kerberos協(xié)議是什么
kerberos協(xié)議是什么
Kerberos 是一種網(wǎng)絡(luò)認(rèn)證協(xié)議,其設(shè)計(jì)目標(biāo)是通過密鑰系統(tǒng)為客戶機(jī), 服務(wù)器應(yīng)用程序提供強(qiáng)大的認(rèn)證服務(wù)。接下來小編為大家整理了kerberos協(xié)議是什么,希望對(duì)你有幫助哦!
Kerberos was developed at MIT in 1998s. It was named after the three-headed watchdog in classical Greek mythology that guards the gates to Hades. The name is apt because Kerberos is a three-way process, depending on a thrid-party service called the Key distribution center(KDC)to verify one computer's identity to another and to set up encryption keys for a secure connection between them. Basically, kerberos works because each computer shares a secret with the KDC, which has two components: a Kerberos authentication server and a ticket-granting server. If KDC doesn't know the requested target server, it refers the authentication transaction to another KDC that does. Kerberos is a network authentication protocol that allows one computer to prove its identity to another across an insecure network through an exchange of encrypted messages. Once identity is verified, kerberos provides the two computer with encryption keys for a secure communication session. Kerberos authenticates the identity and encrypts their communications through secret-key cryptography.
kerberos協(xié)議是80年代由MIT開發(fā)的一種協(xié)議。其命名是根據(jù)希臘神話中守衛(wèi)冥王大門的長有三頭的看門狗做的。定名是貼切的,因?yàn)镵ERBEROS是一個(gè)三路處理方法,根據(jù)稱為密匙分配中心(KDC)的第三方服務(wù)來驗(yàn)證計(jì)算機(jī)相互的身份,并建立密匙以保證計(jì)算機(jī)間安全連接。KERBEROS協(xié)議基本上是可行的,因?yàn)槊颗_(tái)計(jì)算機(jī)分享KDC一個(gè)秘密,KDC有兩個(gè)部件:一個(gè)KEBEROS 認(rèn)證服務(wù)器和一個(gè)授票服務(wù)器。如果KDC不知請(qǐng)求的目標(biāo)服務(wù)器,則求助于另一個(gè)KDC完成認(rèn)證交易。KERBEROS 是一種網(wǎng)絡(luò)認(rèn)證協(xié)議,允許一臺(tái)計(jì)算機(jī)通過交換加密消息在整個(gè)非安全網(wǎng)絡(luò)上與另一臺(tái)計(jì)算機(jī)互相證明身份。一旦身份得到驗(yàn)證,KERBEROS協(xié)議給這兩臺(tái)計(jì)算機(jī)提供密匙,以進(jìn)行安全通訊對(duì)話。KERBEROS 協(xié)議認(rèn)證試圖等錄上網(wǎng)用戶的身份,并通過使用密匙密碼為用戶間的通信加密。