To preserve security and privacy, applications should only be permitted to perform the bare minimum set of operations that they need, and they should only be permitted to access a minimal set of information in the entries that they are allowed to access.
It is also critical to severely restrict what unauthorized users are allowed to do. The PingDirectory server provides several mechanisms to help with this:
- It has a fine-grained access control subsystem that are used to indicate which requests are allowed and which data can be retrieved from the server.
- It has a privilege subsystem that can be used to require additional authorization when processing certain types of operations or to grant additional capabilities to some users.
- Client connection policies can be used to impose limits on the types of operations that clients are allowed to request, even restricting what is possible for root users and topology administrators.
- Sensitive attributes can also impose strong restrictions on access to certain attribute types and can also impose restrictions on root users and topology administrators.