LDAP/AD

• Authentication = knowing who is requesting access to something they need
• Authorization = checking if that person should have access to the thing they’re asking for
• Lightweight Directory Access Protocol (LDAP) or Access Directory (AD) centralizes security by having everyone need only one “key” for every room (one set of username-password credentials)
  • Authentication is improved, but authorization is not
  • The communication between the device and the server is not guaranteed to be secure
  • You still need to check credentials at each room repeatedly