Upload
odetta
View
55
Download
0
Embed Size (px)
DESCRIPTION
LDAP Directory Services:. Security. Directory Security Overview. Brief Review of Directories and LDAP Brief Review of Security Basic Security Concepts Security as Applied to Directories Threats LDAP Protocol Security Features Typically Implemented Security Features Futures References. - PowerPoint PPT Presentation
Citation preview
LDAP Directory Services:
Security
Directory Security Overview
Brief Review of Directories and LDAP Brief Review of Security Basic Security Concepts Security as Applied to Directories
Threats LDAP Protocol Security Features Typically Implemented Security Features Futures References
Brief Review of Directories & LDAP
DirectoryDatabase
Network
Directory Service
DirectoryInformation
Tree(DIT)
A
B C
F
D
E G
H I
Client
search “G,C,A”
LDAP
Brief Review of Directories & LDAP
• What directories are…– Object repositories– Typically read more than written– Have explicit access protocols– Support relatively complex queries
• What directories are not…– RDBMSs– Lack notions of..
• Tabular views• JOIN operations• Stored Procedures
Brief Review of Directories & LDAP
• Obligatory, overly-simplified, Protocol Stack Diagram
Directory-based Application
IPEthernet, Cable, Wireless, whatever.
TCP
LDAP
Brief Review of Security
• Notion of Security for a network protocol is comprised of (at least) these axes..– Identity & Authentication
• “Who are you and who says so?”
– Confidentiality • “Tough petunias to eavesdroppers.”
– Integrity• “Did anyone muck with this data?”
– Authorization• “Yes, you can do that, but no, you can’t do that other thing.”
Basic Security Concepts
• Notions...– The notion of Identity– Of Names and Identifiers
• Authentication Identity• Authorization Identity
– Anonymity
Basic Security Concepts
Overall Namespace
Names Identifiers
Basic Security Concepts
• The applicable “science & technology of implementation”...– Ciphers– Encryption– Integrity
• AKA Cryptography [11]
Basic Security Concepts, cont’d
Basic Security Concepts, cont’d
Basic Security Concepts, cont’d
Security as Applied to Directories
• One needs to separately consider each of the four security axes in the context of anticipated threats.
• Also need to consider security from the perspectives of..– the info stored in the directory, and..– attributes of the requesters.
• E.g. how much you trust them.
• Note that..– data security != access security
Example Deployment Scenarios
Anonymous Requesters? Identified Requesters?
Read/Write?
Read/Write?
1 N N Y RO N None2 N N N N/A Y RO Secure Authentication
3 N Y N/A N/A N/A N/AMutual authentication, Connection Integrity-Protection
4 N N Y RO Y RW Secure Authentication
5 Y Y N/A N/A N/A N/A
Mutual authentication, Connection Integrity- and Confidentiality- Protection
Required Directory-Specific Security Mechanisms or
Functions
Connection Hijacking or IP
Spoofing Threats?sc
enar
ios Contains
Sesitive Data?
Directory Security Threats
DirectoryDatabase
Network
LegitimateDirectory
Service
Client
search “G,C,A”
LDAP
1.
2, 3
, 5, 6.4
, 7.
7.
DirectoryDatabase
ImposterDirectory
Service
A
B C
F
D
E G
H I
Threats, cont’d
DirectoryDatabase
Network
Directory Service Host(s)
8.
9.
10.
LDAP Protocol Security Features
• Formal notions of..– Authentication Identifiers [7], and.. – Authorization Identifiers [7]
• Leverages several security mechanisms..– Simple passwords [2, 8]
– SASL [6]
• Kerberos [2]
• Digest [4]
– SSL/TLS [7]
• effectively is a session layer
• The above may be used in various combinations together.
LDAP Protocol Security Features
• Integral-to-the-protocol data integrity and attribution are works-in-progress.
LDAP
LDAP Security Features Illustrated
DirectoryDatabase
NetworkLegitimateDirectory
Service
Client
search “G,C,A”
A
B C
F
D
E G
H I
Authenticated, plus Confidentiality- and Integrity-protected Channel
LDAP
ImposterDirectory
Service
DirectoryDatabase
Brief Intro to Directories and LDAP
Directory-based Application
IPEthernet, Cable, Wireless,Etc.
TCP
TLS
LDAP
Brief Intro to Directories and LDAP
Directory-based Application
IPEthernet, Cable, Wireless, Etc.
TCP
TLS SASLLDAP
Typical Security Features of Impls
• Security Features typically found in LDAP Implementations• Simple password-based Authentication.• SSL on port 636 (aka “LDAPS”)• At least one impl does StartTLS on port 389.• Access control.• Configurability (e.g. Netscape’s DS Plug-ins).
Typical Impl Security Features, cont’d
• Important Notice:– The LDAP protocol is NOT an authentication protocol in and of itself (
IMHO).– One MAY use LDAP itself as an authentication protocol, but one needs to
carefully consider what functionality it does and doesn’t bring to your deployment when used in this manner.
• Deployment configuration is critical • Many server-side knobs
– e.g. requiring client authentication
Example Directory Service Deployment(s)
Desktop ClientsDesktop ClientsClients
LDAPLDAP-based Directory Service
Authentication Service
Auth DB
Directory DB
Registry DB
Auth DB
Directory DB
Behind the Scenes (simplified)
LDAP
TDS
Middleware Event Broker
Registry
TDSSubject’sDesktop(browser)
Web-based User Interface
for Data Maintenance
HTTP (effectively authenticated writes)
Directory Service
LDAP (Reads)
Network-basedApplicationsNetwork-basedApplicationsNetwork-based
ApplicationsDesktops
(Browsers)
SUNetIDSystem
TDS
Security Case Study
• Case Studies of Application of Security– See..
• Access-Controlled White Pages at Stanford. RL “Bob” Morgan, University of Washington, March 1999.
– http://staff.washington.edu/rlmorgan/talk/dir.ac.nac.1999.03/top.html
– See also Refs [16..18].
Futures
• Integral-to-the-protocol Data Integrity • Implementations of Start TLS protocol operation.• Implementations adhering to the Authentication
Methods for LDAP requirements and recommendations.• Hopefully, implementations (in addition to
Microsoft’s Active Directory) utilizing Kerberos out-of-the-box.
• Schema standardization and stabilization will continue.• you too can participate in IETF process
– I encourage deployers to invest in the process!