Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Microsoft joins MIT Kerberos Consortium

Slava Kavsan, director of development for Windows Core Security at Microsoft, will take a seat on the executive board.

“Microsoft has always been committed to interoperability of our authentication protocols and Kerberos’ universal authentication platform is of strategic importance for Microsoft and our customers,” Kavsan said. “We are proud to join the MIT Kerberos Consortium as a founding sponsor.”

MIT’s Stephen Buckley, executive director of the Kerberos Consortium, said MIT and Microsoft have a long history of working together.

“Microsoft joining the Kerberos Consortium is significant,” Buckley said. “They represent a vast number of users of Kerberos and it is an important step forward towards our common ambition to create a universal authentication platform.”

Kerberos is a network authentication protocol, originally developed for MIT’s Project Athena in the 1980s. It has grown to become the most widely deploy system for authentication and authorization in modern computer networks.

Microsoft has implemented the Kerberos protocol in a number of its products including Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

Tom Kemp, chief executive of security software vendor Centrify Corporation noted on his blog that this is significant for a number of reasons.

“As a founding sponsor of the Kerberos Consortium, Centrify is pleased to be able to get a up close pulse on the direction of Kerberos, collaborate with these other large vendors regarding interoperability,” he wrote.

Kemp asked so why does Microsoft even care about Kerberos? “Because starting with Windows 2000, Microsoft bundled Kerberos as part of the Windows platform, with Active Directory domain controllers not only supporting LDAP but also playing the part of a Key Distribution Center.”

“Because Kerberos is turned on and utilized by default in the Windows platform, clearly the Windows platform represents a huge chunk of the systems actively running Kerberos,” Kemp noted. “As we all know there are many out there that like to beat up Microsoft regarding security, but it is ironic that Microsoft by default delivers the added security of Kerberos as part and parcel of the Windows platform.”

The MIT Kerberos Consortium was officially launched in September 2007 with the support of Apple, Centrify, Google, Sun, Stanford University, TeamF1 and the University of Michigan.

Additional sponsors include NASA, the US Department of Defense, Duke University and Carnegie Mellon University.