摘要
LDAP目录服务在分布式环境中正在得到日益广泛的应用。鉴于这些应用对LDAP服务器的安全都提出了一定程度的要求,文章在介绍LDAP的背景知识和基础理论的基础上,对其可能受到的安全性威胁进行了简单分类,并着重对LDAPv2和v3中实施的认证和授权机制进行了研究并详细阐述了某些机制的实施及应用,另外,LDAP服务器和客户端之间的安全通信对其服务的安全性而言也是至关重要的。
The Lightweight Directory Access Protocol (LDAP) is being used for an increasing number of directory applications in the distributed environment and these applications bring about great challenges to security of LDAP servers. Introduced in this paper is a simple classification of security threats aimed at LDAP based on some background knowledge and structure of the directory, and the foci are the presentation of authentication and authorization mechanisms currently used in LDAP v2 and v3 and an exhaustive presentation of some deployment and application of some mechanisms. In addition, the way of communication between LDAP server and client also affects the service security and is introduced, too.
出处
《微电子学与计算机》
CSCD
北大核心
2005年第6期48-52,56,共6页
Microelectronics & Computer
关键词
安全
认证机制
授权
安全通信
Security, Authentication mechanism, Authorization, Secure communication