Discuss the particulars of each attack scenario and how Kerberos defends against

Question

Discuss the particulars of each attack scenario and how Kerberos defends against it.

1. A user gains access to a particular workstation and pretends to be another user from that workstation.

2. An attacker acts as the “man in the middle” between two computers (e.g. client and the server). The attacker spoofs each computer to “think” they have connected to the correct computer, when in fact the attacker is intercepting all transmissions. The attacker can then monitor or change any of the data before routing it on to the intended computer.

3.An eavesdropper obtains the IP address of an authenticated workstation and reconfigures another workstation to impersonate the authenticated workstation

Explanation / Answer

In any of these cases, an unauthorized user may be able to gain access to services and data that he or she is not authorized to access. Rather than building in elaborate authentication protocols at each server, Kerberos provides a centralized authentication server whose function is to authenticate users to servers and servers to users. Kerberos relies exclusively on symmetric encryption, making no use of public-key encryption.

Related Questions

Navigate

• Browse (All)
• Browse D
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.