Archive for the ‘MIT-KC’ Category

Key Accomplishments - Part 1

Tuesday, July 28th, 2009 by sbuckley

The 2009 MIT fiscal year ended on June 30th.  The end of one year’s budget and the beginning of a new one is always a good time to take stock of how much progress has been made.  FY 2009 was our first full year of operations since the Kerberos Consortium was founded in October 2007.

We started out FY 2009 with ten basic things we wanted to make substantial progress on by the end of the year.  In guess my assessment isn’t that we got an “A”, but probably at least a “B+”.  Here’s a recap, broken up into ten parts.

1. An organization

This might seem like an odd goal, given that there has been a Kerberos development group at MIT for over 15 years.  However, that group was funded by MIT specifically to support MIT’s deployment of Kerberos.  MIT still uses and needs Kerberos, but as the technology matured, demands on the group were reduced, head count was cut, and releases became less frequent.  With the creation of the Kerberos Consortium, we needed a new type of organization.  We needed an organization that was externally focused, customer-centric, and execution oriented.  We also needed an organization that could do more than just development work on the MIT implementation of Kerberos.  We needed to provide for the interoperability testing requirements of our sponsors, and provide expert advice on all levels.  Most importantly, we needed to provide the intellectual leadership that our sponsors expected of MIT, and that was required to move Kerberos into new areas, such as the web and on mobile devices.

This change required an enormous cultural shift, and it took its toll.  But I’m pleased to say that we have a given the core MIT team an infusion of fresh blood.  Tom Yu, who has been working on Kerberos for 15 years was promoted to Development Team Leader.  We scooped up Zhanna Tsitkova from Novell, who has 15 years experience in commercial IT security.  We also convinced Greg Hudson to join our team from another area at MIT.  Greg is an amazingly productive and clear thinking engineer with lots of open source development experience.  Thomas Hardjono joined us as Strategic Advisor in December, after years at Verisign and as a long-time chair at the TCG.  Thomas is leading the evolution of Kerberos to the web.  Lastly, we also started hiring MIT undergraduate computer science students to work with us part-time.  So many of the most experienced Kerberos engineers in the workplace today got their first experience as students at MIT.  We now have two students working with us, so this important pipeline of new talent is getting refilled.

Next installments;

2. Knowing the customer
3. Documentation
4. Database support
5. Better coding practices
6. A good test suite
7. Kerberos for Mobile
8. Release Kerberos 1.7
9. Simpler revenue model
10. Community Building

Posted in MIT-KC, News | No Comments »

Welcome to the MIT Kerberos Consortium blog

Tuesday, July 28th, 2009 by thardjono

Welcome to the MIT Kerberos Consortium blog.  The MIT Kerberos Consortium was created to promote and establish Kerberos as a universal authentication platform for the Internet.

Kerberos, originally developed for MIT’s Project Athena, has grown to become the most widely deployed system for authentication and authorization in modern computer networks. Kerberos is currently shipped with all major computer operating systems and is uniquely positioned to become a universal solution to the distributed authentication and authorization problem of permitting universal “single sign-on” within and between federated enterprises and peer-to-peer communities.

The MIT Kerberos Consortium is intended to provide a mechanism by which the numerous organizations that have adopted Kerberos in the last two decades may participate in the continuation of what was previously funded as an internal MIT project. By opening participation in the ongoing Kerberos effort, it will be possible to expand the scope of the work currently performed to encompass numerous important improvements in the Kerberos system, and to engage in much needed evangelism among potential adopters.

Building upon the existing Kerberos protocol suite, we will develop interoperable technologies (specifications, software, documentation and tools) to enable organizations and federated realms of organizations to use Kerberos as the single sign-on solution for access to all applications and services. We will also promote the adoption of these technologies so that ultimately all operating systems, applications, imbedded devices, and Internet based services can utilize Kerberos for authentication and authorization.

Posted in MIT-KC | No Comments »