虚拟目录服务的威胁建模

43rd Annual 2009 International Carnahan Conference on Security Technology Pub Date : 2009-11-13 DOI:10.1109/CCST.2009.5335550

W. Claycomb, Dongwan Shin

{"title":"虚拟目录服务的威胁建模","authors":"W. Claycomb, Dongwan Shin","doi":"10.1109/CCST.2009.5335550","DOIUrl":null,"url":null,"abstract":"Directory services are corporate computing objects responsible for providing information about user accounts, computer accounts, contacts, etc. Virtual directories are powerful tools for consolidating this data, modifying it if necessary, and presenting it to the end user in a highly customized manner. While attacks against directory services have been identified, attacks and vulnerabilities of virtual directories remain largely unstudied. In this paper, we present an analysis of four types of attacks on virtual directory services. In doing so, we describe how each is performed, and discuss how to detect and prevent each type of attack. This first step towards protecting virtual directory services is critical to protecting the information contained in the source directories - information which could potentially contain sensitive data and be used for authentication and/or access control decisions.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"239 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Threat modeling for virtual directory services\",\"authors\":\"W. Claycomb, Dongwan Shin\",\"doi\":\"10.1109/CCST.2009.5335550\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Directory services are corporate computing objects responsible for providing information about user accounts, computer accounts, contacts, etc. Virtual directories are powerful tools for consolidating this data, modifying it if necessary, and presenting it to the end user in a highly customized manner. While attacks against directory services have been identified, attacks and vulnerabilities of virtual directories remain largely unstudied. In this paper, we present an analysis of four types of attacks on virtual directory services. In doing so, we describe how each is performed, and discuss how to detect and prevent each type of attack. This first step towards protecting virtual directory services is critical to protecting the information contained in the source directories - information which could potentially contain sensitive data and be used for authentication and/or access control decisions.\",\"PeriodicalId\":117285,\"journal\":{\"name\":\"43rd Annual 2009 International Carnahan Conference on Security Technology\",\"volume\":\"239 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-11-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"43rd Annual 2009 International Carnahan Conference on Security Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2009.5335550\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"43rd Annual 2009 International Carnahan Conference on Security Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2009.5335550","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

目录服务是负责提供有关用户帐户、计算机帐户、联系人等信息的公司计算对象。虚拟目录是整合这些数据的强大工具，可以在必要时对其进行修改，并以高度自定义的方式将其呈现给最终用户。虽然针对目录服务的攻击已经被识别出来，但针对虚拟目录的攻击和漏洞在很大程度上仍未被研究。在本文中，我们对虚拟目录服务的四种类型的攻击进行了分析。在此过程中，我们将描述每种攻击是如何执行的，并讨论如何检测和预防每种类型的攻击。保护虚拟目录服务的第一步对于保护源目录中包含的信息至关重要——这些信息可能包含敏感数据，并用于身份验证和/或访问控制决策。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Threat modeling for virtual directory services

Directory services are corporate computing objects responsible for providing information about user accounts, computer accounts, contacts, etc. Virtual directories are powerful tools for consolidating this data, modifying it if necessary, and presenting it to the end user in a highly customized manner. While attacks against directory services have been identified, attacks and vulnerabilities of virtual directories remain largely unstudied. In this paper, we present an analysis of four types of attacks on virtual directory services. In doing so, we describe how each is performed, and discuss how to detect and prevent each type of attack. This first step towards protecting virtual directory services is critical to protecting the information contained in the source directories - information which could potentially contain sensitive data and be used for authentication and/or access control decisions.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

43rd Annual 2009 International Carnahan Conference on Security Technology

自引率

0.00%

发文量

期刊最新文献

Use of threat image projection (TIP) to enhance security performance Robustness against misuse - a new attribute of technical systems Face Identification based on TV videos Combining hand biometric traits for personal identification Evaluation methodology for analyzing usability factors in biometrics