Microsoft joins MIT Kerberos Consortium


Press Contact

Patti Richards
Email: newsoffice@mit.edu
Phone: 617-253-2700
MIT News Office

Stephen C. Buckley
Email: sbuckley@mit.edu
Phone: 617-645-6278
MIT Kerberos Consortium

MIT today announced that Microsoft joined the MIT Kerberos Consortium as a Founding Sponsor. Slava Kavsan, Director of Development for Windows Core Security at Microsoft, will take a seat on the Executive Board, joining Jordan Hubbard from Apple, Paul Armstrong from Google, Wyllys Ingersoll from Sun, and Wilson D'Souza from MIT.

Kerberos is a network authentication protocol, originally developed for MIT's Project Athena in the 1980s. Over the past two decades, it has grown to become the most widely deployed system for authentication and authorization in modern computer networks. However, it is currently mostly available only in large enterprise networks. Kerberos' ability to require strong mutual authentication has enormous potential to protect consumers doing business on the public Internet from phishing and other types of attacks.

Microsoft has implemented the Kerberos protocol in a number of its products including Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. Kerberos is also the primary authentication mechanism offered by Microsoft Active Directory.

"We are proud to join the MIT Kerberos Consortium as a founding sponsor. Microsoft has always been committed to interoperability of our authentication protocols, and Kerberos' universal authentication platform is of strategic importance for Microsoft and our customers," said Slava Kavsan, Director of Development for Windows Core Security at Microsoft. "Today, the majority of enterprise deployments consist of a large number of heterogeneous systems. Microsoft's implementation of Kerberos on the server side as well as the client side provides our customers with a smooth deployment experience, and we want these implementations to interoperate with others in these diverse environments. Kerberos' vast user base will give us a better opportunity to listen to customer feedback and help us continue to actively contribute to future improvements in Kerberos."

"Microsoft joining the Kerberos Consortium is significant," said Stephen C. Buckley, Executive Director. "They represent a vast number of users of Kerberos. It is an important step forward towards our common ambition to create a universal authentication platform for the world's computer networks."

The MIT Kerberos Consortium was officially launched in September 2007, with the support of Apple, Centrify, Google, Sun, Stanford University, TeamF1, and the University of Michigan.

Since then the MIT Kerberos Consortium has also been very pleased to welcome Carnegie Mellon University, Cornell University, Duke University, Iowa State University, Michigan State University, The National Aeronautics and Space Administration, Pennsylvania State University and The United States Department of Defense as additional Founding Sponsors of the Kerberos Consortium.

Microsoft will participate at the next meeting of the Executive Advisory Board of the MIT Kerberos Consortium, which will be held on April 7, 2008 at Google in Mountain View, California.

The MIT Kerberos Consortium continues to perform the software development, interoperability testing, and the documentation activities necessary to achieve its goal of ubiquitous support for Kerberos-based single sign-on solutions across all aspects of the world's communication infrastructure.

About MIT Kerberos Consortium

The MIT Kerberos Consortium was created to establish Kerberos as the universal authentication platform for the world's computer networks. Building upon the existing Kerberos protocol suite, the Consortium will develop interoperable technologies to enable organizations and federated realms of organizations to use Kerberos as the single sign-on solution for access to all applications and services. It will also promote the adoption of these technologies so that ultimately all operating systems, applications, imbedded devices, and Internet based services can utilize Kerberos for authentication and authorization.

A version of this article appeared in MIT Tech Talk on April 2, 2008 (download PDF).


Topics: Computer science and technology, Industry

Back to the top