首页    期刊浏览 2024年11月25日 星期一
登录注册

文章基本信息

  • 标题:A User Controlled Approach for Securing Sensitive Information in Directory Services
  • 本地全文:下载
  • 作者:W. Claycomb, D. Shin
  • 期刊名称:Journal of Universal Computer Science
  • 印刷版ISSN:0948-6968
  • 出版年度:2009
  • 卷号:15
  • 期号:15
  • 出版社:Graz University of Technology and Know-Center
  • 摘要:Enterprise directory services are commonly used in enterprise systems to store object information relating to employees, computers, contacts, etc. These stores can act as information providers or sources for authentication and access control decisions, and could potentially contain sensitive information. An insider attack, particularly if carried out using administrative privileges, could compromise large amounts of directory information. We present two solutions for protecting directory services information from insider attacks. The first is a centralized approach utilizing a customized virtual directory server. The second is a distributed approach using existing key management infrastructure and a new component called a Personal Virtual Directory Service. We explain how these solutions interact with existing directory services and client applications. We also show how impact to existing users, client applications, and directory services are minimized, and how we prevent insider attacks from revealing protected data. We compare and contrast both solutions, including potential tradeoffs, administrative overhead, and enterprise systems impact. Additionally, our solution is supported by implementation results showing the impact to client performance and directory storage capacity.
  • 关键词:directory, security and protection
国家哲学社会科学文献中心版权所有