Solaris™ and LDAP Naming Services: Deploying LDAP in the Enterprise > Security Models

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

This Book

Solaris™ and LDAP Naming Services: Deploying LDAP in the Enterprise

Search

Table of Contents

Ch. 1. Solaris Naming Services Overview

Ch. 2. Solaris Naming Services Architecture

Ch. 3. Security Models

Authentication versus Authorization

Traditional Solaris Authentication

Alternative Authentication Mechanisms

Security Infrastructure

Ch. 4. iPlanet Directory Server Installation and Configuration

Ch. 5. Solaris 8 Native LDAP Configuration

Ch. 6. NIS Extensions Configuration

Ch. 7. Capacity Planning and Performance Tuning

Ch. 8. Deploying Highly Available LDAP Data Services

Ch. 9. Preventive Maintenance

Ch. 10. Managing Directory Services

Ch. 11. Directory Services Consolidation

Ch. 12. Microsoft Windows Interoperability

Appx. A. Using Netscape Communicator as an LDAP Client

Appx. B. LDAP Standards Information

Appx. C. Additional Information

Appx. D. LDAP v3 Result Codes

Appx. E. Schema Information

Glossary

Chapter 3. Security Models

Computer resources can be protected by a variety of security methods. Some, methods, like firewalls, are designed to keep unwanted users out, and others are designed to verify the identity of anyone attempting to access a resource. The act of identity verification is commonly called authentication. The methods used to authenticate users vary, depending on the security model that you choose to implement.

Directories play an important role in the authentication process. The information, such as user credentials, required by an authentication service is usually stored in a directory. The directory service itself provides an authentication service that identifies users who attempt to access directory data. LDAP-enabled applications can take advantage of this authentication service to verify the identity of its clients by using the client's credentials to attempt directory service access.

This chapter begins by looking at traditional Solaris authentication and security models and at the role directories play. Since there is not a one size fits all authentication scheme, we discuss alternative authentication mechanisms including the Solaris and iPlanet Directory Server infrastructure designed to cope with multiple authentication methods.

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial