Title :
Towards Secure Virtual Directories: A Risk Analysis Framework
Author :
Claycomb, William R. ; Shin, Dongwan
Author_Institution :
Sandia Nat. Labs., Albuquerque, NM, USA
Abstract :
Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide directory services in a highly customized manner. Unfortunately, though the use of virtual directory services are widespread, an analysis of risks posed by their unique position and architecture has not been completed. We present a detailed analysis of six attacks to virtual directory services, including steps for detection and prevention. We also describe various categories of attack risks, and discuss what is necessary to launch an attack on virtual directories. Finally, we present a framework to use in analyzing risks to individual enterprise computing virtual directory instances. We show how to apply this framework to an example implementation, and discuss the benefits of doing so.
Keywords :
business data processing; information services; risk analysis; security of data; virtual storage; directory service; enterprise computing; risk analysis; secure virtual directory; Access control; Authentication; Databases; Monitoring; Organizations; Servers; Synchronization; Directory Services; Risk; Security; Virtual Directories;
Conference_Titel :
Computer Software and Applications Conference (COMPSAC), 2010 IEEE 34th Annual
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-7512-4
Electronic_ISBN :
0730-3157
DOI :
10.1109/COMPSAC.2010.10
