logo_kerberos.gif

Projects/Geolocation Policy

From K5Wiki
< Projects
Revision as of 19:11, 7 June 2013 by Tsitkova (talk | contribs) (Initial purpose statement)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.


Use Case

  1. Person travels abroad. When authenticating to his corporate Kerberos-enabled system, he uses some location-related measurement Device together with other authentication means. The information from the Device - such as geographical and/or DNS location - is encrypted and passed to the KDC with the initial request. There it is evaluated by a designated service and, based on the result of the evaluation, KDC proceeds with issuing, or not, the ticket.
  2. Use geolocation for Audit.

Purpose

Define a new Geolocation policy and create an infrastructure to allow KDC to deal with the geolocation information.

Related references

  1. draft-ietf-geopriv-held-measurements-07
Retrieved from "https://k5wiki.kerberos.org/wiki?title=Projects/Geolocation_Policy&oldid=5137"