KR101213806B1 - 경량 디렉토리 액세스 프로토콜 트래픽의 보안 - Google Patents

경량 디렉토리 액세스 프로토콜 트래픽의 보안 Download PDF

Info

Publication number
KR101213806B1
KR101213806B1 KR1020050099590A KR20050099590A KR101213806B1 KR 101213806 B1 KR101213806 B1 KR 101213806B1 KR 1020050099590 A KR1020050099590 A KR 1020050099590A KR 20050099590 A KR20050099590 A KR 20050099590A KR 101213806 B1 KR101213806 B1 KR 101213806B1
Authority
KR
South Korea
Prior art keywords
ldap
delete delete
available
policies
policy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
KR1020050099590A
Other languages
English (en)
Korean (ko)
Other versions
KR20060049122A (ko
Inventor
아리엘 카츠
론 몬드리
Original Assignee
마이크로소프트 코포레이션
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US10/975,292 external-priority patent/US20060092948A1/en
Application filed by 마이크로소프트 코포레이션 filed Critical 마이크로소프트 코포레이션
Publication of KR20060049122A publication Critical patent/KR20060049122A/ko
Application granted granted Critical
Publication of KR101213806B1 publication Critical patent/KR101213806B1/ko
Assigned to 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 reassignment 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 권리의 전부이전등록 Assignors: 마이크로소프트 코포레이션
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4523Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using lightweight directory access protocol [LDAP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
KR1020050099590A 2004-10-28 2005-10-21 경량 디렉토리 액세스 프로토콜 트래픽의 보안 Expired - Fee Related KR101213806B1 (ko)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US10/975,292 2004-10-28
US10/975,292 US20060092948A1 (en) 2004-10-28 2004-10-28 Securing lightweight directory access protocol traffic
US10/997,433 US7577132B2 (en) 2004-10-28 2004-11-24 User interface for securing lightweight directory access protocol traffic
US10/997,433 2004-11-24

Publications (2)

Publication Number Publication Date
KR20060049122A KR20060049122A (ko) 2006-05-18
KR101213806B1 true KR101213806B1 (ko) 2012-12-18

Family

ID=35615608

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020050099590A Expired - Fee Related KR101213806B1 (ko) 2004-10-28 2005-10-21 경량 디렉토리 액세스 프로토콜 트래픽의 보안

Country Status (5)

Country Link
US (1) US7577132B2 (https=)
EP (1) EP1653710B1 (https=)
JP (1) JP4880278B2 (https=)
KR (1) KR101213806B1 (https=)
AT (1) ATE519323T1 (https=)

Families Citing this family (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8862866B2 (en) 2003-07-07 2014-10-14 Certicom Corp. Method and apparatus for providing an adaptable security level in an electronic communication
EP2005636B1 (en) * 2006-04-13 2015-10-21 Certicom Corp. Method and apparatus for providing an adaptable security level in an electronic communication
GB0610113D0 (en) * 2006-05-20 2006-06-28 Ibm Method and system for the storage of authentication credentials
CN100495368C (zh) * 2006-09-27 2009-06-03 广达电脑股份有限公司 将主机以及输入输出外设配对的方法
US9124602B2 (en) 2007-01-05 2015-09-01 International Business Machines Corporation Method and apparatus for creating custom access control hierarchies
JP5014847B2 (ja) 2007-03-19 2012-08-29 株式会社リコー 情報処理装置及び情報処理方法
KR100807354B1 (ko) * 2007-07-04 2008-02-28 주식회사 넷츠 통합계정 관리를 위한 실시간 규칙그룹 지원장치
US8230455B2 (en) * 2007-07-11 2012-07-24 International Business Machines Corporation Method and system for enforcing password policy for an external bind operation in a distributed directory
US8156484B2 (en) * 2007-08-22 2012-04-10 International Business Machines Corporation LDAP server performance object creation and use thereof
US8224996B2 (en) * 2008-12-29 2012-07-17 International Business Machines Corporation Directory viewports
US8645401B2 (en) 2009-08-13 2014-02-04 Cox Communications, Inc. Technical electronic discovery action model
US8516138B2 (en) 2010-08-31 2013-08-20 International Business Machines Corporation Multiple authentication support in a shared environment
WO2012044821A2 (en) * 2010-09-30 2012-04-05 Saudi Arabian Oil Company System and method for controlling access to a plant network
WO2012106726A1 (en) 2011-02-04 2012-08-09 Nextplane Method and system for federation of proxy-based and proxy-free communications systems
US9716619B2 (en) 2011-03-31 2017-07-25 NextPlane, Inc. System and method of processing media traffic for a hub-based system federating disparate unified communications systems
US9077726B2 (en) 2011-03-31 2015-07-07 NextPlane, Inc. Hub based clearing house for interoperability of distinct unified communication systems
US9203799B2 (en) 2011-03-31 2015-12-01 NextPlane, Inc. Method and system for advanced alias domain routing
US9407663B1 (en) * 2011-09-28 2016-08-02 Emc Corporation Method and apparatus for man-in-the-middle agent-assisted client filtering
EP2748723A4 (en) * 2011-11-03 2015-07-22 Ericsson Telefon Ab L M PROCESS, DEVICE, AND CENTRAL SERVERS FOR PROVIDING SERVICES FOR AN LDAP CLIENT
US8898796B2 (en) 2012-02-14 2014-11-25 International Business Machines Corporation Managing network data
US9705840B2 (en) 2013-06-03 2017-07-11 NextPlane, Inc. Automation platform for hub-based system federating disparate unified communications systems
US9819636B2 (en) * 2013-06-10 2017-11-14 NextPlane, Inc. User directory system for a hub-based system federating disparate unified communications systems
US9443093B2 (en) * 2013-06-20 2016-09-13 Amazon Technologies, Inc. Policy enforcement delays
US9736159B2 (en) * 2013-11-11 2017-08-15 Amazon Technologies, Inc. Identity pool bridging for managed directory services
US9785669B2 (en) 2014-05-21 2017-10-10 International Business Machines Corporation Revising policy statements using hyperlinks
US10015162B2 (en) * 2015-05-11 2018-07-03 Huawei Technologies Co., Ltd. Firewall authentication of controller-generated internet control message protocol (ICMP) echo requests
US10250596B2 (en) * 2016-06-29 2019-04-02 International Business Machines Corporation Monitoring encrypted communication sessions
US12058015B2 (en) * 2016-10-21 2024-08-06 Forward Networks, Inc. Systems and methods for an interactive network analysis platform
US11310192B1 (en) * 2019-12-20 2022-04-19 Stealthbits Technologies Llc Systems and methods for second protocol communication over LDAP
US12309152B2 (en) * 2023-08-15 2025-05-20 Citibank, N.A. Access control for requests to services

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6154776A (en) 1998-03-20 2000-11-28 Sun Microsystems, Inc. Quality of service allocation on a network
US6665674B1 (en) 2000-02-02 2003-12-16 Nortel Networks Limited Framework for open directory operation extensibility
US6680942B2 (en) 1999-07-02 2004-01-20 Cisco Technology, Inc. Directory services caching for network peer to peer service locator

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7418731B2 (en) 1997-11-06 2008-08-26 Finjan Software, Ltd. Method and system for caching at secure gateways
US6263362B1 (en) * 1998-09-01 2001-07-17 Bigfix, Inc. Inspector for computed relevance messaging
US6567857B1 (en) 1999-07-29 2003-05-20 Sun Microsystems, Inc. Method and apparatus for dynamic proxy insertion in network traffic flow
US6622170B1 (en) * 1999-09-10 2003-09-16 International Business Machines Corporation System and method for DEN/LDAP client database access with a backoff capability
US6950819B1 (en) * 1999-11-22 2005-09-27 Netscape Communication Corporation Simplified LDAP access control language system
EP1113648A3 (en) 1999-12-30 2003-07-09 Nortel Networks Corporation Generic registration of plug-ins for a directory server
US6609121B1 (en) 2000-07-17 2003-08-19 International Business Machines Corporation Lightweight directory access protocol interface to directory assistance systems
US6799197B1 (en) * 2000-08-29 2004-09-28 Networks Associates Technology, Inc. Secure method and system for using a public network or email to administer to software on a plurality of client computers
US7002973B2 (en) * 2000-12-11 2006-02-21 Acme Packet Inc. System and method for assisting in controlling real-time transport protocol flow through multiple networks via use of a cluster of session routers
JP2002207694A (ja) * 2001-01-05 2002-07-26 Nec Corp 情報転送追跡装置、個人情報管理システム、その方法及びプログラムを記録した記録媒体
US20020124057A1 (en) 2001-03-05 2002-09-05 Diego Besprosvan Unified communications system
US6732105B1 (en) 2001-07-27 2004-05-04 Palmone, Inc. Secure authentication proxy architecture for a web-based wireless intranet application
EP1415232B1 (en) 2001-08-08 2015-01-14 Flash Networks Ltd. System and method for accelerating communication of tcp/ip based content
US7035846B2 (en) 2002-09-23 2006-04-25 International Business Machines Corporation Methods, computer programs and apparatus for caching directory queries
US20040167859A1 (en) 2003-02-14 2004-08-26 Richard Mirabella Software license management system configurable for post-use payment business models
US20040215775A1 (en) 2003-04-24 2004-10-28 Bookfactory, Llc, A California Limited Liability Corporation System, method and computer program product for network resource processing
US8880893B2 (en) 2003-09-26 2014-11-04 Ibm International Group B.V. Enterprise information asset protection through insider attack specification, monitoring and mitigation
US20050091343A1 (en) 2003-10-22 2005-04-28 Bookfactory, Llc System, method and computer program product for network resource processing
US7620630B2 (en) 2003-11-12 2009-11-17 Oliver Lloyd Pty Ltd Directory system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6154776A (en) 1998-03-20 2000-11-28 Sun Microsystems, Inc. Quality of service allocation on a network
US6680942B2 (en) 1999-07-02 2004-01-20 Cisco Technology, Inc. Directory services caching for network peer to peer service locator
US6665674B1 (en) 2000-02-02 2003-12-16 Nortel Networks Limited Framework for open directory operation extensibility

Also Published As

Publication number Publication date
JP4880278B2 (ja) 2012-02-22
EP1653710B1 (en) 2011-08-03
ATE519323T1 (de) 2011-08-15
US20060168255A1 (en) 2006-07-27
EP1653710A1 (en) 2006-05-03
KR20060049122A (ko) 2006-05-18
JP2006127504A (ja) 2006-05-18
US7577132B2 (en) 2009-08-18

Similar Documents

Publication Publication Date Title
KR101213806B1 (ko) 경량 디렉토리 액세스 프로토콜 트래픽의 보안
US11397805B2 (en) Lateral movement path detector
TWI336043B (en) Delegated administration of a hosted resource
US5950195A (en) Generalized security policy management system and method
US7320141B2 (en) Method and system for server support for pluggable authorization systems
JP5260634B2 (ja) 段階的認証システム
US8020192B2 (en) Administration of protection of data accessible by a mobile device
US7185361B1 (en) System, method and computer program product for authenticating users using a lightweight directory access protocol (LDAP) directory server
US7478420B2 (en) Administration of protection of data accessible by a mobile device
US7827590B2 (en) Controlling access to a set of resources in a network
US9886590B2 (en) Techniques for enforcing application environment based security policies using role based access control
WO2007016436A2 (en) Segmented network identity management
US20040073668A1 (en) Policy delegation for access control
GB2317539A (en) Firewall for interent access
US20100031317A1 (en) Secure access
Cherry Securing SQL Server: protecting your database from attackers
US20060092948A1 (en) Securing lightweight directory access protocol traffic
US20120324569A1 (en) Rule compilation in a firewall
JP2025526884A (ja) クラウドコンピューティング技術およびクラウド管理プラットフォームに基づくクラウドリソースアクセス制御方法
Santos et al. Privacy–preserving identity federations in the cloud: a proof of concept
CN118056380A (zh) 在计算机网络之内限制横向遍历
Bindiganavale et al. Role based access control in enterprise application-security administration and user management
Smirnov Engineering Lookup
Peiris et al. How to cheat at designing security for a Windows server 2003 network
Slabihoud et al. Forefront TMG 2010 Common Criteria Evaluation

Legal Events

Date Code Title Description
PA0109 Patent application

St.27 status event code: A-0-1-A10-A12-nap-PA0109

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P18-X000 Priority claim added or amended

St.27 status event code: A-2-2-P10-P18-nap-X000

PG1501 Laying open of application

St.27 status event code: A-1-1-Q10-Q12-nap-PG1501

A201 Request for examination
E13-X000 Pre-grant limitation requested

St.27 status event code: A-2-3-E10-E13-lim-X000

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

PA0201 Request for examination

St.27 status event code: A-1-2-D10-D11-exm-PA0201

D13-X000 Search requested

St.27 status event code: A-1-2-D10-D13-srh-X000

D14-X000 Search report completed

St.27 status event code: A-1-2-D10-D14-srh-X000

R17-X000 Change to representative recorded

St.27 status event code: A-3-3-R10-R17-oth-X000

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

St.27 status event code: A-1-2-D10-D21-exm-PE0902

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

St.27 status event code: A-1-2-D10-D22-exm-PE0701

GRNT Written decision to grant
PR0701 Registration of establishment

St.27 status event code: A-2-4-F10-F11-exm-PR0701

PR1002 Payment of registration fee

St.27 status event code: A-2-2-U10-U11-oth-PR1002

Fee payment year number: 1

PG1601 Publication of registration

St.27 status event code: A-4-4-Q10-Q13-nap-PG1601

PN2301 Change of applicant

St.27 status event code: A-5-5-R10-R13-asn-PN2301

St.27 status event code: A-5-5-R10-R11-asn-PN2301

PN2301 Change of applicant

St.27 status event code: A-5-5-R10-R11-asn-PN2301

PN2301 Change of applicant

St.27 status event code: A-5-5-R10-R14-asn-PN2301

FPAY Annual fee payment

Payment date: 20151118

Year of fee payment: 4

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 4

FPAY Annual fee payment

Payment date: 20161123

Year of fee payment: 5

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 5

FPAY Annual fee payment

Payment date: 20171117

Year of fee payment: 6

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 6

R18-X000 Changes to party contact information recorded

St.27 status event code: A-5-5-R10-R18-oth-X000

FPAY Annual fee payment

Payment date: 20181115

Year of fee payment: 7

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 7

P22-X000 Classification modified

St.27 status event code: A-4-4-P10-P22-nap-X000

R17-X000 Change to representative recorded

St.27 status event code: A-5-5-R10-R17-oth-X000

PC1903 Unpaid annual fee

St.27 status event code: A-4-4-U10-U13-oth-PC1903

Not in force date: 20191213

Payment event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

PC1903 Unpaid annual fee

St.27 status event code: N-4-6-H10-H13-oth-PC1903

Ip right cessation event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

Not in force date: 20191213