In recent years, great emphasis has been. provided and applied in regard to ensuring the security of communications in networks of clients and servers. Cryptographic systems have been developed for maintaining privacy of information that is transmitted across various communication channels. One type of cryptographic system often used is designated as a "symmetric crypto-system". These symmetric crypto-systems generally utilize electronic keys and can be somewhat compared to physical security systems. An example of this would be the network where a message holding box has a single locking mechanism which has a single keyhole. Then one key holder can use his key to open the box and place a message in the box and then relock the box. Subsequently then, a second holder (who has an identical copy of the key) then unlocks the box and retrieves the message. Here the term "symmetric" indicates the situation where both users have "identical keys".
In computer systems which are designated as a "symmetric crypto-system", the system requires that there be (i) an encryption function E; (ii) a decryption function D; and (iii) a shared secret key, K. In this situation, the "K" key is a unique string of data bits which apply to the encryption and decryption functions.
One particular example of the encipherment/decipherment function is the National Bureau of Standards Data Encryption Standard designated as DES. Another example is the Fast Encipherment Algorithm (FEAL). In this situation, in order to transmit a message (M) with privacy, the sender must compute a ciphertext designated "C" on the basis where C equals E (M,K). In this situation, the recipient terminal, upon receipt of the ciphertext C, then computes the message M equal to D (C,K), enabling the recipient terminal to recover the message "M".
Again here, K is the shared secret-key which functions such that a unauthorized terminal who copies the ciphertext C, but who does not know the shared secret key K, will find himself unable to recover the message M. Here, the security is based on maintaining the secrecy of the key K.
In addition to the above-mentioned "symmetric crypto-systems" there are also systems designated as "Asymmetric Crypto-Systems" often designated as Public Key Crypto-Systems which provide other ways of encrypting information. They differ from symmetric systems, for example, in the physical sense, such that the message box has one lock, but also has two non-identical keys associated with it. Here, either key can be used to unlock the box to retrieve the message which was locked in the box by the other key. This type of system could be made to operate such that keys must be used in a "particular sequence", such that the box can be locked with one key and only then unlocked with the other key. This asymmetric type crypto-system is often designated as a "RSA" system which refers to the names of authors Rivest, Shamir, Adleman (RSA) in a paper described in pages 120-126 of Vol. 21 of CACM (Communications of the Association for Computing Machinery), published in February 1978.
In systems designated as Public Key Electronic Crypto-Systems, each operating entity or terminal has a private key "d", which is only known to that particular entity or terminal. There is also a public key, "eN" which is publicly known. Here, once a message is encrypted with a user's public key, it can only be decrypted using that particular user's "private key", d.
Conversely, if the message is encrypted with the user's "private key". It can only be decrypted using that user's "public key".
A Kerberos Security System is being used as a developing standard for authenticating network users and is often used primarily in the UNIX community where it is useful because it functions in a multi-vendor network and does not transmit passwords over the network.
Kerberos operates to authenticate users, that is to say, it determines if a user is a valid user. It does not provide other security services such as audit trails. Kerberos authentication is based on "passwords" and does not involve physical location or smart cards.
To implement Kerberos in the system, each computer in a network must run Kerberos software. Kerberos works by granting a "ticket" which ticket is honored by all the network computers that are running Kerberos protocol. The tickets are encrypted, so passwords never go over the network in "clear text" and the users do not need to enter their password when accessing a different computer.
Since there is often a need to run Kerberos on every single computer in a network, this sometimes presents a problem for potential users. Considerable effort and time may be involved in porting Kerberos to each different hardware platform in the network.
Kerberos users tended to be large networks which were furnished with extended expertise. Since such resources are not generally available to smaller networks, it is sometimes a problem to make it available to such smaller networks which cannot justify the cost and expense.
The primary benefit of Kerberos is that it prevents a password from being transmitted over the network.
Kerberos networks are involved with the type of systems designated as "symmetric crypto-systems" discussed above. One type of symmetric crypto system is called the "Kerberos Authentication System". This type of system was discussed and published on the Internet by J. T. Kohl and D. C. Neuman in an article entitled "The Kerberos Network Authentication Service" which was published Sep. 19, 1993 on the Internet RFC 1510. Kerberos uses symmetric key crypto-systems as a primitive and often uses the Data Encryption Standard (DES) as a inter-operability standard. Kerberos systems have been adopted as the basis for security service by the Open Software Foundations (OSF), Distributed Computing Environment (DCE). Kerberos was designed to provide authentication and key-exchange, but was not particularly designed to provide digital signatures.
Thus, networks require systems and methods for securing communications which provide a way for one user to authenticate itself to another user and additionally, these often require systems for securing communications which, facilitate digital signatures being placed on a message to provide for non-repudiation.
Kerberized environments involve the transmittal of messages, for example, from a server to a client which leads to several major problems in these networks. One problem involves the inordinate period of time that a client or a server is required to wait after requesting a response to a Kerberos command. As a result of waiting for a response, this causes the controlling software program or process, to wait so that any other clients or servers in the network requesting a service would also have to wait.
Another type of problem involved in Kerberos networks is that there is no existing method of returning unsolicited messages, generated synchronously or asynchronously from a Kerberos Server to a client or other server.
The presently described system functions to overcome those situations where commands, requiring a Kerberos Server's synchronous response, to a client request, are not generated in a timely fashion. Thus, the present system and method permits the utilization of a client-terminal and programs, in an associated client-server and Kerberos Server, to continue to handle service requests.
Additionally, the presently described system and method provides a mechanism for establishing communication paths to handle the disposition of unsolicited messages coming from a Kerberos Server to various clients in the system.
Several other types of problems and inadequacies often arose in operating with Kerberos domains. Often, the user would enter a command and then be presented by a query of whether or not the command works or does not work. This is handled in the present situation whereby the system returns a synchronous response informing the user if that particular command was successful.
Another problem often posed was the situation where the user would interrogate the Kerberos Server settings and the status for certain network connected clients and find that this was not possible to be accomplished. This was resolved by enabling a synchronous message routing to allow network connected clients to obtain current status and settings from the Kerberos Server.