Unix security & Kerberos
This paper discusses some security issues related to the UNIX operating system, which is today the de facto standard Operating System. The authentication mechanisms have been focused on, both in a central system and in a network environment. It is shown that networking makes UNIX vulnerable if no special measurements are taken. One of these could be the introduction of the Kerberos authentication system which is also becoming a “standard” in open network environments. The Kerberos protocols are described, and their merits and limitations in a possibly hostile environment are discussed.
Unable to display preview. Download preview PDF.
- 1.Ritchie, Dennis M., “On the Security of UNIX.” May 1975. Reprinted in UNIX System Manager's Manual, 4.3 Berkeley Software Distribution. University of California, Berkeley. April 1986.Google Scholar
- 2.Patrick H. Wood, Stephen G. Kochan, “UNIX System Security”, Howard W. Sams & Company, 1985.Google Scholar
- 3.David. A. Curry, “Improving the Security of Your UNIX System,” SRI International Tech. Report ITSTD-721-FR-90-21, April 1990.Google Scholar
- 4.Daniel V. Klein, “Foiling the Cracker”: A Survey of, and Improvements to, Password Security, Draft, 1990Google Scholar
- 5.Eugene H. Spafford, “The Internet Worm Program: An Analysis,” Purdue Tech. Report CSD-TR-823, November 1989, 1988.Google Scholar
- 6.J.G.Steiner, B.C. Neuman, and J.I. Schiller, “Kerberos: An Authentication Service for Open Network Systems,” In Proc. Winter USENIX Conference, Dallas, pp. 191–202, February, 1988.Google Scholar
- 7.Bill Bryant, “Designing an Authentication System: a Dialogue in Four Scenes,” Draft, February 8, 1988.Google Scholar
- 8.John Kohl, Clifford Neuman, The Kerberos Network Authentication Service, MIT project Athena, RFC draft #4, December 20, 1990.Google Scholar
- 9.Steven M. Bellovin, Michael Merritt, “Limitations of the Kerberos Authentication System,” in Proc. Winter USENIX Conference, Dallas, 1991.Google Scholar
- 10.R. Sandberg, D. Goldberg, et al., “Design and Implementation of the Sun Network Filesystem,” in Proc. Summer USENIX Conference, 1985.Google Scholar
- 11.G.W. Treese, “Berkeley Unix on 1000 Workstations: Athena Changes to 4.3BSD,” in Proc. Winter USENIX Conference, 1988.Google Scholar
- 12.Dan Farmer, “COPS and Robbers, UN*X System Security”, January 1991. Available from many Internet archive sites.Google Scholar