Download presentation
Presentation is loading. Please wait.
Published byKerry Osborne Modified over 9 years ago
1
ACCESS CONTROL MANAGEMENT By: Poonam Gupta Sowmya Sugumaran
2
Project Goal The primary goal of access control management is to preserve and protect the confidentiality, integrity, and availability of information, systems, and resources.
3
What is Access Control process by which users are identified and granted certain privileges to resources limits the use of a resource
4
Types of Access Control 1.Discretionary-owner 2.Mandatory-authorities 3.Role-based-according to role 4.Rule-based-pre determined rules
5
Access Control Technologies Tokens Smart cards Encrypted keys Passwords Popular Technologies
6
Kerberos Authentication Protocol For Client/Server Application Using Secret Key Cryptography
7
VPN ACP (Kerberos) Gateway Internet
8
Kerberos Three things happen between client and server when client Initiate to allocate resources AS Exchange TGS Exchange Client/Server (CS) Exchange
9
http://technet.microsoft.com/en- us/library/bb742516.aspx
10
Technical Details User name Password Policies AS Server KGS Sever Resource 1 Resource 2 1 3 2 4 4
11
Technical Details Step 1: User-Client Logon (i)User-username & pswrd-client (ii)client-H(pswrd)-secret key of user Step 2: Client Authentication(Client-AS) (i)Client sends user ID AS generates secret key from database (ii)AS sends 2 messages to client: Msg A- Client/TGS session key encrypted by user’s secret key Msg B- TGT encrypted with TGS’s secret key
12
Contd.. Step 3: Client Service Authorization(Client-TGS) (i)Client-2 messages to TGS: Msg C- TGT & service ID Msg D- Authenticator(user ID, timestamp) encrypted using client/TGS session key (ii)TGS decrypts TGT & authenticator and sends 2 msgs to client: Msg E-Client-to-Server ticket Msg F-Client/Server session key encrypted with Client/TGS session key.
13
Step 4: Client Service Request (Client- Service Server) (i)Client sends 2 msgs to SS: Msg E(Client/SS ticket) Msg G-Authenticator (user ID, timestamp, C/S session key) (ii)SS decrypts to get C/S session key SS decrypts authenticator and sends msg to client Msg H-Timestamp in client’s authenticator+1 encrypted using C/S key
14
Roadmap of the Project TASKMONTHWEEK Understanding the project January3 – 4 Installing Kerberos & Proposal preparation February1 Proposal Presentation February2 Coding, Testing & Debugging February- March 3- 4 ImplementationMarch- April 4- 2 Final Presentation Preparation April3-4 Final PresentationMay1
15
Thank You…!!!
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.