MIT announced on May 18 that it has been working with Apple to bring a full implementation of its Kerberos network security system to Mac OS X, the newest Macintosh computer operating system.
Kerberos, an established open security standard, will allow users of Mac OS X to safely access Internet-based services while also protecting their data in transit. Kerberos was created by MIT in the mid-1980s as part of MIT's Project Athena and provides a solution to network security problems.
The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server have used Kerberos to prove their identity, they can encrypt all of their communications to assure privacy and data integrity as they go about their business. Kerberos optionally provides integrity and confidentiality for data sent between the client and server.
"The Macintosh has been an important platform to MIT for many years," said James D. Bruce, vice president for information systems. "We're looking forward to working closely with Apple to bring a key component of the security infrastructure of MIT and many other institutions to Mac OS X."
"Mac OS X, with its advanced operating system kernel, Darwin, is the most reliable and robust Apple OS ever," said Clent Richardson, Apple vice president for worldwide developer relations. "We're very excited to work with MIT to bring Kerberos to Mac OS X, adding a key component of network security for our important customers in higher education and government organizations."
Gavin Eadie, director of strategic technologies at the University of Michigan, commented, "we applaud Apple and MIT's collaboration to bring Kerberos to Mac OS X. Kerberos authentication is essential for computers deployed in higher education, and this work will make our adoption of Mac OS X much easier."
MIT Kerberos for Macintosh, expected to be freely available for Mac OS X, emphasizes scalability and security. It uses strong cryptography to provide encryption and integrity-checking of network data, and secure authentication between Internet clients and servers. It is compatible with Kerberos implementations from other vendors.
MIT Kerberos for Macintosh includes support for both Kerberos v4 and Kerberos v5 protocols, along with the KClient and Generic Security Service (GSS) APIs.
A version of this article appeared in MIT Tech Talk on May 31, 2000.