Please use this identifier to cite or link to this item: http://drsr.daiict.ac.in//handle/123456789/316
Title: Performance evaluation of kerberos cross-realm authentication using SIMNET
Authors: Mathuria, Anish M.
Sethi, Ankit Kumar
Keywords: Computer security
Access control
Security measures
Cross-realm authentication
SIMNET
Computer program language
Access control
Data protection
Issue Date: 2011
Publisher: Dhirubhai Ambani Institute of Information and Communication Technology
Citation: Sethi, Ankit Kumar (2011). Performance evaluation of kerberos cross-realm authentication using SIMNET. Dhirubhai Ambani Institute of Information and Communication Technology, x, 43 p. (Acc.No: T00279)
Abstract: Today, the network is being implemented in such a manner that consist of geographi- cally diverse clients and distributed as well as centralized servers. To prevent unauthorized access to system resources such as servers, authentication is required. Kerberos is a trusted third party network authentication protocol which securely authenticates the users over insecure communication channel. Due to change in requirements and better utilization of resources, the client and server may reside across organizational boundary. To access such resources, a user has to authenticate itself. Cross-realm authentication is such a technique which facilitates authentication across the realms. In Cross-realm authentication, initially a user has to authenticate to it local Authentication Server (AS) and get the credentials. Acquired credentials are used to authenticate the user to the application server which resides over destination realm. Crescenzo and Kornievskaia designed an e cient protocol for cross-realm authentica- tion that decreases communication over the internet. They considered an extension to the original Kerberos protocol that enables cross-realm operations, identi ed its ine ciencies and proposed an alternative protocol called Fake Ticket Protocol (FTP). In FTP, local AS generates a ticket for the user to access the application server in destination realm and instead of sending it to destination AS, it is forwarded to the application server directly by user. Because application server cannot determine the legitimacy of ticket, it was named as Fake Ticket and so the protocol as Fake Ticket Protocol. Simnet is a network simulator which provides the functionality to simulate network security protocols. Using Simnet, we implemented Kerberos and FTP with their full capabilities. The aim of this thesis is to do the performance evaluation of the kerberos protocol vi and Fake Ticket Protocol for the Cross-Realm approach using Simnet. The simulation results show that in the scenario where a client repeatedly authen ticates to a stateless server using the same ticket, the original Kerberos cross-realm protocol performs better than FTP. In the case that the client authenticates to the server only once, FTP does better.
URI: http://drsr.daiict.ac.in/handle/123456789/316
Appears in Collections:M Tech Dissertations

Files in This Item:
File Description SizeFormat 
200811008.pdf
  Restricted Access
806.2 kBAdobe PDFThumbnail
View/Open Request a copy


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.