Applying Kerberos to the communication environment for information appliances

Abstract

When IPv6 deploys, each information appliance shall have a global IP address and communicate directly with each other. Some devices may have much lower processing performance than PCs have due to various limitations (e.g. cost, physical size, power consumption). Such devices must have a security function, that is confidentiality, integrity and access control, for provision of privacy even with a home networking environment. The information appliances shall move around the global network with the users. We assume these devices are used in the home and we describe the methodologies to achieve access control using Kerberos and to deal with changes of IP addresses using modified Kerberos. IPv6 has a security mechanism called "IPsec" for secure communication. In order to use the IPsec, peering communicating devices have to share a symmetric key to maintain the confidentiality and/or the integrity. We also describe a method so that these restricted devices can share a symmetric key securely.