[Bytes Link logo]

Kerberos, a network authentication system

by Dave Keays, dave@RDKsoftware.com - February 18, 2002 at 19:13:07:

written by Brian Tung published by Addison-Wesley Longman, Incorporated ISBN: 0-201-37924-4 list: $19.95

reviewed by Dave Keays, NOCCC

I don't think I have ever seen so much information in so few pages.

Kerberos is a network security system that requires users to enter a password only once a day. It was developed at MIT by Clifford Neuman in the 80's and can be downloaded from their web site (http://web.mit.edu/kerberos/www/index.html)for free.

The author of this book, Brian Tung, is a computer scientist at the USC Information Sciences Institute, where he is currently designing and implementing extensions to Kerberos. He is also the author of the page "The Moron's Guide to Kerberos" at http://www.isi.edu/gost/brian/security/kerberos.html. (He claims he is the moron he is referring to.)

The book targets a large audience that consists of: Unix users, Windows users, administrators, and computer programmers. But it doesn't stop there. It also touches on topics such as security basics, password usage, public keys, smart cards, and Greek mythology (Kerberos was a three headed dog that guarded the gates to Hades).

This book has something for many people. It explains to users how Kerberos figures out who you are and what you need to do to preform specific tasks. But just it doesn't short the big guys: administrators learn how to setup and configure a Kerberos server, and computer programmers are told how to develop a Kerberized application. Even those that don't care about Kerberos can benefit from this books various discussions on security, such as cryptography.

At first I thought this would be a quick reference for Kerberos. Boy was I wrong. While the book does show each command and any necessary options, it goes into enough details and explains more that just which keys to press.

The only negative thing I have to say about the book is that it is too Unix oriented.

Don't get me wrong, it does include information about how to use Kerberos in Windows (Win9x/Win NT/Win 2000). However, to get to this information and to understand it you have to read the parts that explain how each task is done in Unix. A reader that jumps past the Unix explanations wont get a chance to learn a lot about how Kerberos works and why certain tasks are necessary.

The bottom line is that this book explains each task in depth and covers so much ground that it could be on my shelf years after Kerberos is gone.

"Kerberos, a Network Authentication System" is available at: half.com $9.79 (used), Amazon.com $13.96, Barnes and Noble $15.00 (used) or $19.95 (new)



Return to Listing
Home | About NOCCC | Special Interest Groups | Calendar | Membership Information
Meeting Location | Links | Orange Bytes Newsmagazines | Classified Ads | Search the Web

[------STRIPE-----]


Site Disclaimer Suggestions? E-Mail to webmaster@noccc.org
Content suggestions? editor@noccc.org
Last update: 2/18/2002

Copyright © 1995-7 by North Orange County Computer Club. All rights reserved. Articles by NOCCC authors may be reprinted by other user groups without permission provided they are unaltered and the publication acknowledges the author thereof and NOCCC. Articles contained herein by authors from other organizations retain their original copyright.
Site assistance by CitiVU.