1843(When)X
2069(the)X
555 2936(server)N
773(receives)X
1058(this)X
1194(message,)X
1506(it)X
1570(makes)X
1795(a)X
1851(call)X
1987(to)X
2069(the)X
555 3032(library)N
794(routine)X
2 f
1046(krb_rd_req)X
1 f
1418(.)X
1483(The)X
1633(routine)X
1884(returns)X
2131(a)X
555 3128(judgement)N
925(about)X
1134(the)X
1263(authenticity)X
1672(of)X
1770(the)X
1899(sender's)X
555 3224(alleged)N
807(identity.)X
755 3348(If)N
854(the)X
997(application)X
1397(requires)X
1700(that)X
1864(messages)X
555 3444(sent)N
728(between)X
1039(client)X
1260(and)X
1419(server)X
1659(be)X
1778(secret,)X
2029(then)X
555 3540(library)N
839(calls)X
1056(can)X
1238(be)X
1383(made)X
1626(to)X
2 f
1757(krb_mk_priv)X
555 3636(\(krb_rd_priv\))N
1 f
1044(to)X
1146(encrypt)X
1427(\(decrypt\))X
1762(messages)X
2105(in)X
555 3732(the)N
673(session)X
924(key)X
1060(which)X
1276(both)X
1438(sides)X
1618(now)X
1776(share.)X
8 s
1966 3707(7)N
3 f
10 s
555 3924(6.3.)N
715(The)X
4 f
868(Kerberos)X
3 f
1186(Administrator's)X
1758(Job)X
1 f
755 4048(The)N
2 f
927(Kerberos)X
1 f
1279(administrator's)X
1810(job)X
1958(begins)X
555 4144(with)N
723(running)X
997(a)X
1058(program)X
1355(to)X
1442(initialize)X
1747(the)X
1870(database.)X
555 4240(Another)N
841(program)X
1136(must)X
1314(be)X
1413(run)X
1543(to)X
1628(register)X
1891(essential)X
555 4336(principals)N
903(in)X
997(the)X
1127(database,)X
1456(such)X
1635(as)X
1733(the)X
2 f
1862(Kerberos)X
1 f
555 4432(administrator's)N
1087(name)X
1308(with)X
1497(an)X
3 f
1620(admin)X
1 f
1884(instance.)X
555 4528(The)N
2 f
744(Kerberos)X
1 f
1113(authentication)X
1630(server)X
1890(and)X
2069(the)X
555 4624(administration)N
1042(server)X
1264(must)X
1444(be)X
1545(started)X
1784(up.)X
1928(If)X
2006(there)X
555 4720(are)N
722(slave)X
955(databases,)X
1351(the)X
1517(administrator)X
2012(must)X
555 4816(arrange)N
830(that)X
982(the)X
1112(programs)X
1447(to)X
1541(propagate)X
1890(database)X
555 4912(updates)N
851(from)X
1058(master)X
1323(to)X
1436(slaves)X
1683(be)X
1809(kicked)X
2073(off)X
555 5008(periodically.)N
755 5132(After)N
964(these)X
1168(initial)X
1393(steps)X
1592(have)X
1783(been)X
1973(taken,)X
555 5228(the)N
690(administrator)X
1154(manipulates)X
1577(the)X
1711(database)X
2024(over)X
555 5324(the)N
675(network,)X
980(using)X
1175(the)X
2 f
1294(kadmin)X
1 f
1558(program.)X
1891(Through)X
555 5420(that)N
709(program,)X
1035(new)X
1203(principals)X
1552(can)X
1697(be)X
1806(added,)X
2051(and)X
555 5516(passwords)N
909(can)X
1041(be)X
1137(changed.)X
755 5640(In)N
853(particular,)X
1211(when)X
1415(a)X
1481(new)X
2 f
1645(Kerberos)X
1 f
1980(appli-)X
555 5736(cation)N
804(is)X
910(added)X
1154(to)X
1268(the)X
1418(system,)X
1712(the)X
2 f
1862(Kerberos)X
1 f
555 5832(administrator)N
1029(must)X
1231(take)X
1412(a)X
1495(few)X
1663(steps)X
1870(to)X
1979(get)X
2123(it)X
2399 672(working.)N
2746(The)X
2911(server)X
3147(must)X
3341(be)X
3456(registered)X
3812(in)X
3913(the)X
2399 768(database,)N
2721(and)X
2862(assigned)X
3163(a)X
3224(private)X
3472(key)X
3613(\(usually)X
3896(this)X
2399 864(is)N
2473(an)X
2569(automatically)X
3025(generated)X
3358(random)X
3623(key\).)X
3826(Then,)X
2399 960(some)N
2605(data)X
2775(\(including)X
3140(the)X
3274(server's)X
3565(key\))X
3744(must)X
3935(be)X
2399 1056(extracted)N
2719(from)X
2900(the)X
3022(database)X
3323(and)X
3463(installed)X
3758(in)X
3844(a)X
3904(file)X
2399 1152(on)N
2531(the)X
2681(server's)X
2987(machine.)X
3350(The)X
3526(default)X
3800(file)X
3958(is)X
2 f
2399 1248(/etc/srvtab)N
1 f
2744(.)X
2857(The)X
2 f
3054(krb_rd_req)X
1 f
3498(library)X
3784(routine)X
2399 1344(called)N
2632(by)X
2753(the)X
2892(server)X
3130(\(see)X
3301(the)X
3440(previous)X
3757(section\))X
2399 1440(uses)N
2569(the)X
2699(information)X
3108(in)X
3201(that)X
3352(file)X
3490(to)X
3583(decrypt)X
3855(mes-)X
2399 1536(sages)N
2605(sent)X
2765(encrypted)X
3113(in)X
3206(the)X
3335(server's)X
3621(private)X
3875(key.)X
2399 1632(The)N
2 f
2556(/etc/srvtab)X
1 f
2932(file)X
3070(authenticates)X
3520(the)X
3649(server)X
3877(as)X
3975(a)X
2399 1728(password)N
2745(typed)X
2965(at)X
3065(a)X
3143(terminal)X
3452(authenticates)X
3913(the)X
2399 1824(user.)N
2599 1948(The)N
2 f
2792(Kerberos)X
1 f
3165(administrator)X
3660(must)X
3882(also)X
2399 2044(ensure)N
2659(that)X
2 f
2828(Kerberos)X
1 f
3182(machines)X
3534(are)X
3682(physically)X
2399 2140(secure,)N
2650(and)X
2791(would)X
3016(also)X
3170(be)X
3271(wise)X
3442(to)X
3528(maintain)X
3832(back-)X
2399 2236(ups)N
2530(of)X
2617(the)X
2735(Master)X
2978(database.)X
8 s
3275 2211(8)N
3 f
10 s
2399 2428(7.)N
2499(The)X
2652(Bigger)X
2899(Picture)X
1 f
2599 2552(In)N
2696(this)X
2841(section,)X
3118(we)X
3242(describe)X
3539(how)X
2 f
3706(Kerberos)X
1 f
2399 2648(fits)N
2522(into)X
2667(the)X
2786(Athena)X
3039(environment,)X
3485(including)X
3808(its)X
3904(use)X
2399 2744(by)N
2514(other)X
2714(network)X
3011(services)X
3304(and)X
3454(applications,)X
3895(and)X
2399 2840(how)N
2580(it)X
2667(interacts)X
2981(with)X
3165(remote)X
2 f
3430(Kerberos)X
1 f
3777(realms.)X
2399 2936(For)N
2547(a)X
2619(more)X
2820(complete)X
3150(description)X
3542(of)X
3645(the)X
3779(Athena)X
2399 3032(environment,)N
2844(please)X
3065(see)X
3188(G.)X
3286(W.)X
3402(Treese.)X
8 s
3637 3007(9)N
3 f
10 s
2399 3224(7.1.)N
2559(Other)X
2784(Network)X
3103(Services')X
3431(Use)X
3576(of)X
4 f
3663(Kerberos)X
1 f
2599 3348(Several)N
2895(network)X
3212(applications)X
3653(have)X
3859(been)X
2399 3444(modified)N
2725(to)X
2824(use)X
2 f
2968(Kerberos)X
1 f
3273(.)X
3350(The)X
2 f
3512(rlogin)X
1 f
3750(and)X
2 f
3902(rsh)X
1 f
2399 3540(commands)N
2793(first)X
2968(try)X
3103(to)X
3211(authenticate)X
3645(using)X
2 f
3864(Ker-)X
2399 3636(beros)N
1 f
2584(.)X
2663(A)X
2759(user)X
2931(with)X
3111(valid)X
2 f
3309(Kerberos)X
1 f
3652(tickets)X
3899(can)X
2399 3732(rlogin)N
2616(to)X
2704(another)X
2970(Athena)X
3227(machine)X
3524(without)X
3793(having)X
2399 3828(to)N
2482(set)X
2592(up)X
2 f
2693(.rhosts)X
1 f
2936(files.)X
3135(If)X
3210(the)X
2 f
3329(Kerberos)X
1 f
3654(authentica-)X
2399 3924(tion)N
2558(fails,)X
2751(the)X
2883(programs)X
3220(fall)X
3361(back)X
3547(on)X
3661(their)X
3842(usual)X
2399 4020(methods)N
2695(of)X
2787(authorization,)X
3255(in)X
3342(this)X
3482(case,)X
3666(the)X
2 f
3789(.rhosts)X
1 f
2399 4116(files.)N
2599 4240(We)N
2736(have)X
2913(modified)X
3227(the)X
3349(Post)X
3510(Office)X
3740(Protocol)X
2399 4336(to)N
2509(use)X
2 f
2664(Kerberos)X
1 f
3017(for)X
3159(authenticating)X
3661(users)X
3873(who)X
2399 4432(wish)N
2592(to)X
2696(retrieve)X
2984(their)X
3173(electronic)X
3532(mail)X
3716(from)X
3913(the)X
2399 4528(``post)N
2638(office''.)X
2972(A)X
3082(message)X
3405(delivery)X
3719(program,)X
2399 4624(called)N
2 f
2635(Zephyr)X
1 f
2869(,)X
2933(has)X
3083(been)X
3278(recently)X
3580(developed)X
3953(at)X
2399 4720(Athena,)N
2672(and)X
2809(it)X
2873(uses)X
2 f
3031(Kerberos)X
1 f
3356(for)X
3470(authentication)X
3944(as)X
2399 4816(well.)N
8 s
2557 4791(10)N
10 s
2599 4940(The)N
2772(program)X
3092(for)X
3234(signing)X
3517(up)X
3645(new)X
3826(users,)X
2399 5036(called)N
2 f
2631(register)X
1 f
2887(,)X
2947(uses)X
3125(both)X
3307(the)X
3445(Service)X
3725(Manage-)X
2399 5132(ment)N
2581(System)X
2837(\(SMS\))X
8 s
3050 5107(11)N
10 s
3135 5132(and)N
2 f
3272(Kerberos)X
1 f
3577(.)X
3638(From)X
3832(SMS,)X
2399 5228(it)N
2471(determines)X
2851(whether)X
3137(the)X
3262(information)X
3667(entered)X
3931(by)X
2399 5324(the)N
2521(would-be)X
2848(new)X
3006(Athena)X
3261(user,)X
3438(such)X
3608(as)X
3698(name)X
3895(and)X
2399 5420(MIT)N
2602(identification)X
3085(number,)X
3406(is)X
3514(valid.)X
3769(It)X
3873(then)X
2399 5516(checks)N
2639(with)X
2 f
2802(Kerberos)X
1 f
3128(to)X
3211(see)X
3335(if)X
3404(the)X
3522(requested)X
3850(user-)X
2399 5612(name)N
2603(is)X
2686(unique.)X
2974(If)X
3058(all)X
3168(goes)X
3345(well,)X
3533(a)X
3599(new)X
3763(entry)X
3958(is)X
2399 5708(made)N
2613(to)X
2715(the)X
2 f
2853(Kerberos)X
1 f
3198(database,)X
3535(containing)X
3913(the)X
2399 5804(username)N
2727(and)X
2863(password.)X
2028 6144(March)N
2258(30,)X
2378(1988)X
11 p
%%Page: 11 11
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2196 416(-)N
2243(11)X
2343(-)X
755 672(For)N
890(a)X
950(detailed)X
1228(discussion)X
1585(of)X
1676(the)X
1798(use)X
1929(of)X
2 f
2020(Ker-)X
555 768(beros)N
1 f
793(to)X
908(secure)X
1167(Sun's)X
1402(Network)X
1736(File)X
1912(System,)X
555 864(please)N
776(refer)X
949(to)X
1031(the)X
1149(appendix.)X
3 f
555 1056(7.2.)N
715(Interaction)X
1118(with)X
1289(Other)X
1514(Kerberi)X
1 f
755 1180(It)N
838(is)X
925(expected)X
1245(that)X
1399(different)X
1709(administrative)X
555 1276(organizations)N
1016(will)X
1169(want)X
1353(to)X
1443(use)X
2 f
1578(Kerberos)X
1 f
1911(for)X
2033(user)X
555 1372(authentication.)N
1084(It)X
1168(is)X
1256(also)X
1419(expected)X
1739(that)X
1893(in)X
1989(many)X
555 1468(cases,)N
774(users)X
968(in)X
1059(one)X
1204(organization)X
1634(will)X
1786(want)X
1970(to)X
2060(use)X
555 1564(services)N
848(in)X
944(another.)X
2 f
1259(Kerberos)X
1 f
1597(supports)X
1901(multiple)X
555 1660(administrative)N
1074(domains.)X
1445(The)X
1630(specification)X
2100(of)X
555 1756(names)N
803(in)X
2 f
908(Kerberos)X
1 f
1256(includes)X
1566(a)X
1645(field)X
1835(called)X
2069(the)X
2 f
555 1852(realm)N
1 f
749(.)X
844(This)X
1041(field)X
1243(contains)X
1565(the)X
1718(name)X
1947(of)X
2069(the)X
555 1948(administrative)N
1037(domain)X
1301(within)X
1529(which)X
1749(the)X
1871(user)X
2029(is)X
2105(to)X
555 2044(be)N
651(authenticated.)X
755 2168(Services)N
1061(are)X
1194(usually)X
1459(registered)X
1810(in)X
1906(a)X
1976(single)X
555 2264(realm)N
769(and)X
916(will)X
1071(only)X
1243(accept)X
1479(credentials)X
1857(issued)X
2087(by)X
555 2360(an)N
657(authentication)X
1137(server)X
1360(for)X
1479(that)X
1624(realm.)X
1872(A)X
1955(user)X
2114(is)X
555 2456(usually)N
831(registered)X
1193(in)X
1300(a)X
1380(single)X
1615(realm)X
1842(\(the)X
2011(local)X
555 2552(realm\),)N
825(but)X
967(it)X
1051(is)X
1144(possible)X
1445(for)X
1578(her/him)X
1866(to)X
1967(obtain)X
555 2648(credentials)N
939(issued)X
1175(by)X
1290(another)X
1566(realm)X
1784(\(the)X
1944(remote)X
555 2744(realm\),)N
813(on)X
921(the)X
1047(strength)X
1333(of)X
1427(the)X
1552(authentication)X
2033(pro-)X
555 2840(vided)N
765(by)X
877(the)X
1007(local)X
1195(realm.)X
1450(Credentials)X
1847(valid)X
2038(in)X
2131(a)X
555 2936(remote)N
801(realm)X
1007(indicate)X
1284(the)X
1405(realm)X
1611(in)X
1695(which)X
1913(the)X
2033(user)X
555 3032(was)N
736(originally)X
1102(authenticated.)X
1625(Services)X
1952(in)X
2069(the)X
555 3128(remote)N
806(realm)X
1017(can)X
1157(choose)X
1408(whether)X
1695(to)X
1784(honor)X
1998(those)X
555 3224(credentials,)N
956(depending)X
1323(on)X
1436(the)X
1567(degree)X
1814(of)X
1913(security)X
555 3320(required)N
857(and)X
1007(the)X
1139(level)X
1329(of)X
1430(trust)X
1605(in)X
1700(the)X
1831(realm)X
2047(that)X
555 3416(initially)N
823(authenticated)X
1271(the)X
1389(user.)X
755 3540(In)N
847(order)X
1042(to)X
1128(perform)X
1411(cross-realm)X
1810(authentica-)X
555 3636(tion,)N
720(it)X
785(is)X
859(necessary)X
1193(that)X
1334(the)X
1453(administrators)X
1932(of)X
2019(each)X
555 3732(pair)N
709(of)X
805(realms)X
1048(select)X
1259(a)X
1323(key)X
1467(to)X
1557(be)X
1661(shared)X
1899(between)X
555 3828(their)N
732(realms.)X
1016(A)X
1104(user)X
1268(in)X
1360(the)X
1488(local)X
1674(realm)X
1887(can)X
2029(then)X
555 3924(request)N
835(a)X
919(ticket-granting)X
1438(ticket)X
1663(from)X
1866(the)X
2011(local)X
555 4020(authentication)N
1029(server)X
1246(for)X
1360(the)X
1478(ticket-granting)X
1970(server)X
555 4116(in)N
639(the)X
759(remote)X
1004(realm.)X
1249(When)X
1463(that)X
1605(ticket)X
1805(is)X
1880(used,)X
2069(the)X
555 4212(remote)N
810(ticket-granting)X
1314(server)X
1543(recognizes)X
1918(that)X
2069(the)X
555 4308(request)N
813(is)X
892(not)X
1020(from)X
1202(its)X
1303(own)X
1467(realm,)X
1696(and)X
1837(it)X
1906(uses)X
2069(the)X
555 4404(previously)N
928(exchanged)X
1307(key)X
1458(to)X
1555(decrypt)X
1830(the)X
1962(ticket-)X
555 4500(granting)N
855(ticket.)X
1106(It)X
1187(then)X
1357(issues)X
1580(a)X
1648(ticket)X
1858(as)X
1957(it)X
2033(nor-)X
555 4596(mally)N
770(would,)X
1023(except)X
1266(that)X
1419(the)X
1549(realm)X
1764(field)X
1943(for)X
2069(the)X
555 4692(client)N
755(contains)X
1044(the)X
1163(name)X
1358(of)X
1446(the)X
1565(realm)X
1769(in)X
1852(which)X
2069(the)X
555 4788(client)N
753(was)X
898(originally)X
1229(authenticated.)X
755 4912(This)N
929(approach)X
1256(could)X
1466(be)X
1574(extended)X
1896(to)X
1989(allow)X
555 5008(one)N
711(to)X
813(authenticate)X
1241(oneself)X
1513(through)X
1802(a)X
1878(series)X
2100(of)X
555 5104(realms)N
801(until)X
979(reaching)X
1288(the)X
1418(realm)X
1633(with)X
1806(the)X
1935(desired)X
555 5200(service.)N
853(In)X
950(order)X
1150(to)X
1242(do)X
1352(this,)X
1517(though,)X
1789(it)X
1862(would)X
2091(be)X
555 5296(necessary)N
890(to)X
974(record)X
1202(the)X
1322(entire)X
1527(path)X
1686(that)X
1827(was)X
1973(taken,)X
555 5392(and)N
693(not)X
817(just)X
954(the)X
1074(name)X
1270(of)X
1358(the)X
1477(initial)X
1684(realm)X
1888(in)X
1971(which)X
555 5488(the)N
674(user)X
829(was)X
974(authenticated.)X
1462(In)X
1549(such)X
1716(a)X
1772(situation,)X
2087(all)X
555 5584(that)N
703(is)X
784(known)X
1030(by)X
1138(the)X
1264(server)X
1489(is)X
1570(that)X
1717(A)X
1802(says)X
1967(that)X
2114(B)X
555 5680(says)N
723(that)X
873(C)X
956(says)X
1123(that)X
1272(the)X
1399(user)X
1562(is)X
1644(so-and-so.)X
2025(This)X
555 5776(statement)N
896(can)X
1042(only)X
1218(be)X
1328(trusted)X
1579(if)X
1661(everyone)X
1989(along)X
2399 672(the)N
2517(path)X
2675(is)X
2748(also)X
2897(trusted.)X
3 f
2399 864(8.)N
2499(Issues)X
2723(and)X
2871(Open)X
3077(Problems)X
1 f
2599 988(There)N
2832(are)X
2976(a)X
3057(number)X
3347(of)X
3459(issues)X
3695(and)X
3855(open)X
2399 1084(problems)N
2728(associated)X
3089(with)X
3262(the)X
2 f
3391(Kerberos)X
1 f
3726(authenti-)X
2399 1180(cation)N
2619(mechanism.)X
3068(Among)X
3331(the)X
3452(issues)X
3666(are)X
3788(how)X
3949(to)X
2399 1276(decide)N
2647(the)X
2783(correct)X
3045(lifetime)X
3332(for)X
3464(a)X
3538(ticket,)X
3774(how)X
3949(to)X
2399 1372(allow)N
2606(proxies,)X
2891(and)X
3036(how)X
3202(to)X
3292(guarantee)X
3633(workstation)X
2399 1468(integrity.)N
2599 1592(The)N
2758(ticket)X
2969(lifetime)X
3251(problem)X
3551(is)X
3637(a)X
3706(matter)X
3944(of)X
2399 1688(choosing)N
2709(the)X
2828(proper)X
3058(tradeoff)X
3333(between)X
3621(security)X
3895(and)X
2399 1784(convenience.)N
2864(If)X
2941(the)X
3062(life)X
3192(of)X
3282(a)X
3341(ticket)X
3542(is)X
3618(long,)X
3802(then)X
3962(if)X
2399 1880(a)N
2465(ticket)X
2673(and)X
2819(its)X
2924(associated)X
3284(session)X
3545(key)X
3691(are)X
3820(stolen)X
2399 1976(or)N
2487(misplaced,)X
2853(they)X
3012(can)X
3145(be)X
3242(used)X
3410(for)X
3525(a)X
3581(longer)X
3806(period)X
2399 2072(of)N
2492(time.)X
2700(Such)X
2885(information)X
3288(can)X
3425(be)X
3526(stolen)X
3742(if)X
3816(a)X
3877(user)X
2399 2168(forgets)N
2649(to)X
2738(log)X
2866(out)X
2994(of)X
3087(a)X
3149(public)X
3375(workstation.)X
3819(Alter-)X
2399 2264(natively,)N
2698(if)X
2768(a)X
2825(user)X
2979(has)X
3106(been)X
3278(authenticated)X
3726(on)X
3826(a)X
3882(sys-)X
2399 2360(tem)N
2547(that)X
2695(allows)X
2932(multiple)X
3226(users,)X
3439(another)X
3708(user)X
3869(with)X
2399 2456(access)N
2633(to)X
2723(root)X
2880(might)X
3094(be)X
3198(able)X
3360(to)X
3449(find)X
3605(the)X
3730(informa-)X
2399 2552(tion)N
2560(needed)X
2825(to)X
2924(use)X
3068(stolen)X
3296(tickets.)X
3582(The)X
3744(problem)X
2399 2648(with)N
2571(giving)X
2805(a)X
2871(ticket)X
3079(a)X
3145(short)X
3334(lifetime,)X
3632(however,)X
3958(is)X
2399 2744(that)N
2541(when)X
2737(it)X
2803(expires,)X
3077(the)X
3197(user)X
3353(will)X
3498(have)X
3671(to)X
3754(obtain)X
3975(a)X
2399 2840(new)N
2554(one)X
2691(which)X
2908(requires)X
3188(the)X
3307(user)X
3462(to)X
3545(enter)X
3727(the)X
3846(pass-)X
2399 2936(word)N
2584(again.)X
2599 3060(An)N
2742(open)X
2943(problem)X
3254(is)X
3351(the)X
3493(proxy)X
3724(problem.)X
2399 3156(How)N
2585(can)X
2726(an)X
2831(authenticated)X
3288(user)X
3451(allow)X
3658(a)X
3723(server)X
3949(to)X
2399 3252(acquire)N
2662(other)X
2853(network)X
3142(services)X
3426(on)X
3531(her/his)X
3774(behalf?)X
2399 3348(An)N
2521(example)X
2817(where)X
3038(this)X
3177(would)X
3401(be)X
3501(important)X
3836(is)X
3913(the)X
2399 3444(use)N
2531(of)X
2623(a)X
2684(service)X
2937(that)X
3082(will)X
3231(gain)X
3394(access)X
3625(to)X
3712(protected)X
2399 3540(files)N
2564(directly)X
2836(from)X
3018(a)X
3080(fileserver.)X
3450(Another)X
3739(example)X
2399 3636(of)N
2487(this)X
2623(problem)X
2910(is)X
2983(what)X
3159(we)X
3273(call)X
2 f
3409(authentication)X
3891(for-)X
2399 3732(warding)N
1 f
2672(.)X
2746(If)X
2834(a)X
2903(user)X
3070(is)X
3156(logged)X
3407(into)X
3564(a)X
3633(workstation)X
2399 3828(and)N
2545(logs)X
2708(in)X
2800(to)X
2892(a)X
2958(remote)X
3210(host,)X
3392(it)X
3465(would)X
3694(be)X
3799(nice)X
3962(if)X
2399 3924(the)N
2520(user)X
2677(had)X
2816(access)X
3045(to)X
3130(the)X
3251(same)X
3439(services)X
3721(available)X
2399 4020(locally,)N
2671(while)X
2883(running)X
3166(a)X
3236(program)X
3542(on)X
3656(the)X
3788(remote)X
2399 4116(host.)N
2608(What)X
2818(makes)X
3058(this)X
3208(difficult)X
3501(is)X
3589(that)X
3744(the)X
3877(user)X
2399 4212(might)N
2617(not)X
2750(trust)X
2923(the)X
3052(remote)X
3306(host,)X
3490(thus)X
3654(authentica-)X
2399 4308(tion)N
2551(forwarding)X
2936(is)X
3017(not)X
3147(desirable)X
3465(in)X
3555(all)X
3662(cases.)X
3899(We)X
2399 4404(do)N
2499(not)X
2621(presently)X
2935(have)X
3107(a)X
3163(solution)X
3440(to)X
3522(this)X
3657(problem.)X
2599 4528(Another)N
2887(problem,)X
3199(and)X
3339(one)X
3479(that)X
3623(is)X
3700(important)X
2399 4624(in)N
2494(the)X
2625(Athena)X
2890(environment,)X
3348(is)X
3434(how)X
3604(to)X
3698(guarantee)X
2399 4720(the)N
2528(integrity)X
2830(of)X
2928(the)X
3057(software)X
3364(running)X
3643(on)X
3753(a)X
3819(work-)X
2399 4816(station.)N
2693(This)X
2876(is)X
2970(not)X
3112(so)X
3223(much)X
3441(of)X
3548(a)X
3624(problem)X
3931(on)X
2399 4912(private)N
2660(workstations)X
3107(since)X
3310(the)X
3446(user)X
3617(that)X
3774(will)X
3935(be)X
2399 5008(using)N
2615(it)X
2702(has)X
2852(control)X
3122(over)X
3308(it.)X
3435(On)X
3576(public)X
3819(work-)X
2399 5104(stations,)N
2714(however,)X
3062(someone)X
3398(might)X
3635(have)X
3837(come)X
2399 5200(along)N
2601(and)X
2740(modified)X
3052(the)X
2 f
3173(login)X
1 f
3367(program)X
3662(to)X
3747(save)X
3913(the)X
2399 5296(user's)N
2643(password.)X
3038(The)X
3215(only)X
3409(solution)X
3717(presently)X
2399 5392(available)N
2721(in)X
2815(our)X
2953(environment)X
3389(is)X
3473(to)X
3566(make)X
3771(it)X
3846(diffi-)X
2399 5488(cult)N
2543(for)X
2661(people)X
2899(to)X
2984(modify)X
3238(software)X
3538(running)X
3810(on)X
3913(the)X
2399 5584(public)N
2652(workstations.)X
3154(A)X
3265(better)X
3501(solution)X
3811(would)X
2399 5680(require)N
2659(that)X
2811(the)X
2941(user's)X
3164(key)X
3311(never)X
3521(leave)X
3722(a)X
3789(system)X
2399 5776(that)N
2544(the)X
2667(user)X
2826(knows)X
3060(can)X
3197(be)X
3298(trusted.)X
3580(One)X
3738(way)X
3896(this)X
2028 6144(March)N
2258(30,)X
2378(1988)X
12 p
%%Page: 12 12
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2196 416(-)N
2243(12)X
2343(-)X
555 672(could)N
766(be)X
875(done)X
1064(would)X
1297(be)X
1406(if)X
1487(the)X
1617(user)X
1783(possessed)X
2131(a)X
2 f
555 768(smartcard)N
1 f
953(capable)X
1261(of)X
1390(doing)X
1634(the)X
1793(encryptions)X
555 864(required)N
843(in)X
925(the)X
1043(authentication)X
1517(protocol.)X
3 f
555 1056(9.)N
655(Status)X
1 f
755 1180(A)N
840(prototype)X
1174(version)X
1437(of)X
2 f
1530(Kerberos)X
1 f
1861(went)X
2043(into)X
555 1276(production)N
930(in)X
1020(September)X
1391(of)X
1485(1986.)X
1712(Since)X
1917(January)X
555 1372(of)N
645(1987,)X
2 f
847(Kerberos)X
1 f
1174(has)X
1303(been)X
1477(Project)X
1726(Athena's)X
2038(sole)X
555 1468(means)N
815(of)X
937(authenticating)X
1445(its)X
1574(5,000)X
1808(users,)X
2047(650)X
555 1564(workstations,)N
1022(and)X
1175(65)X
1292(servers.)X
1597(In)X
1701(addition,)X
2 f
2020(Ker-)X
555 1660(beros)N
1 f
768(is)X
849(now)X
1015(being)X
1221(used)X
1396(in)X
1486(place)X
1684(of)X
2 f
1779(.rhosts)X
1 f
2029(files)X
555 1756(for)N
702(controlling)X
1106(access)X
1364(in)X
1478(several)X
1758(of)X
1877(Athena's)X
555 1852(timesharing)N
953(systems.)X
3 f
555 2044(10.)N
695(Acknowledgements)X
2 f
755 2168(Kerberos)N
1 f
1099(was)X
1262(initially)X
1548(designed)X
1871(by)X
1989(Steve)X
555 2264(Miller)N
806(and)X
972(Clifford)X
1280(Neuman)X
1602(with)X
1794(suggestions)X
555 2360(from)N
747(Jeff)X
904(Schiller)X
1189(and)X
1340(Jerry)X
1536(Saltzer.)X
1834(Since)X
2047(that)X
555 2456(time,)N
746(numerous)X
1091(other)X
1285(people)X
1527(have)X
1707(been)X
1887(involved)X
555 2552(with)N
732(the)X
864(project.)X
1161(Among)X
1435(them)X
1629(are)X
1762(Jim)X
1911(Aspnes,)X
555 2648(Bob)N
728(Baldwin,)X
1059(John)X
1250(Barba,)X
1502(Richard)X
1796(Basch,)X
2052(Jim)X
555 2744(Bloom,)N
835(Bill)X
997(Bryant,)X
1278(Mark)X
1495(Colan,)X
1749(Rob)X
1924(French,)X
555 2840(Dan)N
732(Geer,)X
952(John)X
1146(Kohl,)X
1369(John)X
1562(Kubiatowicz,)X
2034(Bob)X
555 2936(Mckie,)N
821(Brian)X
1039(Murphy,)X
1357(John)X
1548(Ostlund)X
1841(Ken)X
2015(Rae-)X
555 3032(burn,)N
743(Chris)X
937(Reed,)X
1143(Jon)X
1275(Rochlis,)X
1560(Mike)X
1749(Shanzer,)X
2048(Bill)X
555 3128(Sommerfeld,)N
1017(Ted)X
1188(T'so,)X
1401(Win)X
1584(Treese,)X
1864(and)X
2025(Stan)X
555 3224(Zanarotti.)N
755 3348(We)N
931(are)X
1094(grateful)X
1408(to)X
1534(Dan)X
1731(Geer,)X
1971(Kathy)X
555 3444(Lieben,)N
825(Josh)X
994(Lubarr,)X
1259(Ken)X
1419(Raeburn,)X
1737(Jerry)X
1924(Saltzer,)X
555 3540(Ed)N
666(Steiner,)X
935(Robbert)X
1215(van)X
1352(Renesse,)X
1656(and)X
1793(Win)X
1952(Treese)X
555 3636(whose)N
792(suggestions)X
1197(much)X
1407(improved)X
1746(earlier)X
1984(drafts)X
555 3732(of)N
642(this)X
777(paper.)X
755 3856(The)N
902(illustration)X
1270(on)X
1372(the)X
1492(title)X
1637(page)X
1810(is)X
1884(by)X
1985(Betsy)X
555 3952(Bruemmer.)N
2028 6144(March)N
2258(30,)X
2378(1988)X
13 p
%%Page: 13 13
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2196 416(-)N
2243(13)X
2343(-)X
3 f
12 s
2083 672(Appendix)N
4 f
1085 960(Kerberos)N
3 f
1466(Application)X
1970(to)X
2074(SUN's)X
2358(Network)X
2739(File)X
2919(System)X
3236(\(NFS\))X
1 f
10 s
755 1248(A)N
856(key)X
1015(component)X
1414(of)X
1524(the)X
1665(Project)X
1935(Athena)X
555 1344(workstation)N
964(system)X
1216(is)X
1299(the)X
1427(interposing)X
1817(of)X
1914(the)X
2042(net-)X
555 1440(work)N
750(between)X
1048(the)X
1176(user's)X
1397(workstation)X
1804(and)X
1949(her/his)X
555 1536(private)N
806(file)X
940(storage)X
1199(\(home)X
1431(directory\).)X
1815(All)X
1944(private)X
555 1632(storage)N
821(resides)X
1078(on)X
1192(a)X
1261(set)X
1383(of)X
1483(computers)X
1850(\(currently)X
555 1728(VAX)N
755(11/750s\))X
1061(that)X
1207(are)X
1332(dedicated)X
1666(to)X
1753(this)X
1893(purpose.)X
555 1824(This)N
721(allows)X
954(us)X
1049(to)X
1134(offer)X
1314(services)X
1596(on)X
1699(publicly)X
1984(avail-)X
555 1920(able)N
716(UNIX)X
943(workstations.)X
1418(When)X
1636(a)X
1698(user)X
1858(logs)X
2017(in)X
2105(to)X
555 2016(one)N
728(of)X
852(these)X
1074(publicly)X
1392(available)X
1738(workstations,)X
555 2112(rather)N
780(then)X
955(validate)X
1246(her/his)X
1501(name)X
1712(and)X
1864(password)X
555 2208(against)N
818(a)X
889(locally)X
1142(resident)X
1431(password)X
1769(file,)X
1931(we)X
2060(use)X
2 f
555 2304(Kerberos)N
1 f
893(to)X
988(determine)X
1342(her/his)X
1592(authenticity.)X
2042(The)X
2 f
555 2400(login)N
1 f
749(program)X
1044(prompts)X
1329(for)X
1445(a)X
1503(username)X
1833(\(as)X
1949(on)X
2051(any)X
555 2496(UNIX)N
783(system\).)X
1099(This)X
1268(username)X
1603(is)X
1683(used)X
1856(to)X
1944(fetch)X
2131(a)X
2 f
555 2592(Kerberos)N
1 f
898(ticket-granting)X
1408(ticket.)X
1663(The)X
2 f
1825(login)X
1 f
2033(pro-)X
555 2688(gram)N
754(uses)X
926(the)X
1058(password)X
1395(to)X
1491(generate)X
1798(a)X
1867(DES)X
2051(key)X
555 2784(for)N
670(decrypting)X
1033(the)X
1151(ticket.)X
1389(If)X
1463(decryption)X
1826(is)X
1899(success-)X
555 2880(ful,)N
694(the)X
822(user's)X
1044(home)X
1252(directory)X
1572(is)X
1654(located)X
1915(by)X
2024(con-)X
555 2976(sulting)N
806(the)X
2 f
937(Hesiod)X
1 f
1204(naming)X
1477(service)X
1738(and)X
1887(mounted)X
555 3072(through)N
828(NFS.)X
1038(The)X
2 f
1187(login)X
1 f
1382(program)X
1678(then)X
1840(turns)X
2024(con-)X
555 3168(trol)N
698(over)X
873(to)X
967(the)X
1096(user's)X
1319(shell,)X
1521(which)X
1748(then)X
1917(can)X
2060(run)X
555 3264(the)N
737(traditional)X
1150(per-user)X
1497(customization)X
2029(files)X
555 3360(because)N
834(the)X
955(home)X
1156(directory)X
1469(is)X
1545(now)X
1706(``attached'')X
2105(to)X
555 3456(the)N
679(workstation.)X
1123(The)X
2 f
1274(Hesiod)X
1 f
1534(service)X
1788(is)X
1866(also)X
2020(used)X
555 3552(to)N
651(construct)X
979(an)X
1089(entry)X
1288(in)X
1384(the)X
1515(local)X
1704(password)X
2040(file.)X
555 3648(\(This)N
754(is)X
837(for)X
960(the)X
1087(benefit)X
1339(of)X
1435(programs)X
1767(that)X
1916(look)X
2087(up)X
555 3744(information)N
953(in)X
2 f
1035(/etc/passwd)X
1 f
1415(.\))X
755 3868(From)N
950(several)X
1200(options)X
1457(for)X
1572(delivery)X
1856(of)X
1944(remote)X
555 3964(file)N
693(service,)X
972(we)X
1097(chose)X
1311(SUN's)X
1560(Network)X
1871(File)X
2025(Sys-)X
555 4060(tem.)N
741(However)X
1062(this)X
1202(system)X
1449(fails)X
1612(to)X
1699(mesh)X
1893(with)X
2060(our)X
555 4156(needs)N
779(in)X
882(a)X
959(crucial)X
1219(way.)X
1434(NFS)X
1620(assumes)X
1927(that)X
2087(all)X
555 4252(workstations)N
998(fall)X
1139(into)X
1296(two)X
1449(categories)X
1808(\(as)X
1935(viewed)X
555 4348(from)N
745(a)X
815(file)X
956(server's)X
1245(point)X
1442(of)X
1542(view\):)X
1800(trusted)X
2051(and)X
555 4444(untrusted.)N
927(Untrusted)X
1277(systems)X
1564(cannot)X
1812(access)X
2051(any)X
555 4540(files)N
716(at)X
797(all,)X
920(trusted)X
1161(can.)X
1336(Trusted)X
1604(systems)X
1880(are)X
2002(com-)X
555 4636(pletely)N
794(trusted.)X
1073(It)X
1142(is)X
1215(assumed)X
1511(that)X
1651(a)X
1707(trusted)X
1945(system)X
555 4732(is)N
655(managed)X
991(by)X
1117(friendly)X
1417(management.)X
1913(Specifi-)X
555 4828(cally,)N
760(it)X
833(is)X
915(possible)X
1205(from)X
1389(a)X
1453(trusted)X
1699(workstation)X
2105(to)X
555 4924(masquerade)N
971(as)X
1070(any)X
1218(valid)X
1409(user)X
1574(of)X
1672(the)X
1801(file)X
1939(service)X
555 5020(system)N
810(and)X
959(thus)X
1125(gain)X
1296(access)X
1535(to)X
1630(just)X
1778(about)X
1988(every)X
555 5116(file)N
689(on)X
795(the)X
919(system.)X
1207(\(Only)X
1420(files)X
1584(owned)X
1824(by)X
1930(``root'')X
555 5212(are)N
674(exempted.\))X
755 5336(In)N
856(our)X
997(environment,)X
1456(the)X
1588(management)X
2031(of)X
2131(a)X
555 5432(workstation)N
954(\(in)X
1064(the)X
1183(traditional)X
1533(sense)X
1728(of)X
1816(UNIX)X
2038(sys-)X
555 5528(tem)N
720(management\))X
1202(is)X
1300(in)X
1407(the)X
1549(hands)X
1780(of)X
1891(the)X
2033(user)X
555 5624(currently)N
870(using)X
1067(it.)X
1175(We)X
1311(make)X
1509(no)X
1613(secret)X
1825(of)X
1916(the)X
2038(root)X
555 5720(password)N
879(on)X
979(our)X
1106(workstations,)X
1555(as)X
1642(we)X
1756(realize)X
1991(that)X
2131(a)X
2399 1248(truly)N
2572(unfriendly)X
2928(user)X
3084(can)X
3218(break)X
3419(in)X
3503(by)X
3605(the)X
3725(very)X
3890(fact)X
2399 1344(that)N
2541(s/he)X
2692(is)X
2767(sitting)X
2988(in)X
3072(the)X
3191(same)X
3377(physical)X
3665(location)X
3944(as)X
2399 1440(the)N
2529(machine)X
2833(and)X
2981(has)X
3120(access)X
3358(to)X
3452(all)X
3564(console)X
3841(func-)X
2399 1536(tions.)N
2623(Therefore)X
2970(we)X
3093(cannot)X
3335(truly)X
3514(trust)X
3684(our)X
3819(work-)X
2399 1632(stations)N
2685(in)X
2789(the)X
2929(NFS)X
3117(interpretation)X
3591(of)X
3699(trust.)X
3922(To)X
2399 1728(allow)N
2608(proper)X
2849(access)X
3086(controls)X
3375(in)X
3468(our)X
3606(environment)X
2399 1824(we)N
2525(had)X
2673(to)X
2767(make)X
2973(some)X
3174(modifications)X
3646(to)X
3739(the)X
3868(base)X
2399 1920(NFS)N
2586(software,)X
2924(and)X
3081(integrate)X
2 f
3403(Kerberos)X
1 f
3749(into)X
3913(the)X
2399 2016(scheme.)N
3 f
2399 2208(Unmodified)N
2823(NFS)X
1 f
2599 2332(In)N
2719(the)X
2870(implementation)X
3425(of)X
3545(NFS)X
3744(that)X
3917(we)X
2399 2428(started)N
2644(with)X
2817(\(from)X
3031(the)X
3160(University)X
3529(of)X
3626(Wisconsin\),)X
2399 2524(authentication)N
2900(was)X
3072(provided)X
3404(in)X
3513(the)X
3658(form)X
3861(of)X
3975(a)X
2399 2620(piece)N
2623(of)X
2744(data)X
2932(included)X
3262(in)X
3378(each)X
3580(NFS)X
3779(request)X
2399 2716(\(called)N
2639(a)X
2696 0.2404(``credential'')AX
3142(in)X
3225(NFS)X
3391(terminology\).)X
3869(This)X
2399 2812(credential)N
2748(contains)X
3046(information)X
3455(about)X
3664(the)X
3793(unique)X
2399 2908(user)N
2557(identifier)X
2875(\(UID\))X
3096(of)X
3187(the)X
3308(requester)X
3626(and)X
3765(a)X
3824(list)X
3944(of)X
2399 3004(the)N
2540(group)X
2770(identifiers)X
3138(\(GIDs\))X
3409(of)X
3518(the)X
3658(requester's)X
2399 3100(membership.)N
2855(This)X
3017(information)X
3415(is)X
3488(then)X
3646(used)X
3813(by)X
3913(the)X
2399 3196(NFS)N
2577(server)X
2805(for)X
2930(access)X
3167(checking.)X
3528(The)X
3684(difference)X
2399 3292(between)N
2688(a)X
2745(trusted)X
2983(and)X
3119(a)X
3175(non-trusted)X
3560(workstation)X
3958(is)X
2399 3388(whether)N
2684(or)X
2777(not)X
2904(its)X
3004(credentials)X
3377(are)X
3501(accepted)X
3808(by)X
3913(the)X
2399 3484(NFS)N
2565(server.)X
8 s
2782 3459(12)N
3 f
10 s
2399 3676(Modified)N
2730(NFS)X
1 f
2599 3800(In)N
2723(our)X
2887(environment,)X
3369(NFS)X
3572(servers)X
3856(must)X
2399 3896(accept)N
2631(credentials)X
3005(from)X
3187(a)X
3249(workstation)X
3653(if)X
3728(and)X
3869(only)X
2399 3992(if)N
2514(the)X
2678(credentials)X
3091(indicate)X
3410(the)X
3573(UID)X
3781(of)X
3913(the)X
2399 4088(workstation's)N
2855(user,)X
3029(and)X
3165(no)X
3265(other.)X
2599 4212(One)N
2767(obvious)X
3054(solution)X
3345(would)X
3579(be)X
3688(to)X
3783(change)X
2399 4308(the)N
2526(nature)X
2756(of)X
2851(credentials)X
3227(from)X
3411(mere)X
3600(indicators)X
3944(of)X
2399 4404(UID)N
2573(and)X
2720(GIDs)X
2925(to)X
3018(full)X
3160(blown)X
2 f
3391(Kerberos)X
1 f
3726(authenti-)X
2399 4500(cated)N
2608(data.)X
2821(However)X
3154(a)X
3228(significant)X
3604(performance)X
2399 4596(penalty)N
2690(would)X
2945(be)X
3076(paid)X
3269(if)X
3373(this)X
3543(solution)X
3854(were)X
2399 4692(adopted.)N
2744(Credentials)X
3159(are)X
3308(exchanged)X
3702(on)X
3832(every)X
2399 4788(NFS)N
2578(operation)X
2914(including)X
3249(all)X
3362(disk)X
3527(read)X
3698(and)X
3846(write)X
2399 4884(activities.)N
2749(Including)X
3076(a)X
2 f
3132(Kerberos)X
1 f
3457(authentication)X
3931(on)X
2399 4980(each)N
2573(disk)X
2732(transaction)X
3110(would)X
3335(add)X
3476(a)X
3537(fair)X
3674(number)X
3944(of)X
2399 5076(full-blown)N
2787(encryptions)X
3211(\(done)X
3444(in)X
3555(software\))X
3908(per)X
2399 5172(transaction)N
2777(and,)X
2938(according)X
3280(to)X
3367(our)X
3499(envelope)X
3814(calcu-)X
2399 5268(lations,)N
2668(would)X
2904(have)X
3092(delivered)X
3426(unacceptable)X
3881(per-)X
2399 5364(formance.)N
2778(\(It)X
2889(would)X
3124(also)X
3287(have)X
3473(required)X
3775(placing)X
2399 5460(the)N
2 f
2560(Kerberos)X
1 f
2928(library)X
3205(routines)X
3526(in)X
3650(the)X
3810(kernel)X
2399 5556(address)N
2660(space.\))X
2599 5680(We)N
2752(needed)X
3021(a)X
3098(hybrid)X
3348(approach,)X
3703(described)X
2399 5776(below.)N
2663(The)X
2815(basic)X
3007(idea)X
3168(is)X
3248(to)X
3337(have)X
3516(the)X
3641(NFS)X
3814(server)X
2028 6144(March)N
2258(30,)X
2378(1988)X
14 p
%%Page: 14 14
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2196 416(-)N
2243(14)X
2343(-)X
555 672(map)N
759(credentials)X
1173(received)X
1511(from)X
1732(client)X
1975(work-)X
555 768(stations,)N
882(to)X
1007(a)X
1106(valid)X
1329(\(and)X
1535(possibly)X
1863(different\))X
555 864(credential)N
899(on)X
1005(the)X
1129(server)X
1352(system.)X
1640(This)X
1808(mapping)X
2114(is)X
555 960(performed)N
931(in)X
1034(the)X
1173(server's)X
1469(kernel)X
1711(on)X
1832(each)X
2021(NFS)X
555 1056(transaction)N
944(and)X
1097(is)X
1187(setup)X
1393(at)X
1488(``mount'')X
1837(time)X
2015(by)X
2131(a)X
555 1152(user-level)N
929(process)X
1226(that)X
1402(engages)X
1717(in)X
2 f
1835(Kerberos)X
1 f
2140(-)X
555 1248(moderated)N
931(authentication)X
1422(prior)X
1615(to)X
1713(establishing)X
2131(a)X
555 1344(valid)N
735(kernel)X
956(credential)X
1293(mapping.)X
755 1468(To)N
871(implement)X
1240(this)X
1382(we)X
1503(added)X
1722(a)X
1785(new)X
1945(system)X
555 1564(call)N
708(to)X
807(the)X
942(kernel)X
1180(\(required)X
1511(only)X
1689(on)X
1805(server)X
2038(sys-)X
555 1660(tems,)N
753(not)X
882(on)X
989(client)X
1194(systems\))X
1501(that)X
1647(provides)X
1949(for)X
2069(the)X
555 1756(control)N
805(of)X
895(the)X
1016(mapping)X
1318(function)X
1607(that)X
1749(maps)X
1940(incom-)X
555 1852(ing)N
729(credentials)X
1149(from)X
1376(client)X
1625(workstations)X
2105(to)X
555 1948(credentials)N
940(valid)X
1136(for)X
1266(use)X
1409(on)X
1525(the)X
1659(server)X
1892(\(if)X
2004(any\).)X
555 2044(The)N
700(basic)X
885(mapping)X
1185(function)X
1472(maps)X
1661(the)X
1779(tuple:)X
576 2188(<CLIENT)N
9 f
906(-)X
1 f
950(IP)X
9 f
1021(-)X
1 f
1065(ADDRESS,)X
1469(UID)X
9 f
1612(-)X
1 f
1656(ON)X
9 f
1772(-)X
1 f
1816(CLIENT>)X
555 2332(to)N
652(a)X
723(valid)X
917(NFS)X
1097(credential)X
1448(on)X
1562(the)X
1694(server)X
1925(system.)X
555 2428(The)N
724(CLIENT)X
9 f
1009(-)X
1 f
1053(IP)X
9 f
1124(-)X
1 f
1168(ADDRESS)X
1576(is)X
1673(extracted)X
2011(from)X
555 2524(the)N
796(NFS)X
1085(request)X
1459(packet)X
1811(and)X
2069(the)X
555 2620(UID)N
9 f
698(-)X
1 f
742(ON)X
9 f
858(-)X
1 f
902(CLIENT)X
1215(is)X
1295(extracted)X
1617(from)X
1800(the)X
1925(creden-)X
555 2716(tial)N
680(supplied)X
974(by)X
1077(the)X
1198(client)X
1398(system.)X
1682(Note:)X
1882(all)X
1984(infor-)X
555 2812(mation)N
814(in)X
913(the)X
1048(client-generated)X
1603(credential)X
1957(except)X
555 2908(the)N
673(UID)X
9 f
816(-)X
1 f
860(ON)X
9 f
976(-)X
1 f
1020(CLIENT)X
1325(is)X
1398(discarded.)X
755 3032(If)N
845(no)X
961(mapping)X
1277(exists,)X
1515(the)X
1649(server)X
1882(reacts)X
2105(in)X
555 3128(one)N
701(of)X
798(two)X
948(ways,)X
1163(depending)X
1527(it)X
1601(is)X
1683(configured.)X
2100(In)X
555 3224(our)N
689(friendly)X
970(configuration)X
1429(we)X
1549(default)X
1798(the)X
1922(unmap-)X
555 3320(pable)N
769(requests)X
1072(into)X
1236(the)X
1374(credentials)X
1762(for)X
1896(the)X
2033(user)X
555 3416(``nobody'')N
930(who)X
1095(has)X
1229(no)X
1335(privileged)X
1686(access)X
1918(and)X
2060(has)X
555 3512(a)N
617(unique)X
861(UID.)X
1070(Unfriendly)X
1448(servers)X
1702(return)X
1920(an)X
2021(NFS)X
555 3608(access)N
784(error)X
964(when)X
1161(no)X
1264(valid)X
1446(mapping)X
1748(can)X
1882(be)X
1980(found)X
555 3704(for)N
669(an)X
765(incoming)X
1087(NFS)X
1253(credential.)X
755 3828(Our)N
921(new)X
1095(system)X
1357(call)X
1513(is)X
1606(used)X
1793(to)X
1895(add)X
2051(and)X
555 3924(delete)N
786(entries)X
1039(from)X
1234(the)X
1371(kernel)X
1610(resident)X
1902(map.)X
2118(It)X
555 4020(also)N
718(provides)X
1028(the)X
1160(ability)X
1398(to)X
1494(flush)X
1687(all)X
1800(entries)X
2047(that)X
555 4116(map)N
727(to)X
823(a)X
892(specific)X
1175(UID)X
1351(on)X
1464(the)X
1595(server)X
1825(system,)X
2100(or)X
555 4212(flush)N
873(all)X
1111(entries)X
1483(from)X
1796(a)X
1989(given)X
555 4308(CLIENT)N
9 f
840(-)X
1 f
884(IP)X
9 f
955(-)X
1 f
999(ADDRESS.)X
755 4432(We)N
914(modified)X
1250(the)X
1394(mount)X
1644(daemon)X
1944(\(which)X
555 4528(handles)N
833(NFS)X
1012(mount)X
1249(requests)X
1545(on)X
1658(server)X
1887(systems\))X
555 4624(to)N
655(accept)X
899(a)X
972(new)X
1143(transaction)X
1532(type,)X
1727(the)X
2 f
1862(Kerberos)X
1 f
555 4720(authentication)N
1065(mapping)X
1400(request.)X
1727(Basically,)X
2100(as)X
555 4816(part)N
717(of)X
821(the)X
956(mounting)X
1299(process,)X
1597(the)X
1731(client)X
1945(system)X
555 4912(provides)N
861(a)X
2 f
927(Kerberos)X
1 f
1262(authenticator)X
1711(along)X
1919(with)X
2091(an)X
555 5008(indication)N
1000(of)X
1192(her/his)X
1535(UID)X
9 f
1678(-)X
1 f
1722(ON)X
9 f
1838(-)X
1 f
1882(CLIENT)X
555 5104(\(encrypted)N
929(in)X
1021(the)X
2 f
1149(Kerberos)X
1 f
1484(authenticator\))X
1960(on)X
2069(the)X
555 5200(workstation.)N
1016(The)X
1184(server's)X
1482(mount)X
1728(daemon)X
2024(con-)X
555 5296(verts)N
751(the)X
2 f
889(Kerberos)X
1 f
1234(principal)X
1559(name)X
1773(into)X
1936(a)X
2011(local)X
555 5392(username.)N
932(This)X
1103(username)X
1440(is)X
1521(then)X
1687(looked)X
1933(up)X
2041(in)X
2131(a)X
555 5488(special)N
803(file)X
935(to)X
1022(yield)X
1207(the)X
1329(user's)X
1545(UID)X
1712(and)X
1852(GIDs)X
2050(list.)X
555 5584(For)N
701(efficiency,)X
1078(this)X
1228(file)X
1370(is)X
1458(a)X
2 f
1529(ndbm)X
1 f
1749(database)X
2060(file)X
555 5680(with)N
719(the)X
839(username)X
1169(as)X
1258(the)X
1378(key.)X
1556(From)X
1750(this)X
1886(informa-)X
555 5776(tion,)N
722(an)X
821(NFS)X
990(credential)X
1330(is)X
1405(constructed)X
1797(and)X
1935(handed)X
2399 672(to)N
2522(the)X
2680(kernel)X
2941(as)X
3068(the)X
3226(valid)X
3446(mapping)X
3786(of)X
3913(the)X
2399 768(<CLIENT)N
9 f
2729(-)X
1 f
2773(IP)X
9 f
2844(-)X
1 f
2888(ADDRESS,)X
3303(CLIENT)X
9 f
3588(-)X
1 f
3632(UID>)X
3851(tuple)X
2399 864(for)N
2513(this)X
2648(request.)X
2599 988(At)N
2716(unmount)X
3037(time)X
3216(a)X
3289(request)X
3558(is)X
3648(sent)X
3814(to)X
3913(the)X
2399 1084(mount)N
2641(daemon)X
2932(to)X
3031(remove)X
3309(the)X
3444(previously)X
3819(added)X
2399 1180(mapping)N
2715(from)X
2907(the)X
3040(kernel.)X
3316(It)X
3400(is)X
3488(also)X
3652(possible)X
3949(to)X
2399 1276(send)N
2588(a)X
2666(request)X
2940(at)X
3040(logout)X
3286(time)X
3470(to)X
3574(invalidate)X
3931(all)X
2399 1372(mapping)N
2722(for)X
2859(the)X
3000(current)X
3271(user)X
3448(on)X
3570(the)X
3710(server)X
3949(in)X
2399 1468(question,)N
2729(thus)X
2901(cleaning)X
3211(up)X
3329(any)X
3483(remaining)X
3846(map-)X
2399 1564(pings)N
2594(that)X
2735(exist)X
2907(\(though)X
3177(they)X
3336(shouldn't\))X
3686(before)X
3913(the)X
2399 1660(workstation)N
2797(is)X
2870(made)X
3064(available)X
3374(for)X
3488(the)X
3606(next)X
3764(user.)X
3 f
2399 1852(Security)N
2704(Implications)X
3150(of)X
3237(the)X
3364(Modified)X
3695(NFS)X
1 f
2599 1976(This)N
2806(implementation)X
3372(is)X
3489(not)X
3655(completely)X
2399 2072(secure.)N
2675(For)X
2815(starters,)X
3096(user)X
3259(data)X
3422(is)X
3504(still)X
3652(sent)X
3810(across)X
2399 2168(the)N
2546(network)X
2857(in)X
2967(an)X
3091(unencrypted,)X
3556(and)X
3720(therefore)X
2399 2264(interceptable,)N
2935(form.)X
3232(The)X
3458(low-level,)X
3881(per-)X
2399 2360(transaction)N
2842(authentication)X
3387(is)X
3531(based)X
3805(on)X
3975(a)X
2399 2456(<CLIENT)N
9 f
2729(-)X
1 f
2773(IP)X
9 f
2844(-)X
1 f
2888(ADDRESS,)X
3321(CLIENT)X
9 f
3606(-)X
1 f
3650(UID>)X
3886(pair)X
2399 2552(provided)N
2709(unencrypted)X
3131(in)X
3217(the)X
3339(request)X
3595(packet.)X
3869(This)X
2399 2648(information)N
2822(could)X
3045(be)X
3166(forged)X
3420(and)X
3580(thus)X
3757(security)X
2399 2744(compromised.)N
2907(However,)X
3254(it)X
3330(should)X
3575(be)X
3682(noted)X
3891(that)X
2399 2840(only)N
2577(while)X
2791(a)X
2863(user)X
3033(is)X
3122(actively)X
3412(using)X
3620(her/his)X
3873(files)X
2399 2936(\(i.e.,)N
2567(while)X
2768(logged)X
3009(in\))X
3121(are)X
3242(valid)X
3424(mappings)X
3757(in)X
3841(place)X
2399 3032(and)N
2557(therefore)X
2890(this)X
3047(form)X
3245(of)X
3354(attack)X
3588(is)X
3682(limited)X
3949(to)X
2399 3128(when)N
2604(the)X
2733(user)X
2897(in)X
2989(question)X
3290(is)X
3373(logged)X
3621(in.)X
3753(When)X
3975(a)X
2399 3224(user)N
2554(is)X
2628(not)X
2751(logged)X
2989(in,)X
3091(no)X
3191(amount)X
3451(of)X
3538(IP)X
3629(address)X
3890(for-)X
2399 3320(gery)N
2581(will)X
2744(permit)X
2992(unauthorized)X
3449(access)X
3693(to)X
3793(her/his)X
2399 3416(files.)N
3 f
2399 3608(References)N
1 f
2399 3856(1.)N
2599(S.)X
2696(P.)X
2793(Miller,)X
3046(B.)X
3151(C.)X
3256(Neuman,)X
3580(J.)X
3663(I.)X
3742(Schiller,)X
2599 3952(and)N
2748(J.)X
2832(H.)X
2942(Saltzer,)X
2 f
3217(Section)X
3485(E.2.1:)X
3713(Kerberos)X
2599 4048(Authentication)N
3117(and)X
3283(Authorization)X
3768(System,)X
1 f
2599 4144(M.I.T.)N
2853(Project)X
3126(Athena,)X
3424(Cambridge,)X
3846(Mas-)X
2599 4240(sachusetts)N
2944(\(December)X
3322(21,)X
3442(1987\).)X
2399 4364(2.)N
2599(E.)X
2693(Balkovich,)X
3067(S.)X
3156(R.)X
3254(Lerman,)X
3549(and)X
3690(R.)X
3788(P.)X
3877(Par-)X
2599 4460(melee,)N
2850(``Computing)X
3302(in)X
3403(Higher)X
3664(Education:)X
2599 4556(The)N
2750(Athena)X
3008(Experience,'')X
2 f
3469(Communications)X
2599 4652(of)N
2697(the)X
2831(ACM)X
3 f
3036(28)X
1 f
(\(11\),)S
3306(pp.)X
3426(1214-1224,)X
3829(ACM)X
2599 4748(\(November,)N
3005(1985\).)X
2399 4872(3.)N
2599(R.)X
2724(M.)X
2867(Needham)X
3227(and)X
3394(M.)X
3536(D.)X
3665(Schroeder,)X
2599 4968(``Using)N
2889(Encryption)X
3290(for)X
3429(Authentication)X
3949(in)X
2599 5064(Large)N
2808(Networks)X
3141(of)X
3228(Computers,'')X
2 f
3673(Communi-)X
2599 5160(cations)N
2877(of)X
2985(the)X
3129(ACM)X
3 f
3344(21)X
1 f
(\(12\),)S
3624(pp.)X
3744(993-999)X
2599 5256(\(December,)N
2997(1978\).)X
2399 5380(4.)N
2599(V.)X
2710(L.)X
2811(Voydock)X
3137(and)X
3285(S.)X
3381(T.)X
3482(Kent,)X
3690(``Security)X
2599 5476(Mechanisms)N
3028(in)X
3114(High-Level)X
3507(Network)X
3811(Proto-)X
2599 5572(cols,'')N
2 f
2859(Computing)X
3271(Surveys)X
3 f
3578(15)X
1 f
(\(2\),)S
3829(ACM)X
2599 5668(\(June)N
2793(1983\).)X
2399 5792(5.)N
2599(National)X
2949(Bureau)X
3255(of)X
3396(Standards,)X
3805(``Data)X
2028 6144(March)N
2258(30,)X
2378(1988)X
15 p
%%Page: 15 15
10 s 0 xH 0 xS 1 f
0 32(--)N
4323(--)X
2196 416(-)N
2243(15)X
2343(-)X
755 672(Encryption)N
1136(Standard,'')X
1519(Federal)X
1784(Information)X
755 768(Processing)N
1197(Standards)X
1608(Publication)X
2067(46,)X
755 864(Government)N
1190(Printing)X
1481(Office,)X
1760(Washington,)X
755 960(D.C.)N
926(\(1977\).)X
555 1084(6.)N
755(S.)X
855(P.)X
955(Dyer,)X
1172(``Hesiod,'')X
1563(in)X
2 f
1660(Usenix)X
1918(Confer-)X
755 1180(ence)N
923(Proceedings)X
1 f
1344(\(Winter,)X
1634(1988\).)X
555 1304(7.)N
755(W.)X
916(J.)X
1031(Bryant,)X
2 f
1333(Kerberos)X
1695(Programmer's)X
755 1400(Tutorial,)N
1 f
1057(M.I.T.)X
1285(Project)X
1532(Athena)X
1784(\(In)X
1898(prepara-)X
755 1496(tion\).)N
555 1620(8.)N
755(W.)X
907(J.)X
1014(Bryant,)X
2 f
1308(Kerberos)X
1661(Administrator's)X
755 1716(Manual,)N
1 f
1047(M.I.T.)X
1277(Project)X
1527(Athena)X
1782(\(In)X
1898(prepara-)X
755 1812(tion\).)N
555 1936(9.)N
755(G.)X
877(W.)X
1016(Treese,)X
1294(``Berkeley)X
1681(Unix)X
1884(on)X
2007(1000)X
755 2032(Workstations:)N
1335(Athena)X
1698(Changes)X
2105(to)X
755 2128(4.3BSD,'')N
1118(in)X
2 f
1213(Usenix)X
1469(Conference)X
1872(Proceed-)X
755 2224(ings)N
1 f
908(\(Winter,)X
1198(1988\).)X
555 2348(10.)N
755(C.)X
881(A.)X
1012(DellaFera,)X
1402(M.)X
1546(W.)X
1695(Eichin,)X
1977(R.)X
2103(S.)X
755 2444(French,)N
1021(D.)X
1122(C.)X
1218(Jedlinsky,)X
1563(J.)X
1637(T.)X
1729(Kohl,)X
1932(and)X
2071(W.)X
755 2540(E.)N
857(Sommerfeld,)X
1305(``The)X
1516(Zephyr)X
1780(Notification)X
755 2636(System,'')N
1103(in)X
2 f
1203(Usenix)X
1464(Conference)X
1872(Proceed-)X
755 2732(ings)N
1 f
908(\(Winter,)X
1198(1988\).)X
555 2856(11.)N
755(M.)X
886(A.)X
1004(Rosenstein,)X
1415(D.)X
1533(E.)X
1642(Geer,)X
1858(and)X
2013(P.)X
2116(J.)X
755 2952(Levine,)N
1027(in)X
2 f
1117(Usenix)X
1368(Conference)X
1766(Proceedings)X
1 f
755 3048(\(Winter,)N
1045(1988\).)X
555 3172(12.)N
755(R.)X
858(Sandberg,)X
1211(D.)X
1319(Goldberg,)X
1671(S.)X
1764(Kleiman,)X
2089(D.)X
755 3268(Walsh,)N
1013(and)X
1162(B.)X
1268(Lyon,)X
1490(``Design)X
1804(and)X
1953(Imple-)X
755 3364(mentation)N
1096(of)X
1184(the)X
1302(Sun)X
1446(Network)X
1747(Filesystem,'')X
755 3460(in)N
2 f
856(Usenix)X
1118(Conference)X
1527(Proceedings)X
1 f
1967(\(Sum-)X
755 3556(mer,)N
920(1985\).)X
2028 6144(March)N
2258(30,)X
2378(1988)X
0 6360(--)N
4323(--)X
15 p
%%Trailer
xt
xs