Kerberos authentication protocol
For single sign-on, the user login process and authentication must employ a Kerberos 5 network infrastructure, including a dedicated Key Distribution Center computer.
A complete description of the Kerberos security protocol and how to configure it specifically for your system, are beyond the scope of this documentation. This topic orients users new to Kerberos implementations to the starting points for gathering required information.
Overview of Kerberos
Kerberos is a third-party network authentication protocol that employs a system of shared secret keys to securely authenticate a user in an unsecured network environment. The application server and client exchange encrypted keys (tickets), instead of a clear-text user ID and password pair, to establish a user's credentials on the network. A separate server called the Key Distribution Center (KDC) issues a ticket after verifying the validity of a user login.
Each user, or principal in Kerberos terms, possesses a private encryption key that is shared with the KDC. Collectively, the set of principals and computers registered with a KDC are known as a realm.
An encrypted service ticket stores a user's credentials. The database server unencrypts the ticket to verify that the credentials are associated with a user login authorized for access. While a valid service ticket exists on the network, the Informix® instance authorizes logged-in user access to the DBMS. The Kerberos protocol has the following security features:
- Service tickets exist on the network for a limited duration.
- Only the client and the server can unencrypt these tickets, so data is protected if the tickets are intercepted from the network.
- Input of user name and password is limited to the initial login session, reducing the risk of possible interception of clear-text credentials.
Administration of user IDs is simplified because the KDC hosts a central repository for principals. However, the disadvantage of this centralization is that it creates for a single point-of-attack by hackers. You must weigh Kerberos' advantages against this potential threat for your own environment.