X.500
What is X.500?
It is a standard created by ISO/ITU defining information model and protocols for a directory service that is independent of computer application and network platform.
It was produce in the year 1988 and updated in 1993 and 1997, defines a specification for a rich, distributed directory based on hierarchically named information objects (directory entries) that users can browse and search.
The X.500 protocol architecture consists of a Client-Server communicating via the Open Systems Interconnection (OSI) networking model. The Client is called the Directory Service Agent (DUA) and the Server is called the Directory System Agent (DSA).
Security Features
- Access Control
- Strong Authentication
Based on X.509 public key infrastructure (PKI) using Isode's strong authentication infrastructure is provided for all X.500 protocols (DAP, DSP, and DISP). This provides additional integrity and audit security for individual operations and allows chained updates to be authenticated using a digital signature from the originating directory client.
Signed operations are also used for the X.500 DISP replication protocol, providing the same per operation security as for DAP and DSP.
A certification authority issues a certificate binding a public key to a particular distinguished name in the .500 tradition, or to an alternative name such as a DNS-entry.
http://www.isode.com/products/m-vault-directory.html
No comments:
Post a Comment