Kerberos.
Next: Taos.
Up: Discussion
Previous: SESAME.
In Kerberos[13], the end-point contacts
authentication server for every signature authentication as it uses
shared key approach. SDM allows implementation via public keys and
hence need not contact an authentication server every time. Kerberos
does not support roles. Principals can restrict their privileges
before delegation. Also, kerberos does not support cascaded
delegation. There is no mechanism mentioned for revocation.
Nataraj Nagaratnam
Mon Mar 16 18:02:57 EST 1998