Abstract
This paper analyses the security threats that can arise against an Active Directory server when it is included in a Web application. The approach is based on the STRIDE classification methodology. The paper also provides outline descriptions of countermeasures that can be deployed to protect against the different threats and vulnerabilities identified here.
Chapter PDF
Similar content being viewed by others
7. References
M. Wahl, T. Howes, and S. Kille. Lightweight Directory Access Protocol (v3), RFC 2251, December 1997
Wahl, M., Coulbeck, A., Howes, T., Kille, S. “Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions”, RFC 2252. December 1997.
Kille, S et.al. “Using Domains in LDAP/X.500 Distinguished Names”, RFC 2247, Jan 1998
E. Bertino, D. Bruschi, S. Franzoni, I. Nai-Fovino, and S. Valtolina. Threat modelling for SQL Servers. Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS 2004), September 2004, UK, pp 189–201
R. Grimm and H. Eichstädt. Threat modelling for ASP.NET — Designing Secure Applications. Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS 2004), September 2004, UK, pp 175–187
D. De Cock, K. Wouters, D. Schellekens, D. Singelee, and B. Preneel. Threat modelling for security tokens in web applications. Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS 2004), September 2004, UK, pp 213–223
L. Desmet, B. Jacobs, F. Piessens, and W. Joosen. Threat modelling for web services based web applications. Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS 2004), September 2004, UK, pp 161–174
MSDN Library-Improving web application security: Threats and Countermeasures http://msdn.microsoft.com/library/default.asp?url/library/en-us/dnnetsec/html/ThreatCounter.asp, 2003
L. Desmet, B. Jacobs, F. Piessens, and W. Joosen. A generic architecture for web applications to support threat analysis of infrastructural components, Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS 2004), September 2004, UK, pp 155–160
Wahl, M., Alverstrand, H., Hodges, J., Morgan, R. “Authentication Methods for LDAP”, RFC 2829, May 2000
MSDN Library-Creating More Efficient Microsoft Active Directory-Enabled Applications. http://msdn.microsoft.com/library/en-us/dnactdir/html/efficientadapps.asp?frame=true
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this paper
Cite this paper
Chadwick, D. (2005). Threat Modelling for Active Directory. In: Chadwick, D., Preneel, B. (eds) Communications and Multimedia Security. IFIP — The International Federation for Information Processing, vol 175. Springer, Boston, MA. https://doi.org/10.1007/0-387-24486-7_13
Download citation
DOI: https://doi.org/10.1007/0-387-24486-7_13
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-24485-3
Online ISBN: 978-0-387-24486-0
eBook Packages: Computer ScienceComputer Science (R0)