Check out the new USENIX Web site.

Network authentication

netAuth enables the owner of a process to be changed upon successful network authentication. Authentication is implemented as follows: This mechanism requires that the client-side system administrator enable the client to use netAuth authentication, and the server-side administrator provide the netAuthenticate privilege. As we shall see, application code changes to support authentication are trivial on both client and server sides.

Because public key signatures are used for authentication, the log containing these signed exchanges proves that the client requested user authentication. This property both helps to debug the mechanism and to ensure that even the server administrator cannot fake a user authentication. Lastly, since no passwords are used over the network, this scheme is impervious to password guessing attacks.

Manigandan Radhakrishnan 2008-05-13