Kerberos was conceived as a secure network authentication technology at the Massachusetts Institute of Technology (MIT), where it continues to evolve. Using cryptography as a seal, Kerberos credentials or tickets ensure authenticated users. Because each node on the network trusts the Kerberos server exclusively, user credentials are valid throughout the network. This way, in theory, they will only have to log in once. Additionally, Kerberos can provide support for real-time encryption of network communications. It's like keeping the doors to your city locked, but giving authorized citizens the key to every door. (Salowey) In the Open Systems Interconnect (OSI) model, Kerberos sits on top of the Network and Transport layers (on top of TCP/IP), which means it's not as simple as adding a Kerberos module to your existing desktop operating system. Using Kerberos means replacing existing network applications with "kerberized" applications that have been rewritten to take advantage of its services, such as automatic authentication and encrypted communications. The question is: what is Kerberos and what can it do for my network? We have deployed both Kerberos version 4 and beta versions of MIT's new version 5 at our lab at Syracuse University to get a better feel for this technology and to determine whether the protocol can truly solve network security problems. The examples mentioned in this workshop are in Kerberos 4 format, which is the version in use on most networks. Kerberos is an interesting technology, but it is not a solution for network security. We were disappointed to learn that Kerberos would not solve our network-level user management problems. Kerberos does not even replace dated technology such as Network Information Ser...... middle of paper ......and Sun Microsystems with other areas present on the Internet. Credential forwarding will pass TGT to remote hosts when using kerberized network access instead of requiring the user to run kinit on the host.Works CitedSalowey, Joseph. Kerberos: a secure passport.http://www.csee.wvu.edu/~cukic/Security/NotesKerberos.pdf#search='Salowey%2C%20Joseph.20%20Kerberos%3A%20A%20secure%20passport.'Anthes , Gary. Kerberos code crack raises broader issues.http://static.highbeam.com/c/computerworld/february261996/kerberoscodecrackraisesbroaderissues/Stallings, William. Kerberos keeps the company secure. Rubin, Aviel. Kerberos versus the Leighton-Micali protocol.http://www.ddj.com/documents/s=879/ddj0011a/0011a.htmChappell, David. Microsoft and the Kerberos standard.http://www.microsoft.com/technet/prodtechnol/windows2000serv/evaluate/featfunc/msjkerb.mspx