Computer diagrams

Our approach to protecting sensitive information in directory services is to encrypt that information using user-controlled keys and to provide access to that data using user-controlled delegation. This user-centric approach follows current trends in computer security and privacy, but should not interfere with more traditional approaches to access control. Our approach also maintains usability with existing client applications and source directories. To better understand the overall picture of our solution, it is first important to understand various key components.

However, this approach presents several computer diagrams usability and security problems. First of all, the confidentiality of the data relies entirely on the shared key. If a malicious user were to obtain this key, or if an authorized user were to share it with an unauthorized party, the information could be compromised. Data confidentiality could be provided by using an asymmetric encryption algorithm, such as RSA, but this still does not protect the data from unauthorized access