Category:I805 Authentication and Authorization

From ICO wiki
Revision as of 22:03, 26 January 2017 by Lvosandi (talk | contribs)
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Authentication and Authorization

General information

In this course we continue where we left off with Firewalls and VPN/IPsec course.

Relevant topics for research and implementation in the lab, lectures coming up for most of the topics:

  • File based password stores eg. /etc/shadow, .htaccess
  • Signing and encrypting e-mail using GPG
  • Active Directory protocols: LM, NTLM, Kerberos, GSSAPI, SPNEGO, LDAP
  • More TLS and client side authentication in particular
  • Filesystem permissions: access control lists, selinux, apparmor
  • RADIUS
  • Multi-factor authentication: smartcards, Yubikey, Mobile-ID, etc
  • Contactless cards
  • On the web: Cookies, OAuth, OpenID, iPizza,


General plan:

  • Set up incident management software
  • Set up Windows servers to serve as domain controllers and fileservers
  • Reconfigure Gogs, wiki, incident management software and other services to make use of user accounts in AD
  • Set up domain controller replication between servers
  • Connect some of the network sockets of rooms 412 and 411 to the internal network interfaces of the servers
  • Join Windows, Ubuntu and Mac workstations of 412/411 to domain
  • Set up QNAP fileserver as domain member in 412
  • Set up group policies
  • Customize workstations
  • Set up OpenWrt wifi routers as access points with username/password authentication (like eduroam wireless network)


ECTS: 4

Lecturers: Lauri Võsandi, Belgin Tastan

Pages in category "I805 Authentication and Authorization"

This category contains only the following page.