KAMU: providing advanced user privacy in Kerberos multi-domain scenarios

KAMU: providing advanced user privacy in Kerberos multi-domain scenarios

In Next Generation Networks , Kerberos is becoming a key component to support authentication and key distribution for Internet application services. However, for this purpose, Kerberos needs to rectify certain deficiencies, especially in the area of privacy, which allow an eavesdropper to obtain inf...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of information security 2013-11, Vol.12 (6), p.505-525
Hauptverfasser: Pereñíguez-García, F., Marín-López, R., Kambourakis, G., Ruiz-Martínez, A., Gritzalis, S., Skarmeta-Gómez, A. F.
Format: Artikel
Sprache:eng
Schlagworte:
Applied sciences
Authentication
Authentication protocols
Coding and Information Theory
Communication systems
Communications Engineering
Communications systems
Computer Communication Networks
Computer information security
Computer Science
Computer science
control theory
systems
Computer systems and distributed systems. User interface
Cryptography
Cryptology
Cybersecurity
Exact sciences and technology
Information, signal and communications theory
International
Internet
Management of Computing and Information Systems
Memory and file management (including protection and security)
Memory organisation. Data processing
Messages
Networks
Operating Systems
Personal information
Privacy
Proposals
Protocol
Regular Contribution
Servers
Signal and communications theory
Software
Studies
Telecommunications and information theory
Weight reduction
Wireless networks
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In Next Generation Networks , Kerberos is becoming a key component to support authentication and key distribution for Internet application services. However, for this purpose, Kerberos needs to rectify certain deficiencies, especially in the area of privacy, which allow an eavesdropper to obtain information of the services users are accessing. This paper presents a comprehensive privacy framework that guarantees user anonymity, service access unlinkability and message exchange unlinkability in Kerberos both in single-domain and multi-domain scenarios. This proposal is based on different extensibility mechanisms already defined for Kerberos, which facilitate its adoption in already deployed systems. Apart from evaluating our proposal in terms of performance to prove its lightweight nature, we demonstrate its capability to work in perfect harmony with a widely used anonymous communication system like Tor.
ISSN:1615-5262
1615-5270
DOI:10.1007/s10207-013-0201-1