Show simple item record

dc.contributor.advisorNickolai Zeldovich.en_US
dc.contributor.authorBenjamin, David (David A.)en_US
dc.contributor.otherMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.en_US
dc.date.accessioned2014-03-06T15:39:41Z
dc.date.available2014-03-06T15:39:41Z
dc.date.copyright2013en_US
dc.date.issued2013en_US
dc.identifier.urihttp://hdl.handle.net/1721.1/85405
dc.descriptionThesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2013.en_US
dc.descriptionCataloged from PDF version of thesis.en_US
dc.descriptionIncludes bibliographical references (pages 63-65).en_US
dc.description.abstractThis thesis presents Webathena, a browser-centric implementation of the Kerberos network authentication protocol. It consists of a JavaScript Kerberos client, paired with a simple, untrusted, server-side proxy to wrap the protocol in HTTP. This is used to implement a trusted credential manager with a cross-origin protocol to delegate credentials to untrusted Web applications. To evaluate Webathena, we present Roost, a Web-based client for the Zephyr messaging and notification in use at MIT, along with a host of proof-of-concept applications. We find that it is possible to build Web-based clients for Kerberized services similar to or better than existing native ones with no modifications to either the Kerberos KDCs or the services themselves. Finally, we discuss possible modifications to Kerberos to better support this kind of credential delegation.en_US
dc.description.statementofresponsibilityby David Benjamin.en_US
dc.format.extent65 pagesen_US
dc.language.isoengen_US
dc.publisherMassachusetts Institute of Technologyen_US
dc.rightsM.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission.en_US
dc.rights.urihttp://dspace.mit.edu/handle/1721.1/7582en_US
dc.subjectElectrical Engineering and Computer Science.en_US
dc.titleAdapting Kerberos for a browser-based environmenten_US
dc.typeThesisen_US
dc.description.degreeM. Eng.en_US
dc.contributor.departmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
dc.identifier.oclc870307860en_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record