Path: utzoo!yunexus!davecb
From: davecb@yunexus.UUCP (David Collier-Brown)
Newsgroups: comp.protocols.kerberos
Subject: Re: Network-wide accounting.
Message-ID: <11312@yunexus.UUCP>
Date: 30 May 90 12:18:42 GMT
Article-I.D.: yunexus.11312
References: <emu-ay29.1990.0529.164720.cl04@uk.ac.ncl.mts>
Followup-To: comp.protocols.misc
Organization: York U. Computing Services
Lines: 44

Denis.Russell@newcastle.ac.uk writes:
>I  don't  know  whether  this is the right mailing list for this
>query.  If not, then apologies, and please direct me to  a  more
>suitable list.

	I'm going to claim that comp.protocols.misc is a
	"right" place, and direct followups there...

|					       One  of  the  other
| concepts  that  I've always thought of as a natural extension of
| this is that of network accounting.  That is, the allocation  of
| resources to individuals or "accounts" and the proper accounting
| for  the  "spending"  or  possible  transfer of these resources.

    I see this as a protocol layered on Kerberos, such that an accounting
server gives out accounting tickets (:-)) which in turn contain/accompany
kerberos tickets.

    At the programmatic level, this can be quite easy: for services with a
fixed cost per use it only requires linking with a library which overloads
the kerberos authentication calls with calls to the accounting service,
which in turn depends on kerberos for authentication of the request/response.
    For services with a variable cost (ie, printers), it requires explicit
attention, with calls to both accounting and authentication services.

    At the protocol level, it looks fairly hard!  It does require a
distributed database (unless accounting outages are to lock up all the
services!) and some carefull study to get it right.

| I'm just hoping that someone has devised such a creature  so  we
| don't have to make one ourselves.

    Well, someone is sure to point out that Athena has been working on a
printing service with accounting (Palladium), but when I was there earlier
this year they had just put installing it off again until at least the 6.5
release.  I suspect (ie, hope) we'll hear a bit about Palladium in this
discussion.

--dave
-- 
David Collier-Brown,  | davecb@Nexus.YorkU.CA, ...!yunexus!davecb or
72 Abitibi Ave.,      | {toronto area...}lethe!dave 
Willowdale, Ontario,  | "And the next 8 man-months came up like
CANADA. 416-223-8968  |   thunder across the bay" --david kipling