Závěrečná práce: Bc. Tomáš Král: Advanced authentication in Java applications using Kerberos protocol
Diplomová práce
Advanced authentication in Java applications using Kerberos protocol
Anotace
Tato práce se zabývá autentizací a autorizací v Java aplikacích s využitím protokolu Kerberos. Zejména možností uložení servisního lístku na flash disk nebo na čipovou kartu a jeho pozdějším použitím na jiném počítači pro autentizaci/autorizaci přístupu k nějaké aplikaci. V rámci práce byly vytvořeny aplikace demostrující uložení lístku na flash disk, nebo na čipovou kartu a jeho následné použití …více
Abstract
This thesis deals with authentication and authorization in Java applications using Kerberos protocol. Especially with the possibility of saving a service ticket on a flash drive or on a smart card and later using it on another machine to make an authorized service request to a third party application. Demonstration applications showing a working solution for both --- saving of a ticket and using of …více
Zadání práce
The student is required to study problems of transfer and working with TGT tickets (Ticket-Granting Ticket) and Session Tickets.
Next, the student should design an application which allows the user to authenticate against Kerberos KDC (Key Distribution Center) in Microsoft Active Directory and after a successful authentication, a storage of issued TGT ticket and a session ticket for selected service.
The thesis should include a demo application which enables to store an issued ticket in a smart card or a flash drive, according to the user's selection. Subsequently, using the smart card/flash drive, the user should authorise to the service and show that he is entitled to use the application.
In both options of the session ticket transfer, the student should consider risks of theft and use appropriate methods to reduce this risk.
This thesis is posted within AIF (Association of Industrial Partners) for Y Soft company.
RNDr. Ondřej Krajíček will be available as a consultant, the meetings will be held irregularly once a month. He can also be contacted for individual appointments.
The diploma thesis requires at least two terms; whilst its practical part should be completed during the first term.
Materials:
- AD Kerberos – http://technet.microsoft.com/en-us/library/cc753173(WS.10).aspx
- The Kerberos Network Authentication Service (V5) (RFC 4120) – http://tools.ietf.org/html/rfc4120
- SSO Using Kerberos in Java – http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/single-signon.html
The thesis is posted within the project of OP EC (Operational program Education for Competitiveness) with the title Platform of Research and Educational Cooperation of FI MU in Data Processing, Reg. No. CZ.1.07/2.4.00/12.0049 and activities of AIF.
27. 5. 2011 10:23, Mgr. Pavel Tuček
Vedoucí
abs FI MU
Práce na příbuzné téma
Seznam prací, které mají shodná klíčová slova.
-
Data Privacy in Cloud Outsourcing
Mgr. Abdelfattah Essarrar -
Integrace vybraného captive portálu pro systém Kernun
Mgr. Richard Groma -
A Mobile Android Application for Music Recommendation
Mgr. Jakub Hančin -
Vzdálené přihlášení na servery pomocí protokolu OpenID Connect
Mgr. Ondřej Velíšek -
Towards User-Centric Identity Federations
RNDr. Michal Procházka, Ph.D., učo 39700 -
Towards User Centric Identity Federations
RNDr. Michal Procházka, Ph.D., učo 39700 -
Authentication and Authorization of Users of the INJECT Platform
Bc. Richard Glosner, učo 524761 -
Analýza autentizačních metod single sign-on v prostředí Active Directory
Mgr. Bc. Jan Rejchrt




