Technical Study: Security in Federated Naming
Technical Study: Security in Federated Naming
Copyright © 1997 The Open Group


Technical Study
Security in Federated Naming
X/Open Document Number: E605

©February 1997, The Open Group All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of the copyright owners.

Any comments relating to the material contained in this document may be submitted to The Open Group at:

The Open Group
Apex Plaza
Forbury Road
Berkshire, RG1 1AX
United Kingdom
or by electronic mail to:


The Open Group

The Open Group is an international open systems organization that is leading the way in creating the infrastructure needed for the development of network-centric computing and the information superhighway. Formed in 1996 by the merger of the X/Open Company and the Open Software Foundation, The Open Group is supported by most of the world's largest user organizations, information systems vendors and software suppliers. By combining the strengths of open systems specifications and a proven branding scheme with collaborative technology development and advanced research, The Open Group is well positioned to assist user organizations, vendors and suppliers in the development and implementation of products supporting the adoption and proliferation of open systems.

With more than 300 member companies, The Open Group helps the IT industry to advance technologically while managing the change caused by innovation. It does this by:

The Open Group operates in all phases of the open systems technology lifecycle including innovation, market adoption, product development and proliferation. Presently, it focuses on seven strategic areas: open systems application platform development, architecture, distributed systems management, interoperability, distributed computing environment, security, and the information superhighway. The Open Group is also responsible for the management of the UNIX trade mark on behalf of the industry.

The X/Open Process

This description is used to cover the whole Process developed and evolved by X/Open. It includes the identification of requirements for open systems, development of CAE and Preliminary Specifications through an industry consensus review and adoption procedure (in parallel with formal standards work), and the development of tests and conformance criteria.

This leads to the preparation of a Product Standard which is the name used for the documentation that records the conformance requirements (and other information) to which a vendor may register a product. There are currently two forms of Product Standard, namely the Profile Definition and the Component Definition, although these will eventually be merged into one.

The X/Open brand logo is used by vendors to demonstrate that their products conform to the relevant Product Standard. By use of the X/Open brand they guarantee, through the X/Open Trade Mark Licence Agreement (TMLA), to maintain their products in conformance with the Product Standard so that the product works, will continue to work, and that any problems will be fixed by the vendor.

Open Group Publications

The Open Group publishes a wide range of technical literature, the main part of which is focused on specification development and product documentation, but which also includes Guides, Snapshots, Technical Studies, Branding and Testing documentation, industry surveys and business titles.

There are several types of specification:

In addition, The Open Group publishes:

Versions and Issues of Specifications

As with all live documents, CAE Specifications require revision to align with new developments and associated international standards. To distinguish between revised specifications which are fully backwards compatible and those which are not:


Readers should note that Corrigenda may apply to any publication. Corrigenda information is published on the World-Wide Web at

Ordering Information

Full catalogue and ordering information on all Open Group publications is available on the World-Wide Web at

This Document
This document is a Technical Study (see above). It analyses the Federated Naming specification (see referenced document Federated Naming) in relation to computer security. In particular, it describes the threats associated with naming services in general and relates these to the referenced Federated Naming Application Programming Interface (API).
The document is structured as follows:

Trade Marks

Motif®, OSF/1®, and UNIX® are registered trademarks and the "X Device"TM; and The Open GroupTM; are trademarks of The Open Group.

Referenced Documents

The following documents are referenced in this technical study:


CAE Specification, December 1995, Generic Security Service API (GSS-API) Base (ISBN: 1-85912-131-4, C441).


Guide, December 1994, Distributed Security Framework (ISBN: 1-85912-071-7, G410).

Federated Naming

CAE Specification, July 1995, Federated Naming: The XFN Specification (ISBN: 1-85912-052-0, C403).

Readers may also be interested to refer to:


Schuba and Spafford, "Countering Abuse of Name-Based Authentication", COAST Laboratory, Department of Computer Sciences, Purdue University


IETF, RFC 2065, Domain Name System Security Extensions.


IETF, Internet-Draft, Independent Data Unit Protection Generic Security Application Program Interface.


IETF, Internet-Draft, IP Security Protocol.


IETF, Internet Draft and Netscape Communications Corporation, Secure Socket Layer (SSL).

Readers may refer to the IETF WWW site ( to access further information on these Internet drafts.

Why not acquire a nicely bound hard copy?
Click here to return to the publication details or order a copy of this publication.

Contents Next section Index