Analyze the environment and users to identify specific security needs. The site survey in Chapter 3, Designing the Directory Schema
clarifies some basic decisions about who can read and write the individual pieces of data in the directory. This information forms the basis of the security design.
The way security is implemented also depends on how the directory service is used to support the business. A directory that serves an intranet does not require the same security measures as a directory that supports an extranet or e-commerce applications that are open to the Internet.
If the directory only serves an intranet, consider what level of access is needed for information:
If the directory serves an extranet or supports e-commerce applications over the Internet, there are additional points to consider:
The following sections provide information about analyzing security needs.
9.2.1. Determining Access Rights
The data analysis identifies what information users, groups, partners, customers, and applications need to access the directory service.
Access rights can be granted in one of two ways:
Grant all categories of users as many rights as possible while still protecting sensitive data.
An open method requires accurately determining what data are sensitive or critical to the business.
Grant each category of users the minimum access they require to do their jobs.
A restrictive method requires minutely understanding the information needs of each category of user inside, and possibly outside, of the organization.
Irrespective of the method used to determine access rights, create a simple table that lists the categories of users in the organization and the access rights granted to each. Consider creating a table that lists the sensitive data held in the directory and, for each piece of data, the steps taken to protect it.
9.2.2. Ensuring Data Privacy and Integrity
When using the directory to support exchanges with business partners over an extranet or to support e-commerce applications with customers on the Internet, ensure the privacy and the integrity of the data exchanged.
There are several ways to do this:
9.2.3. Conducting Regular Audits
As an extra security measure, conduct regular audits to verify the efficiency of the overall security policy by examining the log files and the information recorded by the SNMP agents.
For more information about SNMP, see the Red Hat Directory Server Administrator's Guide. For more information about log files and SNMP, see the Red Hat Directory Server Administrator's Guide.
9.2.4. Example Security Needs Analysis
The examples provided in this section illustrate how the imaginary ISP company "example.com" analyzes its security needs.
example.com's business is to offer web hosting and Internet access. Part of example.com's activity is to host the directories of client companies. It also provides Internet access to a number of individual subscribers.
Therefore, example.com has three main categories of information in its directory:
example.com internal information
Information belonging to corporate customers
Information pertaining to individual subscribers
example.com needs the following access controls:
Provide access to the directory administrators of hosted companies (example_a and example_b) to their own directory information.
Implement access control policies for hosted companies' directory information.
Implement a standard access control policy for all individual clients who use example.com for Internet access from their homes.
Deny access to example.com's corporate directory to all outsiders.
Grant read access to example.com's directory of subscribers to the world.