Directory SecuritySecurity as Applied to Directories
One needs to separately consider each of the four security axes in the context of anticipated threats.
Also need to consider security from the perspectives of..
- the info stored in the directory, and..
- attributes of the requesters.
- E.g. how much you trust them.
Note that..
- data security != access security
Notes:
“One size fits all” generally isn’t workable..
This is true of directories themselves as well as security policies as applied to directories.
For instance, it is not necessarily the case that an enterprise will have one monolithic directory deployment for everything
Rather, an enterprise will (ought to) have a directory deployment underlying a security infrastructure, and a separate deployment for “whitepages” directory service.
Note that the whitepages service has a dependency on security infrastructure, and thus the other directory deployment.