Introducing the Aembit Kerberos Trust Provider
2024-4-12 06:29:20 Author: securityboulevard.com(查看原文) 阅读量:2 收藏

Today’s development environments have evolved greatly, with a high dependence on cloud-deployed SaaS tools. However, most organizations are still running in hybrid mode with applications and servers running on-premises and in the cloud. 

Organizations are also continuing to use on-premises servers for authentication, primarily Active Directory (AD), even when using directory synchronization to sync up to cloud-based services such as Entra ID (formerly Azure Active Directory). AD has mainly been used to authenticate users and devices, and it can now be further leveraged to authenticate workloads between services.

Aembit is pleased to announce that we have released a Kerberos Trust Provider that enables the attestation of client workloads running in virtual machine environments joined to AD. This attestation method is specifically designed for on-premises deployments where alternative attestation methods, such as AWS or Azure metadata service trust providers, are not available. 

Aembit is proud to be one of the only vendors that is unifying workload IAM for both on-prem and off-prem, and continues to add trust providers to our long list of AWS, Azure, and Kubernetes support.

Why Kerberos?

Kerberos is a network authentication protocol that allows entities to securely prove their identity over a non-secure network. It operates on the basis of tickets issued by a trusted key distribution center (KDC), eliminating the need to transmit passwords over the network. These tickets are used by users and services to authenticate themselves to each other.

As for its usage, Kerberos remains widely adopted in enterprise environments and is utilized by numerous companies around the world for securing their network infrastructure and services. It is a foundational technology in security architectures, especially in sectors such as finance, health care, education, and government. Many major technology providers and platforms also integrate support for Kerberos authentication, further extending its use across different industries. Overall, Kerberos continues to be a prevalent choice for ensuring strong authentication and security in networked environments.

To learn more about Kerberos, check out these resources from the inventor, MIT, and one of the major implementers, Microsoft.


文章来源: https://securityboulevard.com/2024/04/introducing-the-aembit-kerberos-trust-provider/
如有侵权请联系:admin#unsafe.sh