[970] in Kerberos
Re: Network-wide accounting.
daemon@ATHENA.MIT.EDU (David Collier-Brown)
Fri Jun 1 02:43:25 1990
Date: 30 May 90 12:18:42 GMT
From: mnetor!utzoo!yunexus!davecb@uunet.uu.net (David Collier-Brown)
To: kerberos@ATHENA.MIT.EDU
Denis.Russell@newcastle.ac.uk writes:
>I don't know whether this is the right mailing list for this
>query. If not, then apologies, and please direct me to a more
>suitable list.
I'm going to claim that comp.protocols.misc is a
"right" place, and direct followups there...
| One of the other
| concepts that I've always thought of as a natural extension of
| this is that of network accounting. That is, the allocation of
| resources to individuals or "accounts" and the proper accounting
| for the "spending" or possible transfer of these resources.
I see this as a protocol layered on Kerberos, such that an accounting
server gives out accounting tickets (:-)) which in turn contain/accompany
kerberos tickets.
At the programmatic level, this can be quite easy: for services with a
fixed cost per use it only requires linking with a library which overloads
the kerberos authentication calls with calls to the accounting service,
which in turn depends on kerberos for authentication of the request/response.
For services with a variable cost (ie, printers), it requires explicit
attention, with calls to both accounting and authentication services.
At the protocol level, it looks fairly hard! It does require a
distributed database (unless accounting outages are to lock up all the
services!) and some carefull study to get it right.
| I'm just hoping that someone has devised such a creature so we
| don't have to make one ourselves.
Well, someone is sure to point out that Athena has been working on a
printing service with accounting (Palladium), but when I was there earlier
this year they had just put installing it off again until at least the 6.5
release. I suspect (ie, hope) we'll hear a bit about Palladium in this
discussion.
--dave
--
David Collier-Brown, | davecb@Nexus.YorkU.CA, ...!yunexus!davecb or
72 Abitibi Ave., | {toronto area...}lethe!dave
Willowdale, Ontario, | "And the next 8 man-months came up like
CANADA. 416-223-8968 | thunder across the bay" --david kipling
