LDAP and Internationalization

Understanding and Deploying LDAP Directory Services > 11. Privacy and Security Design > Security Tools

<  BACK CONTINUE  >
153021169001182127177100019128036004029190136140232051053054012006212255080144128087091

Security Tools

Now that we've described some of the security threats your directory service may face, it's time to turn our attention to the tools available to help combat them. We make no attempt to provide complete coverage of all the tools out there, but we do give an overview both of the general protection mechanisms and their embodiment in specific technologies.

First, these are the general security methods at your disposal:

  • Authentication is the means by which one party verifies another's identity. Authentication can be one-way, or it can be two-way (sometimes called mutual authentication ). Examples of one-way authentication are when a directory client presents a password to a directory server in an LDAP bind operation, or when a directory server presents its certificate to a directory client during an SSL connection negotiation so that the connection can be encrypted. An example of two-way authentication is when both the directory client and server exchange certificates during SSL connection negotiation.

  • Signing is the means by which the authenticity and integrity of information is ensured. If information is signed, the recipient can determine that it was in fact sent by the indicated party and that it was not tampered with in transit. An example of signing occurs when an LDAP connection is made over SSL: The SSL layer divides the stream of data being sent into a series of blocks, and each block is accompanied by a cryptographic checksum that allows the receiver of the packet to determine if it's been tampered with. In another example of signing, an application stores a signed value within an attribute in a directory entry; the authenticity of the value can then be verified regardless of the security of the server itself.

  • Encryption is the means by which the privacy of information is protected. If information is encrypted, it is scrambled in a way that only the recipient (and possibly the sender) knows how to undo. Encrypted information intercepted by anyone else is not useful. An example of encryption occurs during an SSL LDAP session. All packets transmitted are encrypted using the method negotiated during connection setup.

  • Auditing is the means by which you track what happens to your directory. Auditing is an element key to the overall security solution because it is often the only way to determine if your security has been compromised and in what manner. Auditing of data handling and other procedures is also important to make sure there are end-to-end security protections for your data. An example of auditing is the log files maintained by most directory server products.

These four concepts form the basis of most practical security procedures in modern directory systems. There are other, more esoteric security concepts, such as nonrepudiation, that we will not bother to cover in this book.

Now we turn our attention to some specific technologies that provide one or more of the abstract services we just described:

  • SSL is the secure sockets layer protocol. Originally developed by Kipp Hickman of Netscape, SSL is a generic transport-layer security mechanism designed to make application protocols such as LDAP secure. SSL is based on public key cryptography and can provide very high security. It includes strong authentication, signing, and encryption services. SSL lets communicating parties negotiate a level of security that is appropriate and acceptable to both parties. A variety of different security algorithms and strengths, or security levels, can be negotiated.

  • TLS is the transport layer security protocol. When the Internet Engineering Task Force (IETF) formed a working group to standardize an SSL-like protocol, they started with SSL version 3.0 and changed the name to TLS. There is very little difference between SSL 3.0 and TLS 1.0; in this book, we use these terms interchangeably. At the time of this writing, TLS 1.0 is on the verge of being published as RFCs with Proposed Internet Standard status.

  • Kerberos is a security technology originally developed at the Massachusetts Institute of Technology as part of Project Athena. Unlike SSL, which is based on a public key system, Kerberos is based on a private key, or shared secret, system. Kerberos provides an authentication service but can be used to provide encryption services as well. Kerberos version 4 was the first widely used version of Kerberos. Later attempts to standardize Kerberos (although not in the IETF) with version 5 have achieved limited success. Various groups have splintered off from the core standard, producing different, incompatible versions.

  • SASL , the simple authentication and security layer, was developed by John Myers of Netscape. SASL (pronounced "sazzle") is a generic framework for negotiating authentication and security layer semantics in application-layer protocols. SASL enables support for authentication, encryption, and signing services. Although it provides no security itself, SASL allows application protocols such as LDAP to negotiate security parameters. LDAP version 3 includes native support for SASL. At the time of this writing, SASL is a Proposed Internet Standard, documented in RFC 2222.

  • IPSec stands for Internet Protocol security. A relatively new proposed standard at the time of this writing, IPSec is a generic network-layer security mechanism designed to make secure transport-layer connections between machines (such as with TCP, over which LDAP runs). Like SSL, IPSec is based on public key technology, but its focus is on securing connection endpoints, not users or applications.

  • SSH , the secure shell protocol, is a generic, end-to-end security package for protecting login sessions, file transfers, and other connections between machines. SSH provides strong security and is pretty easy to use. It is a good general purpose tool you can use to secure many of the daily administrative tasks that must be performed on your directory and other systems. SSH version 2 was just released at the time of this writing.

  • Satan is a generic host security checking package. When you point Satan at a host or network, it probes for various well-known security holes that it has been programmed to look for. When Satan is finished, it produces a report about all the problems it found and how to fix them. Tools like Satan are invaluable to system administrators (including directory administrators) who need to ensure the security of a host on the network. However, tools like Satan are also invaluable to attackers who are trying to break into those systems. You should beat the attackers to the punch and use tools like Satan before they do.

The list could go on and on, but we don't have room to mention all the possibilities here. This list should give you a basic idea of the kinds of tools available to you. Check the references at the end of this section for more reading on this subject.



Understanding and Deploying LDAP Directory Services,  2002 New Riders Publishing
<  BACK CONTINUE  >

Index terms contained in this section

auditing
          security
authentication
design
         security
                    auditing
                    authentication
                    encryption
                    IPSec (Internet Protocol Security)
                    Kerberos
                    SASL (simple authentication and security layer)
                    Satan
                    signing 2nd
                    SSH (secure shell protocol)
                    SSL (secure sockets layer)
                    TLS (transport layer security) protocol
directories
         security
                    auditing
                    authentication
                    encryption
                    IPSec (Internet Protocol Security)
                    Kerberos
                    SASL (simple authentication and security layer)
                    Satan
                    signing 2nd
                    SSH (secure shell protocol)
                    SSL (secure sockets layer)
                    TLS (transport layer security) protocol
encryption
          security
Internet Protocol Security, see IPSec
IPSec (Internet Protocol Security)
Kerberos
mutual authentication
one-way authentication
SASL (simple authentication and security layer)
Satan
secure shell protocol, see SSH
secure sockets layer, see SSL
security
          auditing
          authentication
          encryption
          IPSec (Internet Protocol Security)
          Kerberos
          SASL (simple authentication and security layer)
          Satan
          signing 2nd
          SSH (secure shell protocol)
          SSL (secure sockets layer)
          TLS (transport layer security) protocol
signing
          security 2nd
simple authentication and security layer, see SASL
SSH (secure shell protocol)
SSL (secure sockets layer)
TLS (transport layer security) protocol
two-way authentication, see mutual authentication

2002, O'Reilly & Associates, Inc.



Understanding and Deploying LDAP Directory Services
Understanding and Deploying LDAP Directory Services (2nd Edition)
ISBN: 0672323168
EAN: 2147483647
Year: 1997
Pages: 245

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net