A distributed password scheme for network operating systems
Loading...
Authors
Roth, Christopher
Subjects
Advisors
Rasmussen, Craig
Michael, Bret
Date of Issue
2002-06
Date
Publisher
Monterey, California. Naval Postgraduate School
Language
Abstract
Password-based user identification and authentication in a network-based operating system generally relies upon a single file that contains user information and the encoded or hashed representations of each users' password. Operating system designers have resorted to various protection schemes to prevent unauthorized access to this single file. These techniques have proved vulnerable to various attacks, the result being unauthorized access to the targeted computer system. This paper proposes a model for a distributed password system in a network environment that eliminates the single password file as a target without introducing additional computational complexity or incorporating additional cost to the user with such items as tokens or biometrics. This application incorporates proven encryption techniques and a distributed architecture to enhance the reliability of an operating system's identification and authentication procedures. The paper provides an object-oriented model of this approach, along with an analysis of a possible implementation in a current operating system.
Type
Thesis
Description
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
xiv, 49 p. : col. ill. ;
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.