•  Type I Error: False Rejection Rate
                              (rejecting people who should be
                              accepted).
                          •  Type II Error: False Acceptance Rate
                              (accepting people who should be
                              rejected).
                                 •  Mnemonic tip: Type II =
                                     accept
                          •  Cross-over error rate (lower number
                              is more accurate).
            •  Kerberos:
                   •  No password is sent; instead, the password
                       is only used as a key (therefore no
                       eavesdropping on the password).
                   •  Authentication starts at the client's
                       workstation.
                   •  Operation:
                          •  George logs on with user-id.
                          •  George requests a Ticket Granting
                              Ticket (TGT)  and sends the session
                              key  using user-id
                          •  A Kerberos authentication server
                              (AS), which is part of the key
                              distribution center  (KDC),  grants
                              ticket-granting ticket (TGT) and sends
                              the session key.  It encrypts the
                              message using George's password as
                              the key.
                          •  George enters his password to get the
                              ticket-granting ticket (TGT) and
                              session key.