Authentication Services
Open systems interconnection is a standard established for communicating between computers, whether they were interconnected through LAN, MAN or WAN. But the standard did not specify the networking protocols. Nor did it clearly demarcate various layers of communication such as application layer, transport layer, etc. Given such an environment, many networking protocols have come up.
Networking is not very simple. Different data types need to travel across the network by different communication channels such as wireless network, and optical wire network. At times, it is a combination of one or more such channels. Not only is it important that receiver should be able to see the data as it was meant to be, the data should also be secure. There is always a risk of data being accessed by people for whom it was not intended. Network authentication protocols were evolved to ensure that such things do not happen, or are minimized. Such network authentication protocols are required at different levels of data transmission or data access. Again there are many such protocols. They may be used in combination as well. They may or may not be confined to the layers as defined under Open system interconnection standard, but still conform to OSI.
Any such authentication protocol requires Network authentication services. These services need to ascertain whether the identification provided by the user or server that is trying to access the information is indeed correct. This procedure is followed by authorization procedure. This procedure gives access to the users or servers that may access the information. Such authorization may also mean verifying whether the user or server is authorized to access the website or information. Apart from this, there is another function that is carried out by Network authentication services. This is the accounting function. Network services keep an account of who accessed the information at what time, for how long. Example of such services include RADIUS or remote authentication Dial in User Service.
Information and knowledge is a powerful tool that can be used and abused by anyone. And protecting it is such a big task to deal with. So some companies are dedicated to help us protect this important knowledge and information. The Kerberos protocol give and provides 3rd party authentication where a person or a user proves his or her identity to a common or centralized server, called a Kerberos server or also known as key distribution center - KDC, which issues some tickets to the user. The user can then use these said tickets to prove his or her information and identity on the network. The ticket removes and eliminates the need for multiple sign-ins to different systems.
The Network Authentication Service Application Programmable Interfaces or APIs that the iSeries supports started and originated from Massachusetts Institute of Technology MIT and have become the standard for using the Kerberos protocol. A Kerberos is a tool or system to network authentication protocol. It is made and designed to give strong authentication for client and server applications by using secret-key or code cryptography. A free implementation of this system protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many different commercial products as well.
Kerberos was made and created by MIT as a answer and solution to these network security problems. The Kerberos protocol uses much stronger cryptography so that a client can show and prove its identity to a server and also vice versa across a dangerous-insecure network connection. After a client and server has made it connection and used Kerberos to prove their identity, they can also encrypt all of their information and communications to assure privacy and data integrity as they go and deal about their business. The idea here is that users control their own information and limit what they need to share with others. This is very beneficial for security and privacy