Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACCESS CONTROL MANAGEMENT By: Poonam Gupta Sowmya Sugumaran.

Published byKerry Osborne Modified over 9 years ago

Similar presentations

Presentation on theme: "ACCESS CONTROL MANAGEMENT By: Poonam Gupta Sowmya Sugumaran."— Presentation transcript:

1 ACCESS CONTROL MANAGEMENT By: Poonam Gupta Sowmya Sugumaran

2 Project Goal The primary goal of access control management is to preserve and protect the confidentiality, integrity, and availability of information, systems, and resources.

3 What is Access Control process by which users are identified and granted certain privileges to resources limits the use of a resource

4 Types of Access Control 1.Discretionary-owner 2.Mandatory-authorities 3.Role-based-according to role 4.Rule-based-pre determined rules

5 Access Control Technologies Tokens Smart cards Encrypted keys Passwords Popular Technologies

6 Kerberos Authentication Protocol For Client/Server Application Using Secret Key Cryptography

7 VPN ACP (Kerberos) Gateway Internet

8 Kerberos Three things happen between client and server when client Initiate to allocate resources AS Exchange TGS Exchange Client/Server (CS) Exchange

9 http://technet.microsoft.com/en- us/library/bb742516.aspx

10 Technical Details User name Password Policies AS Server KGS Sever Resource 1 Resource 2 1 3 2 4 4

11 Technical Details Step 1: User-Client Logon (i)User-username & pswrd-client (ii)client-H(pswrd)-secret key of user Step 2: Client Authentication(Client-AS) (i)Client sends user ID AS generates secret key from database (ii)AS sends 2 messages to client: Msg A- Client/TGS session key encrypted by user’s secret key Msg B- TGT encrypted with TGS’s secret key

12 Contd.. Step 3: Client Service Authorization(Client-TGS) (i)Client-2 messages to TGS: Msg C- TGT & service ID Msg D- Authenticator(user ID, timestamp) encrypted using client/TGS session key (ii)TGS decrypts TGT & authenticator and sends 2 msgs to client: Msg E-Client-to-Server ticket Msg F-Client/Server session key encrypted with Client/TGS session key.

13 Step 4: Client Service Request (Client- Service Server) (i)Client sends 2 msgs to SS: Msg E(Client/SS ticket) Msg G-Authenticator (user ID, timestamp, C/S session key) (ii)SS decrypts to get C/S session key SS decrypts authenticator and sends msg to client Msg H-Timestamp in client’s authenticator+1 encrypted using C/S key

14 Roadmap of the Project TASKMONTHWEEK Understanding the project January3 – 4 Installing Kerberos & Proposal preparation February1 Proposal Presentation February2 Coding, Testing & Debugging February- March 3- 4 ImplementationMarch- April 4- 2 Final Presentation Preparation April3-4 Final PresentationMay1

15 Thank You…!!!

Download ppt "ACCESS CONTROL MANAGEMENT By: Poonam Gupta Sowmya Sugumaran."

Similar presentations

1 Kerberos Anita Jones November, 2006. 2 Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.

1 Kerberos Anita Jones November, Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
CS5204 – Operating Systems 1 A Private Key System KERBEROS.

CS5204 – Operating Systems 1 A Private Key System KERBEROS.
A less formal view of the Kerberos protocol J.-F. Pâris.

A less formal view of the Kerberos protocol J.-F. Pâris.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.

KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.

IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.
Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.

Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.

1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.

Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.
Winter 2006Prof. R. Aviv: Kerberos1 Kerberos Authentication Systems.

Winter 2006Prof. R. Aviv: Kerberos1 Kerberos Authentication Systems.

Similar presentations

Ads by Google