Authentication

/ˌtiː-dʒi-ˈɛs/

n. “The ticket booth behind the ticket booth.”

TGS, or Ticket Granting Service, is a core component of the Kerberos authentication system. It operates as part of the KDC and is responsible for issuing service-specific tickets that allow users or systems to access network resources securely — without ever re-sending their password.

/ˌkeɪ-di-ˈsiː/

n. “The gatekeeper of your tickets.”

KDC, or Key Distribution Center, is a central component of the Kerberos authentication protocol, responsible for issuing and managing the “tickets” that prove a user or service is who they claim to be. Think of it as a digital concierge: it verifies identities, issues temporary passes, and ensures that only authorized entities can access network resources.

/ˈaɪ-æm/

n. “Who are you, and what are you allowed to do?”

IAM, short for Identity and Access Management, is the discipline and infrastructure that decides who can access a system, what they can access, and under which conditions. It sits quietly underneath modern computing, enforcing rules that most users never see — until something breaks, a permission is denied, or an audit comes knocking.

/ˈkɛr-bə-rɒs/

n. “Prove who you are without shouting your password.”

Kerberos is a network authentication protocol designed to securely verify the identity of users and services over insecure networks. Named after the three-headed dog from Greek mythology that guards the underworld, it ensures that the right entities are talking to each other without exposing sensitive credentials in transit.

/ˌoʊpənˈɛlˌdiːˈæp/

n. “LDAP, open-sourced and ready to roam.”

OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol (LDAP). It provides a robust, standards-compliant directory service that allows organizations to store and manage hierarchical information about users, groups, devices, and other resources. Unlike proprietary directory services, OpenLDAP is freely available, highly configurable, and widely adopted across Linux, UNIX, and mixed-environment networks.

/ˈɛlˌdiːˈæps/

n. “LDAP, but encrypted for grown-ups.”

LDAPS, or Lightweight Directory Access Protocol over TLS/SSL, is the secure version of LDAP. Where plain LDAP transmits queries and responses in cleartext, LDAPS wraps this communication in Transport Layer Security (TLS) or Secure Sockets Layer (SSL), protecting sensitive information like usernames, passwords, and directory attributes from eavesdropping and tampering.

/ˈɛlˌdiːˈæp/

n. “The phonebook of your network, but smarter.”

LDAP, or Lightweight Directory Access Protocol, is a protocol used to access and manage directory services over a network. Think of it as a standardized way to look up and modify information about users, groups, devices, and other resources in a centralized repository. Instead of each system maintaining its own separate user list, LDAP allows multiple applications and services to query a single authoritative source.

/ˈæktɪv dɪˌrɛktəri/

n. “The Windows brain behind your network.”

Active Directory (AD) is Microsoft’s directory service for Windows domain networks. It acts as a centralized database that manages users, computers, groups, policies, and resources across an enterprise, providing both authentication and authorization services. Essentially, it tells the network who you are, what you can access, and how you should behave while connected.

/ˈaɪ-kæn/

n. “Keeps the Internet agreeing on names.”

ICANN, short for Internet Corporation for Assigned Names and Numbers, is the global coordinating body responsible for maintaining coherence across the Internet’s naming and numbering systems. It does not control the Internet, own it, or operate networks. Its role is narrower, quieter, and far more delicate: ensuring that when someone types a domain name, the rest of the world agrees on what that name means.

/ˈaɪ-dē-ˈpē/

n. “The authority that says who you are.”

IdP, short for Identity Provider, is a service that creates, maintains, and manages identity information for users and provides authentication to relying applications or services. In modern digital ecosystems, an IdP is the linchpin of single sign-on (SSO) and federated identity systems, enabling secure and seamless access across multiple platforms.