@SystemGroup: LDAP Proxy AuthZ avoids Superpowered Middle-Tiers

Titolo Paper:

LDAP Proxy AuthZ avoids Superpowered Middle-Tiers

Autore:

Marco Ferrante;

Categoria:

*Professional*

Slides:

Scarica le slide dell'intervento

Abstract intervento:

LDAP directories offer a fine-grain authorization framework, but these capabilities are often ignored by poorly written applications which require accounts with very high privileges to manage LDAP data. Proxied Authorization is a LDAP security mechanism which helps to develop less critical client applications. Unfortunately, developers of client applications seem to ignore this opportunity. The article will discuss general aspects of LDAP Proxied Authorization comparing available implementations, will show, using a fictional scenario, how to use it with common tools and how to write custom applications. Finally, it will present benefits, some potential problems and possible solutions.

Interventi correlati:

Amministrazione non disconoscibile e secure logging come strumento fondante delle attivita' di auditing
Metasploit Framework: tecniche di IDS & IPS evasion
Tecnologie avanzate per la Sicurezza di rete
Architettura collaborativa per la rilevazione e l'analisi di malware
Video Streaming Authentication over Lossy Channels