Index_P

Previous page
Table of content
Next page

P

Pam_Kerberos-centric, 290–92

approaches, 291–92

architectures, 292

defined, 290

Pam_LDAP-centric, 290

with AD, 290

architecture, 291

password management, 290

Pam_unix-centric, 288–89

architecture, 289

user authentication, 288–89

Passport, 241–59

account key, 245

authentication exchange, 243–46

authentication messages, recognizing, 257–58

authentication revisited, 252–54

authentication sequence, 244, 253

authentication trace, 258

cookies, 242, 248–52

credentials, 245, 246, 247

domain authority server, 246

futures, 258–59

HTTP use, 241

infrastructure, 242–43

infrastructure illustration, 243

JavaScript code use, 242

login dialog box, 246

Nexus servers, 243

registration, 247

spoofing problem, 245

SSL use, 242

SSO technology, 255

user information privacy and, 255–56

Windows Server 2003, 246–48

Windows Server 2003 integration, 256–58

Windows XP, 246–48

Passport-based authentication, 223

Passport-enabling Web technologies, 241–42

Password Reset Disk (PRD), 662

creating, 662

floppy disk, 662

private key, 663

using, 663

Passwords

credentials, 46–60

enhancing, quality, 51–60

machine, 60

policy settings, 51

quality, checking, 53–60

user, guidelines, 51–53

Password synchronization, 281–86

AIX, 282

architecture, 283, 285

defined, 282

SFU, 282–85

solutions, 286

UNIX to Windows architecture, 285

Windows to UNIX architecture, 283

Permissions

on administrator accounts, 377–78

autoenrollment, 549

CAS, 404–6

default, for self security principal, 389

default share, 359

effective, 360–61

NTFS root directory, 359

restrictive, 360

undelegating, 384

user rights vs., 380–81

Physical certificate stores, 478–80

details, 480

Group Policy container, 479

illustrated, 475

Local Computer container, 478

Registry container, 478

User Certificate container, 479

viewing, 479

See also Certificate stores

PKI-based SSO, 307–8

authentication, 307

defined, 307

solutions, 308

token-based SSO vs., 307

PKI-enabled applications (PKA), 480, 643–85

building, 605–6

EFS, 643–67

leveraging smart cards/USB tokens for, 679–85

revocation checking support, 591–92

S/MIME, 667–79

user, 574

PKINIT

defined, 186

mapping master key to, 189

trust model, 189

PKI trust models, 496–515

constrained, 502–15

hierarchical, 497–98

hybrid, 502

multiple CAs, 496–97

networked, 499–501

overview, 515

PKIView tool, 458, 459

Platform for Privacy Preferences (P3P), 256

Plugable Authentication Module (PAM), 264–66

account management modules, 265–67

architecture, 265

defined, 264

modules, 266

pam_kerberos module, 266, 290–92

pam_ldap module, 266, 290

pam_sso module, 278

pam_unix module, 266, 278, 288–89

protocols, 264

SPPI vs., 266

Policy Constraints, 512–15

defined, 512–13

inhibit policy mapping example, 514

policy constraint types, 513–14

require explicit policy example, 514

sample, 536–40

Policy.inf file

defining trust constraints using, 532

section header/tags, 533–35

syntax, 532–35

See also CAPolicy.inf file

Policy Mappings, 511–12

for cross-certified CAs example, 512

for PKI user example, 513

Preauthentication

benefits, 183

data, 183–84

defined, 183

See also Kerberos

Private key properties, 489–91

exportability, 489–90

strong protection, 490–91

Private key storage, 480–91

dedicated hardware device, 481–87

physical, 481–87

software-based, 481

Window architecture, 487–91

Privilege Attribute Certificate (PAC), 174, 181–83

content, 182

defined, 181

Property-based ACEs, 349–50

in ACL editor, 350, 351

illustrated, 349

Provisioning systems, 14–17

defined, 14

goal, 15

Microsoft (MPS), 25–26

partners, 16

software services/components, 16

solutions, 17

standardization, 17

Proxy accounts, setting up, 204

Public key infrastructure (PKI), 441–91

Active Directory, 452–59

administration/troubleshooting tools, 640–41

administrative roles, 627

administrative roles and associated tasks, 628

Backup Operator role, 629

building, 603–32

CA hierarchies, 316

certificates, 463–80

Certificate Server, 444–53

core components, 444–91

CryptoAPI, 459–63

Enrollee role, 629

extensibility, 443–44

flexibility, 443

GPO settings, 633

history, 441–42

interoperability, 443

introductory resources, 441

maintaining, 632–40

organizational needs, 604–7

policy definition, 608–10

pricing, 444

public key storage, 480–91

reduced TCO, 444

roles, assigning, 626

scalability, 443

software, reasons to use, 443–44

timeline, 442

trust, 493–543

trust terminology, 495–96

user trust management, 515–21

See also PKI trust models

Public key storage, 480–91

Pwdump3, 58



Previous page
Table of content
Next page
Windows Server 2003 Security Infrastructures. Core Security Features of Windows. NET
Windows Server 2003 Security Infrastructures: Core Security Features (HP Technologies)
ISBN: 1555582834
EAN: 2147483647
Year: 2003
Pages: 137
Authors: Jan De Clercq
BUY ON AMAZON
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
SQL Hacks
Visual C# 2005 How to Program (2nd Edition)
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy