Security - Authentication and Access Control

If the X500 directory service is to really take off many syst administrators all over the world will need to be convinced that the information it contains will not compromise the security of their sites. Obviously certain information which is of legitimate use to some users of the directory could be put to harmful use by other more mallicious people roaming around the directory. The security of the X500 directory was one of the issues which the people designing the original 1988 standard did not get around to solving difinitively so it was not part of that of that standard. However they made some recomendations about security and the 1993 revision specified some standards for security.


To understand this overview of security you should have a basic familiarity with the basic components to the directory - DUA's, DSA's and the like. If you come across any terms which you do not understand you might try other sections of this overview such as

The security of the network can be broken into two relatively distinct areas.

Authentication

Access Control