Architecture Competency Group

Slides:



Advertisements
Similar presentations
Mobile Agents Mouse House Creative Technologies Mike OBrien.
Advertisements

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Lecture 23 Internet Authentication Applications
LDAP Lightweight Directory Access Protocol LDAP.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
28.2 Functionality Application Software Provides Applications supply the high-level services that user access, and determine how users perceive the capabilities.
Slide 1 Client / Server Paradigm. Slide 2 Outline: Client / Server Paradigm Client / Server Model of Interaction Server Design Issues C/ S Points of Interaction.
How Clients and Servers Work Together. Objectives Web Server Protocols Examine how server and client software work Use FTP to transfer files Initiate.
Application Layer Pertemuan 25 Matakuliah: H0484/Jaringan Komputer Tahun: 2007.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Introduction to the Application.
Introduction to Web Database Processing
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
Systems Architecture, Fourth Edition1 Internet and Distributed Application Services Chapter 13.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
POP3 Post Office Protocol v.3. Intro The Post Office Protocol (POP) is currently the most popular TCP/IP access and retrieval protocol. It implements.
What Is TCP/IP? The large collection of networking protocols and services called TCP/IP denotes far more than the combination of the two key protocols.
LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.
Application Layer. Applications A program or group of programs designed for end users. A program or group of programs designed for end users. Software.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Electronic Mail (SMTP, POP, IMAP, MIME)
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Chapter 10: Authentication Guide to Computer Network Security.
DEMIGUISE STORAGE An Anonymous File Storage System VIJAY KUMAR RAVI PRAGATHI SEGIREDDY COMP 512.
1 Chapter Client-Server Interaction. 2 Functionality  Transport layer and layers below  Basic communication  Reliability  Application layer.
LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL Presented by Chaithra H.T.
XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
Unit 1: Protection and Security for Grid Computing Part 2
INTRODUCTION What is a Web-Enabled Database? Problem and its Importance Two-tier Architecture Three-tier Architecture Need for a compatible centralized.
Unit – I CLIENT / SERVER ARCHITECTURE. Unit Structure  Evolution of Client/Server Architecture  Client/Server Model  Characteristics of Client/Server.
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
10/25/20151 Single Sign-On Web Service Supervisors: Viktor Kulikov Alexander Sherman Liana Lipstov Pavel Bilenko.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
1 CS 502: Computing Methods for Digital Libraries Lecture 19 Interoperability Z39.50.
TCP/IP (Transmission Control Protocol / Internet Protocol)
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.
Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:
1 Directory Services  What is a Directory Service?  Directory Services model  Directory Services naming model  X.500 and LDAP  Implementations of.
Understand User Authentication LESSON 2.1A Security Fundamentals.
1 Chapter 1 INTRODUCTION TO WEB. 2 Objectives In this chapter, you will: Become familiar with the architecture of the World Wide Web Learn about communication.
The Secure Sockets Layer (SSL) Protocol
Tiny http client and server
e-Health Platform End 2 End encryption
Server Concepts Dr. Charles W. Kann.
LDAP
Enterprise Application Architecture
Client-Server Interaction
Chapter 3: Windows7 Part 4.
Net 431 D: ADVANCED COMPUTER NETWORKS
File Transfer Protocol
Packet Switching To improve the efficiency of transferring information over a shared communication line, messages are divided into fixed-sized, numbered.
The Internet and HTTP and DNS Examples
Chat Refs: RFC 1459 (IRC).
Unit 11- Computer Networks
Lecture 2: Overview of TCP/IP protocol
Lecture 3: Secure Network Architecture
HyperText Transfer Protocol
Allocating IP Addressing by Using Dynamic Host Configuration Protocol
Windows API: Network Policy Server Extensions
Chapter 8.5 AUTHENTICATION AND KEY DISTRIBUTION
Designing IIS Security (IIS – Internet Information Service)
Information Retrieval and Web Design
LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL
NCHELP Update Common Record for FFELP & Alternative Loans Meteor
Exceptions and networking
Presentation transcript:

Architecture Competency Group LDAP Architecture Competency Group Architecture Competency Group

Architecture Competency Group Overview What Is LDAP? What Can LDAP Do for You? How Does LDAP Work? The LDAP Models Architecture Competency Group

Architecture Competency Group What Is LDAP? LDAP (Lightweight Directory Access Protocol) is an Internet standard protocol used by applications to access information in a directory LDAP is a standard, extensible directory access protocol—a common language that LDAP clients and servers use to communicate with each other. LDAP is a "lightweight" protocol, which means that it is efficient, straight- forward, and easy to implement, while still being highly functional. LDAP uses a simplified encoding methods and runs directly on top of TCP/IP. Architecture Competency Group

Architecture Competency Group What Is LDAP? There have been two major revisions of the LDAP protocol. The first widely available version was LDAP version 2. As of now LDAP version 3 is a Proposed Internet Standard, because it is so new, not all vendors completely support LDAPv3 yet. Architecture Competency Group

Architecture Competency Group What Can LDAP Do for You? If you are a system administrator, then LDAP Makes it possible for you to centrally manage users, groups, devices, and other data. Helps you do away with managing of separate application-specific directories. If you are a IT decision maker, then LDAP Allows you to avoid tying yourself exclusively to a single vendor and/or operating system platform. Helps you decrease the total cost of ownership by reducing the number of distinct directories your staff needs to manage. If you are a software developer, then LDAP Allows you to avoid tying your software exclusively to a single vendor and/or operating system platform. Helps you save development time by avoiding the need to construct your own user and group management database. Architecture Competency Group

Architecture Competency Group How Does LDAP Work? A client/server protocol is a protocol model in which a client program running on one computer constructs a request and sends it over the network to a computer running a server program. The server program receives the request, takes some action, and returns a result to the client program. The LDAP protocol is a message-oriented protocol. The client constructs an LDAP message containing a request and sends it to the server. The server processes the request and sends the result or results back to the client as a series of LDAP messages. For example, when an LDAP client searches the directory for a specific entry, it constructs an LDAP search request message and sends it to the server. The server retrieves the entry from its database and sends it to the client in an LDAP message. It also returns a result code to the client in a separate LDAP message. This interaction is shown Architecture Competency Group

Architecture Competency Group How Does LDAP Work? A client retrieves a single entry from the directory. Architecture Competency Group

Architecture Competency Group How Does LDAP Work? If the client searches the directory and multiple matching entries are found, the entries are sent to the client in a series of LDAP messages, one for each entry. The results are terminated with a result message, which contains an overall result for the search operation, as shown in A client searches the directory, and multiple entries are returned. Architecture Competency Group

Architecture Competency Group How Does LDAP Work? The LDAP protocol is message-based, it also allows the client to issue multiple requests at once. Suppose, for example, a client might issue two search requests simultaneously. In LDAP, the client would generate a unique message ID for each request; returned results for specific request would be tagged with its message ID, allowing the client to sort out multiple responses to different requests arriving out of order or at the same time. In below diagram, the client has issued two search requests simultaneously. The server processes both operations and returns the results to the client. A client issues multiple LDAP search requests simultaneously. Architecture Competency Group

Architecture Competency Group How Does LDAP Work? Notice that in the diagram the server sends the final result code of message ID 2 to the client before it sends the final result code from message ID 1. This is perfectly acceptable and happens quite frequently. These details are typically hidden from the programmer by an LDAP SDK. Programmers writing an LDAP application don't need to be concerned with sorting out these results; the SDKs take care of this automatically. Architecture Competency Group

The LDAP Protocol Operations LDAP has nine basic protocol operations, which can be divided into three categories: Interrogation operations: search , compare. These two operations allow you to ask questions of the directory. Update operations: add, delete, modify. These operations allow you to update information in the directory. Authentication and control operations: bind, unbind, abandon. The bind operation allows a client to identify itself to the directory by providing an identity and authentication credentials; the unbind operation allows the client to terminate a session; and the abandon operation allows a client to indicate that it is no longer interested in the results of an operation it had previously submitted. Architecture Competency Group

The LDAP Protocol Operations A typical complete LDAP client/server exchange might proceed as depicted in A typical LDAP exchange. Architecture Competency Group

The LDAP Protocol Operations An LDAP client and server perform the following steps: Step 1: The client opens a TCP connection to an LDAP server and submits a bind operation. This bind operation includes the name of the directory entry the client wants to authenticate as, along with the credentials to be used when authenticating. Credentials are often simple passwords, but they might also be digital certificates used to authenticate the client. Step 2: After the directory has verified the bind credentials, it returns a success result to the client. Step 3: The client issues a search request. Steps 4 and 5: The server processes this request, which results in two matching entries. Step 6: The server sends a result message. Step 7: The client then issues an unbind request, which indicates to the server that the client wants to disconnect. Step 8: The server obliges by closing the connection. Architecture Competency Group

Architecture Competency Group The LDAP Models The LDAP standards also define four models that guide you in your use of the directory. These models promote interoperability between directory installations while still allowing you the flexibility to tailor the directory to your specific needs. The models borrow concepts from X.500.The four LDAP models are as follows: The LDAP information model, which defines the kind of data you can put into the directory. The LDAP naming model, which defines how you organize and refer to your directory data. The LDAP functional model, which defines how you access and update the information in your directory. The LDAP security model, which defines how information in the directory can be protected from unauthorized access. Architecture Competency Group

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.