Result Details
URI-based HBAC in FreeIPA
The goal of my work was designing and implementing access management based on URI of the requested
resource. Host Based Access Control in the identity management tool FreeIPA was used as a basis for
implementation. Furthermore, it was necessary to enhance the related infrastructure, namely the SSSD
tool. The authorization module for Apache HTTP Server was used as an example of the application
using URI-based HBAC. The main solved problem was design of the infrastructure for communication of
the necessary parameters and strategy proposal for evaluating HBAC rules which define the access rights.
The complete solution was demonstrated on the example of securing an instance of the web application
Wordpress.
FreeIPA, URI, SSSD, PAM, LDAP, authorization, access control, Host based access
control
@inproceedings{BUT146272,
  author="Lukáš {Hellebrandt}",
  title="URI-based HBAC in FreeIPA",
  booktitle="SantaCrypt, proceedings",
  year="2016",
  pages="45--46",
  publisher="Trusted Network Solutions, a.s.",
  address="Bílovice nad Svitavou",
  isbn="978-80-904257-8-1"
}