The directory may contain many types of information ranging from publicly accessible data, such as e-mail addresses, to very sensitive data like user passwords. Hence the appropriate level of security for the data in the directory must exist.
In particular, the IBM SecureWay Directory provides (explained in the section that follows):
|Authentication||The requester must prove his/her/its identity to the directory. This is supported using the SASL/CRAM-MD5 mechanism and certificates using SASL/SSL.|
|Access Control||The directory server only returns data that the requester is entitled to access. In other words, the requester must have adequate authorization. This is implemented through the use of Access Control Lists (ACLs). ...|