The Wealth of Knowledge with Ashley J. Oliver: Identity and Access Management | Single-Sign On (SSO)

Thursday, October 17, 2019

Identity and Access Management | Single-Sign On (SSO) | Kerberos Single-Sign on (SSO)

Okay first, what is it? SSO is a capability that enables end users to enter their credentials one time; then they ca

The most commonly used authentication protocol on the market at present is Kerberos. Fun fact: if the name sounds familiar to you it’s because it is named after Cerberus, (Greek Mythology), the three-headed dog that guards the entrance (gates) to the underworld. MIT is so clever! So, essentially Kerberos was created (by MIT) – food for thought – Cerberus doesn’t only guard the gate, he also prevents the dead from leaving. (disclaimer: I always make learning fun so you will repeatedly see puns and references on my blog, there is no reason learning needs to be boring)!

Why am I even saying this to you? Lol, think for a moment – every Cybersecurity Practitioner, regardless of Job Title, knows that “The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards—and even then I have my doubts.” —Eugene H. Spafford. Clearly, we need to use our computers, mobile phones, tablets, what have you during the day to complete our work and business tasks, so this is an unrealistic expectation. However, Kerberos was brilliantly thought up by MIT in order to do just the same – protect your internal system (assets) from the extremely unsecured use of the internet.

How does it work? So, Kerberos uses Symmetric Cryptography in order for a client to verify it’s identity to a server, known as a KDC. The KDC then acts as an automated distribution center which operates by storing, distributing, and maintaining session and secret keys. The KDC then generates a ticket from the Ticket Granting Service (TGS). Long story short, this TGS operates on a set of principles which is known as a realm in Kerberos. I won’t go into detail here but if you want to learn more about the potential of using Kerberos in your network and its advantages – by all means send me an email and we can talk! I also want to point out before we leave that Kerberos was developed as a part of MIT’s “Project Athena,” Which makes perfect sense considering the clever name of the best SSO technology available to us. Thank you, MIT. (I am a frequent Redhat Linux user, so this definitely resonates with me)

Ashley J. Oliver

Oliver COM Solutions, d/b/a

https://olivercomsolutions.blogspot.com/

www.olivercomsolutions.net

n access resources in both primary and secondary network domains. Why is this relevant? Well, time is essential, especially in the Cybersecurity realm, and we need a product that can speed up that authentication time!

No comments:

Post a Comment

Guest - Ashley Oliver - Cybersecurity, Cash, and You

Even though these are huge advances to the technology community, we still have to be concerned and be aware of the cyber risks that are imposed because if we're not, then we're gonna just make ourselves a target for those types of attacks. Kelly and Karin chat with Ashley Oliver, Syracuse's resident cybersecurity Subject Matter Expert, about her AVR of choice, the upcoming 5G network in Syracuse, and how to get started on a career in cybersecurity. We also discuss ethical hacking, penetration testing, and the difference between antivirus and malware protection. Connect with Ashley LinkedIn | Instagram Read Ashley's latest blog post on polymorphic viruses here Want to learn more about 5G?