Project Athena
j.lee
jlee at sobeco.com
Tue May 14 23:10:56 AEST 1991
In <%M_*_#*@ads.com> henry at ADS.COM (Henry Mensch) writes:
>there is nothing of value (i.e., user data, service provision) on an
>workstation in an Athena-style environment. this concept is that of
>the dataless workstation; in this model, your workstation is like a
>public telephone: you authenticate to it (with your Kerberos private
>key/"password" for the workstation; with your calling card or other
>payment method to the public telephone), and you use it. there's
>nothing on the phone which guarantees you privileged access to any
>other phone user's data on the network, and the same goes for the
>Athena workstation.
I have read several of the Kerberos papers, but two questions remain:
(1) Sure, the central servers don't have to trust my workstation, but
I (as an end-user) do. How can I be sure that when I walk up to a
workstation with a login prompt that I can trust the "login" code?
Workstations are NOT like telephones in that they are smart devices
and can easily be reprogrammed.
(2) End-users authenticate themselves by typing in a password. How
do servers authenticate themselves? Is the service password compiled
into the binary, and if so, how do you protect both the binary and the
source?
>you can educate yourself; there are papers available which describe the
>various Athena network services ... FTP to ATHENA-DIST.MIT.EDU ...
>look in the pub directory.
If the answers to these questions really are in the papers, feel free
to tell me so. However, the last time I looked into Kerberos, these
issues were not covered in the papers I read.
Jeff Lee jlee at sobeco.com || jonah at cs.toronto.edu
More information about the Comp.unix.admin
mailing list