Layering central authentication on existing distributed system terminal services: Revision 2

Nessett, D. M.

doi:10.1109/SECPRI.1989.36303

Title: Layering central authentication on existing distributed system terminal services: Revision 2

Conference · Tue Oct 25 00:00:00 EDT 1988

DOI:https://doi.org/10.1109/SECPRI.1989.36303· OSTI ID:6163977

Nessett, D. M.

Provision of terminal service in a distributed system requires mechanisms to logon and logoff as well as to move textual data between the terminal and remote host. Logon occurs in most distributed systems subsequent to the establishment of a terminal session by means of host specific logon procedures. However, in a distributed system of any size, this approach leads to security and password management problems. When the distributed system is centrally administered, these problems can be rectified through the use of a central authentication service that presents a common logon interface to the user for all distributed system hosts. Normally, central authentication is provided by either initially designing it into a distributed system or supporting it through the modification of distributed system and host operating system software. As an alternative strategy, central authentication can be layered onto existing terminal services. This approach suggests itself when a large installed base of computer systems that do not support central authentication already exists. Work to assess the feasibility of this approach was carried out. The results demonstrate that layering can be used in certain circumstances to provide central authentication services, although, as a result, the concomitant maintenance costs may increase. It was also determined what terminal service features are necessary so that central authentication is easily layered on existing terminal services. Recommendations are made concerning how to structure terminal services in a distributed system to support an integrated central authentication service. 15 refs., 5 figs.

View Conference

Cite

Export

Save

Research Organization:: Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

DOE Contract Number:: W-7405-ENG-48

OSTI ID:: 6163977

Report Number(s):: UCRL-96080-Rev.2; CONF-890536-1-Rev.2; ON: DE89001814

Resource Relation:: Conference: Symposium on security and privacy, Oakland, CA, USA, 1 May 1989; Other Information: Portions of this document are illegible in microfiche products

Country of Publication:: United States

Language:: English

Similar Records

Layering central authentication on existing distributed system interactive services

Conference · Thu Oct 01 00:00:00 EDT 1987 · OSTI ID:6163977

Nessett, D M

Layering central authentication on the interactive services of an existing homogeneous distributed system

Conference · Sun Feb 01 00:00:00 EST 1987 · OSTI ID:6163977

Nessett, D M

Layering central authentication on existing distributed system terminal services: Revision 3

Conference · Tue Jan 17 00:00:00 EST 1989 · OSTI ID:6163977

Nessett, D. M.

Related Subjects

99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE
COMPUTER ARCHITECTURE
SECURITY
COMPUTER OUTPUT DEVICES
990220* - Computers
Computerized Models
& Computer Programs- (1987-1989)

Title: Layering central authentication on existing distributed system terminal services: Revision 2

Citation Formats

Similar Records

Related Subjects