Logo
RSS Feed

👈🏼 Back to
📚 Session, Presentation, Application Layer

Authentication Protocols

Authentication Mechanisms

This article is all about different authentication/authorisation mechanisms such as Basic Auth, SSO, tokens etc.

📚 Kerberos

Structure

The Flow

- Wanna talk

- Ok. Let’s talk. Here is my public key. Here are the protocols that I support.

- Thanks Checks for known hosts locally. Here’s my password.

Keys

There are several keys that are used in this play. Three keys exist at the very begining. A user has his green key, TGS has its yellow one and the HTTP server has a black one. Each key is private to the party and is not know by other parties. Two more keys are generated during the authentication process: a purple and a crimson one. Keys also need to be printer out: one copy for green, black and yellow keys and two copies for purple and crimson ones. Here is the ininital “state”.

Credential Delegation

Imagine, I have keys to my place. I also have a friend, and I want this friend to take care of my cat when I am out of town. I can make a copy of my keys and give them to my friend. What I did is called delegating the access credentials.