"The LDAP Guys."

LDAPCon 2009 Session

Title: Security Label-based Authorization in Directory Services

Presentation Materials

• Submitted Paper
• Slides

Session Description

Security Labels provide an important mechanism for controlling access to information in many high security environments, and are also useful in environments with lower security requirements. This talk (and associated paper) will provide a reasonably detailed description of how security labels and clearances work, both in general and in LDAP/X.500 directory services, while attempting to avoid some of the significant complexity often attributed to the subject. This talk will include an overview of X.500 Rule-based (security label-based) Access Controls as well as Isode's Security Label Access Controls for use in LDAP and X.500.

Bio

Kurt is the Executive Director of the OpenLDAP Foundation and an Advisor to the OpenLDAP Project. He founded both in the summer in 1998. Kurt served as Chief Architect of the OpenLDAP Project from its inception to January 2007.

Kurt is an active participant in the Internet Engineering Task Force (IETF). He is authoring and/or editing numerous Internet-Drafts. A few of his drafts have become RFCs. Kurt is currently co-chairing the Simple Authentication and Security Layer (SASL) and vCard and CardDAV (vcarddav) working groups. Kurt is also a member of the LDAP Directorate and Security Directorate.

Kurt is currently a Development Engineer at Isode Limited developing Internet technology and standards, especially in the Directory, Messaging, and Security areas.

Kurt is a member of the XMPP Standards Foundation.