5. Access control

The purpose of access control is to manage the rights of the various users of a directory. Most often, this is done by means of access control lists. How these lists are managed and implemented depends, of course, on the implementation. For example, lists can be in the form of files, read at server start-up (static configuration), or they can be saved as LDAP entries, specific to the server (dynamic configuration).

The principle is relatively simple.

An access control list is a set of rules that a server must obey to determine whether a given user has the right to access a specific resource.

In the case of an LDAP directory, resources are usually individual attributes, specific entries or even complete sub-trees.

Let's take a look at what we can...

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed? Log in!

Ongoing reading
Access control

Previous
page Authentication

Using LDAP as a security tool

Article included in this offer

"Security of information systems"

( 86 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Bibliography

(1) - SEMERSCHEIM (J.) - Lightweight Directory Access Protocol (LDAP): the protocol - – RFC 4511, juin 2006.
(2) - HARRISON (R.) - LDAP: Authentication methods and security mechanisms - – RFC 4513, juin 2006.
...

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed? Log in!