Publication
Security Meets LDAP Multi-Master Replication
Thomas Bauereiß; Dieter Hutter; Stefan Gohmann; Alexander Kläser
In: ANTONIO MUÑOZ; ERNESTO DAMIANI (Hrsg.). Third ASE International Conference on Cyber Security . International Workshop on Cloud Security (IWOCS-2014), located at Third ASE International Conference on Cyber Security , May 27-31, Stanford, CA, USA, ASE Open Scientific Digital Library, 6/2014.
Abstract
With the easy availability of cloud computing many companies started to distribute their computational needs in mixed-cloud
infrastructures just to realize the security risks involved in the light of recent disclosures. To maintain an identity
management and to ease the administration of IT infrastructure, LDAP directory services are widely used to store and manage
information about the assets of organizations.
However, distributing an LDAP directory including sensitive information to partially trusted cloud servers constitute a
major security risk. In this paper, we present an LDAP replication mechanism that allows for a fine-grained selection
of parts of an LDAP directory tree to be replicated to other servers using content-based filters, while maintaining
the availability and performance advantages of a full multi-master replication.