A distributed password scheme for network operating systems

• Main Author: Roth, Christopher
• Other Authors: Rasmussen, Craig
• Published: Monterey, California. Naval Postgraduate School 2012
• Online Access: http://hdl.handle.net/10945/5847

Approved for public release; distribution is unlimited === Password-based user identification and authentication in a network-based operating system generally relies upon a single file that contains user information and the encoded or hashed representations of each users' password. Operating system designers have resorted to various protection schemes to prevent unauthorized access to this single file. These techniques have proved vulnerable to various attacks, the result being unauthorized access to the targeted computer system. This paper proposes a model for a distributed password system in a network environment that eliminates the single password file as a target without introducing additional computational complexity or incorporating additional cost to the user with such items as tokens or biometrics. This application incorporates proven encryption techniques and a distributed architecture to enhance the reliability of an operating system's identification and authentication procedures. The paper provides an object-oriented model of this approach, along with an analysis of a possible implementation in a current operating system.