Despite whatever I have mentioned in the very first part of the topic, let’s just see how the process moves on and how a connection got established in order to get a reliable network setup. According to an IT Consulting firms, for instance, Pro Link Systems, rest of the brief information about Kerberos is as follow.
When a client wish to make a connection with the server, first of all it contacts with Authentication Server – AS just to make itself authenticated and so that ultimately it gets a ticket to the next step. As the client is gifted with the ticket, it then moves on to Ticket Granting Server – TGS and confirm its identity by showing the ticket it has got in the very first step. Apart from self-authentication, it also request the TGS for a specific service to use, if the TGS found the ticket useful and genuine, it will issue another ticket to the client for confirmation. As it receives the confirmation ticket, it then step forward to meet with Service Server – SS and shows the ticket to make sure SS that it has got the right to get particular sorts of service. However, the process may seems a little bit complicated and lengthy, but it is not the case so as the client is required to authenticates itself once from the Authentication Server – AS, and it will allot a secret key, in general terminology, a password. Later on if the client wish to get some services from the SS, it will require to re-use the same secret key or ticket in order to get additional service permissions from the TGS to access SS.
Although, adopting Kerberos is a good approach to have a secure network connection and communication, but there are some demerits come along with the usage. For instance, kerberos server is required to be available 24x7 to serves clients and server, if the main protocol is found inactive, network connection will not take place and ultimately, users will not be entertained to carry a secure communication with the server. Regardless of the demerits, adopting Kerberos is a good approach to have secure network connection, but still you are to make advice with IT consulting firm to help you out in order to establish a secure connection.
No comments:
Post a Comment