Abstract
This chapter focuses on the Kerberos authentication protocol, the default authentication protocol of Windows Server 2003. Microsoft introduced Kerberos as the new default authentication protocol for enterprise environments in Windows 2000. Every Windows 2000, Windows XP, and Windows Server 2003 operating system platform includes a client Kerberos authentication provider. Over the past years, Microsoft has been actively involved in the Kerberos standardization process. Microsoft software engineers participated in the creation of several Kerberos-related Internet drafts. The basic Kerberos protocol only deals with authentication. Microsoft's implementation of the protocol also includes extensions for authorization. The Kerberos protocol always deals with three entities: two entities that want to authenticate to one another and one entity that mediates between these two entities, a trusted third party or the key distribution center (KDC). To make Kerberos more scalable, the Kerberos developers included the concept of a KDC that is a trusted third party with which every entity shares a secret key. This key is called the entity's master key. All entities trust the KDC to mediate in their mutual authentication. The KDC also maintains a centralized authentication database containing a copy of every user's master key.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
