“Typhon: Um Serviço de Autenticação e Autorização Tolerante a Intrusões”
in 2th Simpósio de Informática (INFORUM), Sept. 2010.
Abstract: The Kerberos v5 standard specifies how the clients and services of a distributed system may mutually authenticate through the use of a centralized authentication service. If this service fails, by crash or in an arbitrary way (e.g., software bug, hardware problem, intrusion), the clients and services that depend on it are not able to authenticate between themselves. This paper presents an authentication and authorization service that complies with RFC 4120, and that uses Byzantine-fault-tolerant state machine replication and secure components to make the service more resilient. These secure components guarantee that clients' and services' secret keys are kept private even in the presence of intrusions. The evaluation results show that the proposed service has similar latency and throughput values to the ones of a well known Kerberos implementation.
Research line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)