Portal de Periódicos da CAPES

A Unified User Management System

2012; Taylor & Francis; Volume: 21; Issue: 5 Linguagem: Inglês

10.1080/19393555.2012.694981

1939-3555

George Mamalakis, Chariton Karamitas,

Wireless Networks and Protocols

ABSTRACT As open source software has gained in popularity throughout the last decades, free operating systems (OSs) such as Linux (Torvalds) and BSD derivatives (i.e., FreeBSD, 2012; NetBSD, 2012 NetBSD Foundation. (2012). The NetBSD project. Available from http://netbsd.org (http://netbsd.org) [Google Scholar]; OpenBSD, 2012 OpenBSD. (2012). OpenBSD. OpenBSD. Available from http://netbsd.org (http://netbsd.org) [Google Scholar]) have become more common, not only on datacenters but also on desktop and laptop computers. It is not rare to find computer labs or company offices composed of personal computers that boot more than one operating system. By being able to choose among available OSs, a company's or organization's information technology manager has the freedom to select the right OS for the company's needs, and the decision can be based on technical or financial criteria. This freedom of choice, however, comes with a cost. The administrative complexity of heterogeneous networks is much higher compared to single OS networks, and if the network is large enough so that protocols such as LDAP (Zeilenga, 2006 Zeilenga, K. 2006. Lightweight directory access protocol (LDAP): Technical specification road map et. alTech. rep., RFC 4510, June [Google Scholar]) or Kerberos (Kohl & Neuman, 1993 Kohl, J. and Neuman, C. 1993. The Kerberos network authentication service (v5) Tech. rep., RFC 1510, September[Crossref] , [Google Scholar]) need to be adopted, then the administration burden may become unbearable. Even though some tools exist that make user management of heterogeneous networks more feasible (Tournier, 2006 Tournier, J. (2006). smbldap-tools – summary [Gna!]. In Welcome to Gna! http://gna.org/projects/smbldap-tools (http://gna.org/projects/smbldap-tools) [Google Scholar]; Chu & Symas Corp., 2005 Chu, H. and Symas Corp. (2005) http://www.openldap.org/devel/cvsweb.cgi/~checkout~/contrib/slapd-modules/smbk5pwd/README (http://www.openldap.org/devel/cvsweb.cgi/~checkout~/contrib/slapd-modules/smbk5pwd/README) [Google Scholar]), it is not uncommon to use more than one back end for storing user credentials due to OS incompatibilities. In such configurations, the hardest problem to address is credential and account expiration synchronization among the different back ends. This paper demonstrates a platform that tries to mitigate the problem of synchronization by adding an additional, modular, easy to expand layer which is responsible for synchronizing any number of underlying back ends in a secure fashion.