13 K

Kerberos: (1) An authentication (2) system that enables two parties to exchange private information across an otherwise open network by assigning a unique key (called a ticket) to each user that logs on to the network and then embedding these tickets into messages sent by the users. For more information, see [MS-KILE].

(2) An authentication system that enables two parties to exchange private information across an otherwise open network by assigning a unique key (called a ticket) to each user that logs on to the network and then embedding these tickets into messages sent by the users. For more information, see [MS-KILE].

(3) An authentication access type as defined by [RFC1964].

Kerberos principal: A unique individual account known to the Key Distribution Center (KDC). Often a user, but it can be a service offering a resource on the network.

key: (1) In the registry, a node in the logical tree of the data store.

(2) In cryptography, a generic term used to refer to cryptographic data that is used to initialize a cryptographic algorithm. Keys are also sometimes referred to as keying material.

(3) A 256-bit unsigned integer used internally by MC-DRT to identify a resource.

Key Distribution Center (KDC): The Kerberos service that implements the authentication and ticket granting services specified in the Kerberos protocol. The service runs on computers selected by the administrator of the realm or domain; it is not present on every machine on the network. It must have access to an account database for the realm that it serves. Windows KDCs are integrated into the domain controller role of a Windows Server acting as a Domain Controller. It is a network service that supplies tickets to clients for use in authenticating to services.

keying material: The data from which the main mode (MM) and quick mode (QM)security association (SA)authentication and encryptionkeys are generated.