skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Final report and recommendations of the ESnet Authentication Pilot Project

Technical Report ·
DOI:https://doi.org/10.2172/10109518· OSTI ID:10109518
;  [1];  [2];  [3];  [4]
  1. Pacific Northwest Lab., Richland, WA (United States)
  2. Lawrence Livermore National Lab., CA (United States)
  3. Argonne National Lab., IL (United States)
  4. National Energy Research Supercomputer Center, Livermore, CA (United States)
+ Show Author Affiliations

To conduct their work, U.S. Department of Energy (DOE) researchers require access to a wide range of computing systems and information resources outside of their respective laboratories. Electronically communicating with peers using the global Internet has become a necessity to effective collaboration with university, industrial, and other government partners. DOE`s Energy Sciences Network (ESnet) needs to be engineered to facilitate this {open_quotes}collaboratory{close_quotes} while ensuring the protection of government computing resources from unauthorized use. Sensitive information and intellectual properties must be protected from unauthorized disclosure, modification, or destruction. In August 1993, DOE funded four ESnet sites (Argonne National Laboratory, Lawrence Livermore National Laboratory, the National Energy Research Supercomputer Center, and Pacific Northwest Laboratory) to begin implementing and evaluating authenticated ESnet services using the advanced Kerberos Version 5. The purpose of this project was to identify, understand, and resolve the technical, procedural, cultural, and policy issues surrounding peer-to-peer authentication in an inter-organization internet. The investigators have concluded that, with certain conditions, Kerberos Version 5 is a suitable technology to enable ESnet users to freely share resources and information without compromising the integrity of their systems and data. The pilot project has demonstrated that Kerberos Version 5 is capable of supporting trusted third-party authentication across an inter-organization internet and that Kerberos Version 5 would be practical to implement across the ESnet community within the U.S. The investigators made several modifications to the Kerberos Version 5 system that are necessary for operation in the current Internet environment and have documented other technical shortcomings that must be addressed before large-scale deployment is attempted.

Research Organization:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Organization:
USDOE, Washington, DC (United States)
DOE Contract Number:
AC06-76RL01830
OSTI ID:
10109518
Report Number(s):
PNL-10382; ON: DE95005755; TRN: 95:001067
Resource Relation:
Other Information: PBD: Jan 1995
Country of Publication:
United States
Language:
English

Similar Records

SciDAC Fusiongrid Project--A National Collaboratory to Advance the Science of High Temperature Plasma Physics for Magnetic Fusion
Technical Report · Thu Aug 31 00:00:00 EDT 2006 · OSTI ID:10109518
+15 more
An authentication infrastructure for today and tomorrow
Conference · Sat Jun 01 00:00:00 EDT 1996 · OSTI ID:10109518
Distributed computing environment in the ESnet Community
Conference · Sun Oct 01 00:00:00 EDT 1995 · OSTI ID:10109518

Related Subjects

99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE
INFORMATION SYSTEMS
SECURITY
COMPUTER NETWORKS
VULNERABILITY
INFORMATION THEORY
ON-LINE SYSTEMS
PROPRIETARY INFORMATION
990200
MATHEMATICS AND COMPUTERS