LDAP Security Feature
LDAP (Lightweight Directory Access Protocol), is a software protocol to allow communications between the LDAP servers and its clients. The LDAP servers is used to store directories which are access by LDAP clients. The reason why it is named as lightweight is because it a smaller and easier protocol derived from X.500 DAP.
An LDAP directory is organized in a simple "tree" hierarchy which consists of the following levels:
- The root directory
- Countries
- Organization
- Organizational units
- Individuals
LDAP Security Features
- Client authentication
- Client authorization
- Data integrity
- Resource limitation
- Server authentication
The 5 points mentioned above are some of the ways to ensure security is in place. Basically, LDAP uses the authentication method as one of its security features. These are the authentication types used by LDAP
- No Authentication
- Basic Authentication
- Simple Authentication and Security Layer (SASL)
When sharing data with public, the use of "No-Authentication" is fine. Basic Authentication can be done through the usage of a distinguished name and password. The data will either be sent in plaintext or encoded using Base64 encoding method. As for SASL, it is a framework used for plugging in alternative security features which includes Kerberos 4, S/Key.
HELLOOOOO!!
ReplyDeleteYour explanation on LDAP is straight-forward and simple. That is good as some readers don't like too wordy posts. However, I think your image does not make any sense. You should explain further about the image. What does "ou=People", "on=John Doe" means? You could have also elaborate on the LDAP security features. Instead of just stating the name. It is good that you explained on the different types of authentication, though.
XOXO, Atiqah :)