Category:I805 Authentication and Authorization

From ICO wiki
Jump to navigationJump to search

Authentication and Authorization

General information

In this course we continue where we left off with Firewalls and VPN/IPsec course.

Relevant topics for research and implementation in the lab, lectures coming up for most of the topics:

  • File based password stores eg. /etc/shadow, .htaccess
  • Signing and encrypting e-mail
  • Active Directory protocols: LM, NTLM, Kerberos, GSSAPI, SPNEGO, LDAP
  • More TLS and client side authentication in particular
  • Filesystem permissions: access control lists, selinux, apparmor
  • RADIUS
  • Multi-factor authentication: smartcards, Yubikey, etc
  • Contactless cards
  • On the web: Cookies, OAuth, OpenID, iPizza,


General plan:

  • Set up incident management software
  • Set up Windows servers to serve as domain controllers and fileservers
  • Reconfigure Gogs, wiki, incident management software and other services to make use of user accounts in AD
  • Set up domain controller replication between servers
  • Connect some of the network sockets of rooms 412 and 411 to the internal network interfaces of the servers
  • Join Windows, Ubuntu and Mac workstations of 412/411 to domain
  • Set up QNAP fileserver as domain member in 412
  • Set up group policies
  • Customize workstations
  • Set up OpenWrt wifi routers as access points with username/password authentication (like eduroam wireless network)


ECTS: 4

Lecturers: Lauri Võsandi, Belgin Tastan

Pages in category "I805 Authentication and Authorization"

This category contains only the following page.