Kerberos is a network authentication protocol designed at MIT to provide a strong authentication for client/server applications by using cryptographic techniques. Till today, the implemented MIT Kerberos protocol authenticates the client to the dedicated Kerberos server before the client can access any available service with no further need to prove its identity. This achieves the goal of Single-Sign-On (SSO) for most of the services requiring authentication on the network.
we have enhanced the existing Kerberos protocol by providing a strong second factor of authentication along with the existing authentication factor. A strong pre-auth mechanism is developed which will be using one-time-passwords (OTP) for authentication. This will increase the security mechanism and has removed the deficiency of password compromise. A new tracking mechanism is incorporated in the Kerberos server. This helps Kerberos server to track which user is actually using the service. OTP mechanism also helps to log undesired number of unsuccessful attempts from the user side and lock the user. Once the user has been locked, only user can unlock himself by providing the proper credentials.
>> I understand that setting up the whole kerberos system can be scary at first glance and u need to follow all the steps very carefully. Feel free to ask me/write me if u r planning any future kerberos development or want to know more about the above described work.
>> MIT kerberos site is having excellent info about the kerberos-setup and can be used as a reference for all the dev work.
