Solved

How Tokens effect Kerberos mechanism

Posted on 2013-05-11
1
293 Views
Last Modified: 2013-05-22
Hello,
I am planning to implement Hadoop Security using Kerberos. It says that using Tokens will ensure KDC is not a bottleneck. I have heard about principle and keytabs. Where does Keberos Tokens come into the picture, Or are kerberos tickets called kerberos tokens...??

Thanks,
0
Comment
Question by:sriveena2010
1 Comment
 
LVL 8

Accepted Solution

by:
Dipak earned 500 total points
ID: 39159171
The words token and ticket depend greatly on the type of system you're dealing with; and in what context you are talking. On Windows NT derivatives, the concept of a token is an identity. When a user or service logs in to a system, the system validates their integrity once, and mints a token, which is handed to that user/service and serves as their identity. The system then doesn't need to validate identity every time a program opens a file, for example. This basically ensures a clean separation between authentication (proving a user/service is who they say they are) and authorization (determining whether a user/service can access some resource).

On the other hand, (again for NT derivatives) the word ticket usually refers to Kerberos tickets. These are used for two machines on a domain to be able to prove each others' identity. After proving one's identity to the domain controller (with traditional means such as password or smart card), the domain controller mints a ticket which can be passed to remote machines to verify identity.

If one is dealing with a remote machine, then it is likely both tickets and tokens are involved. For instance, if machine A opens a file share on machine B, then machine A validates the user using it with the domain controller, thus getting a Kerberos ticket. It then uses the Kerberos ticket to verify its identity with machine B. Machine B then creates a session for machine A, minting a token, to serve as that session identity for local authorization queries on machine B.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Current IT security breaches/attacks in banking 2 108
Low-cost /freeware IOC tools 4 62
Is this error real? 2 52
Windows Password recovery 7 36
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
OfficeMate Freezes on login or does not load after login credentials are input.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question