pls send me the answer for this question

Russ Allbery rra at stanford.edu
Thu Jan 15 02:46:14 EST 2004


"Mani K" <manik at batelco.com.bh> writes:

> Which of the following is addressed by Kerberos?

> a.	authorization and authentication

Kerberos is an authentication system, so the best answer is "part of (a)".
Kerberos in and of itself does not do authorization except for its own
internal administrative functions, although it's certainly possible to
build any number of different authorization systems on top of Kerberos.

> b.	validation and integrity

I don't know exactly what you mean by validation here.

> c.	confidentiality and integrity

Kerberos in and of itself does not provide confidentiality, but
essentially all Kerberos-enabled applications can negotiate a privacy
layer at the same time.  Usually Kerberos is used via an authentication
and confidentiality negotiation protocol such as GSSAPI or SASL which
includes a way of negotiating a privacy layer.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>


More information about the Kerberos mailing list