In: Jerman-Blazic, B. and Schneider, W.S. and Klobucar, T., eds.
Advanced Security Technologies for Insecure Networks.
IOS Press, Amsterdam, pp. 123-131.
(Full text available)
This paper describes the mechanisms that are needed in order to provide a secure directory service based on the X.500 data model. A brief introduction to the X.500 data model is given followed by an overview of the Lightweight Directory Access Protocol. Security can be provided by three functions: an application level firewall, an authentication mechanism, and an access control scheme. A description of the X.500 and LDAP access control models is presented followed by the authentication methods that have been standardised for LDAPv3. A companion paper describes a directory application firewall.
- Depositors only (login required):