BKKRBROS.RVW   990715

"Kerberos: A Network Authentication System", Brian Tung, 1999,
0-201-37924-4, U$19.95/C$29.95
%A   Brian Tung
%C   P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%D   1999
%G   0-201-37924-4
%I   Addison-Wesley Publishing Co.
%O   U$19.95/C$29.95 416-447-5101 fax: 416-443-0948 bkexpress@aw.com
%P   164 p.
%T   "Kerberos: A Network Authentication System"

Part one is a user guide to the Kerberos security tool, user being
defined as both end user and administrator.  Chapter one presents a
rather weak justification for Kerberos (based on the insecurity of
email) and some quick contact information for obtaining it.  End user
operations for Kerberos are described, but not always clearly, and
some questions are left open.  (Does the user have any control over
ticket expiry times?)  The administrative functions, in chapter three,
are weak in regard to installation, but reasonable in terms of
maintenance operations.  Chapter four contains quick listings of the
Kerberos API (Application Programming Interface) calls, for those who
want to build Kerberized programs.

Part two provides some background.  Chapter five is a good tutorial on
the concepts: if you are having trouble with chapters two and three, a
review of five will probably help a lot.  Differences in versions of
Kerberos are listed in chapter six.  A look at various related issues
in chapter seven includes a very decent discussion of public key
encryption.

For quick coverage of Kerberos, this makes a neat and handy package.

copyright Robert M. Slade, 1999   BKKRBROS.RVW   990715