skip to main content

Title: Final report and recommendations of the ESnet Authentication Pilot Project

To conduct their work, U.S. Department of Energy (DOE) researchers require access to a wide range of computing systems and information resources outside of their respective laboratories. Electronically communicating with peers using the global Internet has become a necessity to effective collaboration with university, industrial, and other government partners. DOE`s Energy Sciences Network (ESnet) needs to be engineered to facilitate this {open_quotes}collaboratory{close_quotes} while ensuring the protection of government computing resources from unauthorized use. Sensitive information and intellectual properties must be protected from unauthorized disclosure, modification, or destruction. In August 1993, DOE funded four ESnet sites (Argonne National Laboratory, Lawrence Livermore National Laboratory, the National Energy Research Supercomputer Center, and Pacific Northwest Laboratory) to begin implementing and evaluating authenticated ESnet services using the advanced Kerberos Version 5. The purpose of this project was to identify, understand, and resolve the technical, procedural, cultural, and policy issues surrounding peer-to-peer authentication in an inter-organization internet. The investigators have concluded that, with certain conditions, Kerberos Version 5 is a suitable technology to enable ESnet users to freely share resources and information without compromising the integrity of their systems and data. The pilot project has demonstrated that Kerberos Version 5 is capable of supporting trusted third-partymore » authentication across an inter-organization internet and that Kerberos Version 5 would be practical to implement across the ESnet community within the U.S. The investigators made several modifications to the Kerberos Version 5 system that are necessary for operation in the current Internet environment and have documented other technical shortcomings that must be addressed before large-scale deployment is attempted.« less
Authors:
;  [1] ;  [2] ;  [3] ;  [4]
  1. Pacific Northwest Lab., Richland, WA (United States)
  2. Lawrence Livermore National Lab., CA (United States)
  3. Argonne National Lab., IL (United States)
  4. National Energy Research Supercomputer Center, Livermore, CA (United States)
Publication Date:
OSTI Identifier:
10109518
Report Number(s):
PNL--10382
ON: DE95005755; TRN: 95:001067
DOE Contract Number:
AC06-76RL01830
Resource Type:
Technical Report
Resource Relation:
Other Information: PBD: Jan 1995
Research Org:
Pacific Northwest Lab., Richland, WA (United States)
Sponsoring Org:
USDOE, Washington, DC (United States)
Country of Publication:
United States
Language:
English
Subject:
99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE; INFORMATION SYSTEMS; SECURITY; COMPUTER NETWORKS; VULNERABILITY; INFORMATION THEORY; ON-LINE SYSTEMS; PROPRIETARY INFORMATION 990200; MATHEMATICS AND COMPUTERS