Home > Storage > PowerScale (Isilon) > Product Documentation > Management and Migration > Dell PowerScale: Integrating OneFS with Kerberos Environment for Protocols > Kerberos
Authentication is a set of actions to verify the validity of users. To prove a user’s identities, most computer systems use a password by transferring plaintext or an encrypted password directly through network. The password would be stolen by a man-in-the-middle attack which will result in security vulnerabilities.
Kerberos is a ticket-based authentication protocol to prove identities in a very secure manner, instead of transferring passwords over the network. It allows mutual authentication between clients and servers over unsecure networks and prevents eavesdropping and replay attacks. With Kerberos, organizations can authenticate their users to use any service at any time. A ticket in Kerberos contains the identity of a client, the desired server to access, timestamp, and other information, so that the client who holds the ticket can be authenticated to the server. See Appendix A: Simplified Kerberos authentication process for details about Kerberos authentication.