Enterprise Directory and Security Implementation Guide

Designing and Implementing Directories in Your Organization


  • Charles Carrington
  • Tim Speed, Lotus Consulting, Dallas, Texas, U.S.A.
  • Juanita Ellis, Consultant, Los Angeles, CA, USA
  • Steffano Korper, Going Beyond E-Commerce Technologies, Los Angeles, California, U.S.A.

The Internet is connecting enterprises into a global economy. Companies are exposing their directories, or a part of their directories, to customers, business partners, the Internet as a whole, and to potential "hackers." If the directory structure is compromised, then the whole enterprise can be at risk. Security of this information is of utmost importance.This book provides examples and implementation guidelines on building secure and structured enterprise directories. The authors have worked with corporations around the world to help them design and manage enterprise directories that operate efficiently and guard against outside intrusion. These experts provide the reader with "best practices" on directory architecture, implementation, and enterprise security strategies.
View full description


IT managers, CIOs, and computer security professionals.


Book information

  • Published: August 2002
  • ISBN: 978-0-12-160452-3

Table of Contents

Foreword Acknowledgments Company Copyright Notices and Statements Chapter 1—Introduction 1.1 Directories 1.2 X.500 and LDAP Chapter 2—Directories, Security, and Tigers—Oh, My! 2.1 Directory Types 2.2 Directory Uses 2.3 Directory SecurityChapter 3—Directory Architecture 3.1 Architecture Defined 3.2 Critical Elements 3.3 Implementations—Products and Vendors 3.4 DAP and LDAP References Chapter 4—More on LDAP 4.1 Referrals 4.2 Authentication and Authorization 4.3 X.500 4.4 X.509 4.5 LDIF Chapter 5—Directories Within the Enterprise 5.1 Historical Perspective 5.2 Directories and Privacy 5.3 Directories and NOS/OS 5.4 Directories and Messaging Chapter 6—Implementation Considerationsfor the Enterprise Directory 6.1 Directory Content, Design, DIT, and Attributes 6.2 Authoritative Sources of the Directory Information 6.3 Uniqueness Criteria 6.4 Directory Aggregation Chapter 7—Enterprise Security 7.1 Bolt-on Security 7.2 Process Security 7.3 Competitive Asset7.4 Physical Security Policy 7.5 Network Security Policy 7.6 Acceptable Use Policy Chapter 8—The Security Strategy 8.1 The Security Committee 8.2 The Corporate Security Policy Document Chapter 9—PKCS, PKIX, and LDAP 9.1 The Public-Private Key 9.2 The CRL 9.3 The LDAP9.4 Public-Key Cryptography Standards 9.5 Cylink 9.6 Certification Practice Statement Chapter 10—Enterprise Security Scenarios 10.1 Filtered Directory 10.2 The 100 Percent LDAP Solution Chapter 11—Enterprise Securityand Security Deployment Planning 11.1 Security Planning 11.2 Security Hardware and Software Reference Guide Glossary Index