Abstract
I’m going to start with the point which Dieter finished with yesterday, that Kerberos was originally intended to have three heads. The first was supposed to be an authentication mechanism, next there was supposed to be an authorisation or access control stage, and then there was supposed to be accounting, auditing and that kind of thing. My perception is that we did the first one, and we were half-way through doing the second one when public key cryptography came along. Then we all disappeared down a rabbit hole for twenty years, and we’ve just emerged now. The effect of public key was that we went back and did authentication again, but we never re-did authorisation, or did audit at all. Traditionally the authentication that’s associated with access control is a strong authentication, and it’s linked directly to the authorisation mechanism. The link between access and audit is indirect, and they’re linked via the identity that was used to do the authentication. There’s something not quite right about this. Even if (partial) anonymity isn’t a requirement, when you sit back and look at it dispassionately, it’s not the right way to do it. The fact that this isn’t quite right has some implications for system infrastructure that I want to raise.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Christianson, B. (2006). Anonymous Authentication (Transcript of Discussion). In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2004. Lecture Notes in Computer Science, vol 3957. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11861386_37
Download citation
DOI: https://doi.org/10.1007/11861386_37
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40925-0
Online ISBN: 978-3-540-40926-7
eBook Packages: Computer ScienceComputer Science (R0)