Thursday, November 15, 2007

 

ECM: How LDAP Syncronization creates additional security holes...

Awhile back, Bex Huff wrote the most brilliant posting that stated ECM systems should store content, not users while Laurence Hart talks about LDAP syncronization. Through the lens of of a security architect, I think an important consideration hasn't yet been discussed...



Sumanth Molakala and others talk about syncronizing users against an LDAP store but this seems to also leave security exposures that may be important within an enterprise setting.

In the scenario that Craig Randall departs his current employer for introducing suboptimal architecture into the product, the LDAP syncronization "feels" like it can work. The conversation that hasn't yet occured is what happens if Craig Randall moves to a different role within the organization where he shouldn't have access to Documentum any longer?

Let's say that the LDAP directory has a multi-valued attribute that contains an enumeration of all of the document types I am authorized to see. If one of the attributes is medical records and another is billing information but do to the constant corporate reorganization mindset, I am no longer authorized to see medical records.

It would be expected that Jeff Bohren, Nishant Kaushik, Jackson Shaw, Pat Patterson and the tools they represent would simply remove one of the attributes and that it should trickle down yet none of the ECM bloggers are talking about how this would actually work. Any thoughts?






<< Home
| | View blog reactions


This page is powered by Blogger. Isn't yours?