Key Distribution Center

E718987

authentication infrastructure component cryptographic key management system network security component trusted third party

A Key Distribution Center is a trusted server in authentication protocols like Kerberos that issues and manages cryptographic keys and tickets to securely verify users and services.

Try in SPARQL Jump to: Statements Referenced by

Statements (48)

Predicate	Object
instanceOf	authentication infrastructure component ⓘ cryptographic key management system ⓘ network security component ⓘ trusted third party ⓘ
communicatesWith	application servers ⓘ clients ⓘ domain controllers in Active Directory ⓘ
definedIn	Kerberos Version 5 specification NERFINISHED ⓘ
goal	enable secure single sign-on ⓘ prevent password transmission over the network ⓘ provide mutual authentication ⓘ
hasComponent	Authentication Server NERFINISHED ⓘ Ticket Granting Server NERFINISHED ⓘ
hasRole	authenticates services ⓘ authenticates users ⓘ centralizes key management ⓘ issues authentication tickets ⓘ issues cryptographic keys ⓘ mediates trust between clients and services ⓘ
implementedAs	centralized server ⓘ cluster of replicated servers ⓘ
manages	secret keys shared with clients ⓘ secret keys shared with services ⓘ service tickets ⓘ session keys ⓘ ticket-granting tickets ⓘ
performsFunction	encrypts ticket-granting tickets with KDC secret key ⓘ encrypts tickets with service keys ⓘ enforces authentication policy ⓘ generates session keys for client–service communication ⓘ limits ticket lifetimes ⓘ supports single sign-on ⓘ verifies client credentials ⓘ
relatedConcept	Authentication Server ⓘ Public Key Infrastructure NERFINISHED ⓘ Ticket Granting Server NERFINISHED ⓘ
requires	high availability ⓘ secure storage of long-term keys ⓘ secure time synchronization ⓘ strong access control ⓘ
supportsEnvironment	Windows Active Directory domains NERFINISHED ⓘ enterprise networks ⓘ
usedInProtocol	Kerberos NERFINISHED ⓘ Needham–Schroeder-style authentication protocols NERFINISHED ⓘ
usesCryptography	symmetric key cryptography ⓘ time-stamped authenticators ⓘ
vulnerableTo	compromise of all issued keys if KDC master key is exposed ⓘ single point of failure if not replicated ⓘ

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

Kerberos → hasComponent → Key Distribution Center ⓘ