Open Menu Close Menu

Security News

Microsoft Joins MIT Kerberos Consortium

The MIT Kerberos Consortium has added Microsoft to its ranks of formal industry supporters. The company joined the group Monday as a founding sponsor, gaining a seat on the executive board, which also includes representatives from Apple, Sun, Google, and, of course, MIT itself. Microsoft's director of Windows Core Security, Slava Kavsan, will occupy the board seat.

MIT's Stephen Buckley, executive director of the Kerberos Consortium, told us that although Microsoft was not a formal sponsor of the consortium before now, it has been involved in Kerberos for some time and has worked with MIT on the development of standards.

"MIT and Microsoft have a long history of working together on Kerberos," Buckley said. "This history starts well before the release of Windows 2000. Since then, MIT and Microsoft have been working on standardizing some of the features, such as realm referral, that enhance the ease of configuration of the Active Directory product. To this day, MIT and Microsoft continue to work together on Kerberos standards. Its really a dream come true for us that now we have the Kerberos Consortium as the formal organizational structure for all these interactions going forward."

Kerberos itself is a network authentication protocol that originated at MIT. The consortium that formed around it back in September aims to expand the protocol to offer data protection to a wider range of clients, including various consumer devices, and to release open source implementations of the technologies developed that will be available to consortium members without licensing fees for use in their technologies and within their organizations.

"We are proud to join the MIT Kerberos Consortium as a founding sponsor. Microsoft has always been committed to interoperability of our authentication protocols, and Kerberos' universal authentication platform is of strategic importance for Microsoft and our customers," Kavsan said in a statement released by MIT this morning. "Today, the majority of enterprise deployments consist of a large number of heterogeneous systems. Microsoft's implementation of Kerberos on the server side as well as the client side provides our customers with a smooth deployment experience, and we want these implementations to interoperate with others in these diverse environments. Kerberos' vast user base will give us a better opportunity to listen to customer feedback and help us continue to actively contribute to future improvements in Kerberos."

Industry supporters of Kerberos and the Kerberos Consortium include Sun, Apple, Google, Centrify, and TeamF1. Institutional supporters, aside from MIT, include Stanford University, University of Michigan, Carnegie Mellon University, Cornell University, Duke University, Iowa State University, Michigan State University, and Pennsylvania State University. NASA and the United States Department of Defense are also founding sponsors.

"Microsoft joining the Kerberos Consortium is significant," Buckley said. "They represent a vast number of users of Kerberos. It is an important step forward towards our common ambition to create a universal authentication platform for the world's computer networks."

The Kerberos protocol has already been implemented in several Microsoft products, from Windows 2000 to Vista, and is the main authentication mechanism used in Active Directory.

According to the MIT News Office, Microsoft will be at the next executive advisory board meeting for the group, which will be held at Google's headquarters in Mountain View, CA, April 7.

About the Author

David Nagel is editorial director of 1105 Media's Education Technology Group and editor-in-chief of THE Journal and STEAM Universe. A 29-year publishing veteran, Nagel has led or contributed to dozens of technology, art and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at or follow him on Twitter at @THEDavidNagel (K-12) or @CampusTechDave (higher education).

comments powered by Disqus