Secret passwords are the basis for most computer security systems, but their use is limited to applications with minimal security requirements or where password management is strictly controlled. For today's computer networks and distributed systems, that creates a real security challenge - one which this unique book addresses in-depth. This book concentrates on the use of cryptographic techniques in authentication and key distribution systems. The advantages? Strong authentication at the application layer, secure distribution of session keys, and key-provided data authentication, confidentiality, and integrity services. The book provides a brief description of cryptographic techniques - then explains how a variety of authentication and key distribution systems were designed, how they work, and how they compare. Included are: Kerberos developed by MIT; NetSP developed by IBM; SPX designed and prototyped by Digital Equipment Corp.; TESS developed at the University of Karlsruhe; SESAME developed in Europe. Computer scientists, electrical engineers, and networking specialists - and other professionals involved in security for information technology and networks specifically - discover the various ways in which cryptographic techniques can be used to provide network security. They also learn why authentication and key distribution systems are likely to become the primary means for securing networks and distributed systems in the future.
Introduction: Computer Networks. Distributed Systems. Vulnerabilities and Threats - Passive Attacks, Active Attacks. OSI Security Architecture - Security Services, Security Mechanisms. Authentication and Key Distribution: Cryptography. Authentication - Preliminary Remarks, OSI Authentication Framework, Cryptographic Protocols. Key Distribution. Legal Issues - Patents, Export Controls.; Kerberos: Development. Kerberos Model - Naming Scheme, Basic Protocol, Kerberos Database Management, Inter-Realm Authentication, User and Application Programming Interfaces. Review. Extensions - Charon, Yaksha.; NetSP: Development. Basic Protocols - 2-Party Authentication, Key Distribution, Single Sign-On. Review. Extensions.; SPX: Development. Basic Protocols - Single Sign-On, Authentication. Review. Extensions.; TESS: Development. Basic Protocols. Review. Extensions.; SESAME: Development. Basic Protocols. Review. Extensions.; Summary and Outlook: System Comparisons. Future Outlook.;
-
Rolf Oppliger
Rolf Oppliger leads eSECURITY Technologies, works for the Swiss federal administration, serves as an adjunct professor of computer science at the University of Z¸rich, Switzerland, and is the Information Security and Privacy editor at Artech House. He earned his Ph.D. in computer science from the University of Berne, Switzerland.