What Makes Kerberos Tick?
The Kerberos authentication protocol is made up of three subprotocols (or exchanges). The subprotocols are the Authentication Service (AS), the Ticket-Granting Service (TGS), and the Client/Server Exchange (CS).
The Authentication Service is the first subprotocol used when a user logs on to the network. This subprotocol gives the user a logon, a temporary encryption key (session key), and a TGT. Look at an example (see Figure 11.7):
Figure 11.7. The Authentication Service (AS) exchange.
Jim types his logon name and password to access the network.
The Kerberos client running on the client converts the password to an ...
Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
