- Preventive - to stop unauthorized or unwanted activity from occurring
- Detective - to discover / detect unauthorized or unwanted activity
- Corrective - to restore systems back to normal after unauthorized or unwanted activity has occurred.
- Deterrent - to discourage attackers from violating security policies or take an unwanted action
- Recovery - to repair or restore resources and capabilities after a security policy violation
- Directive - to direct, confine or control the action of subjects to force or encourage compliance with security policy
- Compensation - to provide alternatives to existing controls to aid enforcement and support of a security policy
From the previous post, the summary of Kerberos authentication process is as below: For the initial authentication, the user’s client machine sends a request to the KDC Authentication Service (AS) . The request includes details like the user’s username, and the date and time. All information except the username is encrypted using the hash of the user’s password. The KDC AS uses the username to look up its copy of the user’s password hash and uses it to decrypt the rest of the request. If the decryption is successful, that means the client used the correct password hash and the user has successfully authenticated. Once the user is authenticated, the KDC AS sends the user’s client a ticket granting ticket (TGT) . The TGT includes a unique session key and a timestamp that specifies how long that session is valid (normally 8 or 10 hours). Importantly, before sending the TGT, the KDC encrypts it using the password hash for a special account, the KRBTGT account. ...
Comments
Post a Comment