Index_T


T

Third-party AD delegation tools, 390

Third-party security policy management tools, 703

Ticket cookies, 250–51

Ticket-granting cookies, 250

Ticket Granting Service (TGS), 161

Ticket Granting Ticket (TGT), 148–49

defined, 148

reuse, 149

role, 149

ticket flags and, 184–86

Tickets

analyzing, 179–81

authenticator relationship, 179

cache, viewing, 187, 188

content, 179, 180

defined, 143

delegation support and, 165

distribution method 1, 145

distribution method 2, 146

flags, 184–86

purging, 188

size, 182

Time sensitivity, 193–97

SNTP operation, 194–96

time service configuration, 196–97

Token-based SSO systems, 305–6

authentication in, 305

defined, 305

example, 305

PKI-based SSO vs., 307

RPCs, 306

solutions, 306

Top-level name (TLN) restrictions

in avoiding DNS namespace collisions, 86

disabling DNS namespaces, 84

example, 86

for *.hr.hewlettpackardtest.net, 87, 88

Transitive trusts, 73–74

defined, 73

as logical concept, 74

in mixed-mode domains, 160

See also Trust(s)

Transport Layer Security (TLS), 209

browser-side revocation check error, 233

certificate validation, 231

configuring, 229

crypto accelerator devices, 234

See also Secure Sockets Layer (SSL)

Troubleshooting

authorization administration tools, 391

Kerberos tools, 199–200

PKI, tools, 640–41

Trust constraints

defining, 527–41

defining, with CAPolicy.ini, 528–32

defining, with version 2 certificate templates, 528

inheritance, 540–41

overview, 529

tools, 527–28

Trustdomain account object (TDO), 161

Trusted application model, 427–28

advantages, 427–28

impersonation/delegation vs., 428

Trusted Domain Objects (TDOs), 74–76

attributes, 82

forest type, 81

Trusted Root Certification Authorities container, 519

Trusted security infrastructures (TSIs)

authentication infrastructures, 5, 7–9

authorization infrastructures, 5, 10–13

challenge, 1–27

components, 4–5

core security services, 2

key management infrastructures, 5, 9–10

layer, 3

Microsoft and, 21–26

outsourcing and, 2

overview illustration, 19

positioning, 3–4

roles, 4–5, 6–17

security administration infrastructures, 4–5, 13–17

security design viewpoint, 4

SSO and, 2

unified example, 18–21

Trusted third parties (TTPs), 101, 493

environment, 2

servers, 1, 2

Trust relationships, 69–100

behind the scenes, 74–77

cross-certified, 499, 500, 521–27

defined, 69

defining, 69–71

forest, 78

hierarchical, 521

number required in Windows Server 2003, 74

one-way, 70

in PKI, 494

security authorities and, 70

trusting vs. trusted domain, 71

two-way transitive, 73

Trust(s)

constraints, 502–4

cross-realm, 203–6

firewalls and, 98–100

forest, 77–93

fundamental role of, 6

management tools, 95–98

PKI, 493–543

PKI, models, 495, 496–515

PKI, terminology, 495–96

properties, 71

secure channels and, 93–98

shortcut, 159–60

transitive, 73–74

troubleshooting tools, 96–97

Windows setup, 98

Trust taxonomy, 494–95

direct relationship, 494

indirect relationship, 495

Trust types

list of, 71

properties, 71

Windows, 72

Trust Wizard, 80, 81, 89




Windows Server 2003 Security Infrastructures. Core Security Features of Windows. NET
Windows Server 2003 Security Infrastructures: Core Security Features (HP Technologies)
ISBN: 1555582834
EAN: 2147483647
Year: 2003
Pages: 137
Authors: Jan De Clercq

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net