Slide 8 of 14
Notes:
Slide Notes and Questions:
- What set of information does the User Org authorization certificate (CERT) contain? Is it signed with the
Application’s public key or with a shared secret between the User Org AAA server and the Application?
- Are there any security issues?
Tcs => User Org AAA server, User, IP addr of User, ts, lifetime, Kcs
Ks => User Org AAA server’s shared key with the KDC
Ac => name of User, IP addr of User, ts (New Ac must be generated per service request)
Kcs => Session key for User and User Org AAA server
