FreeIPA Domain Environment Security Improvement

This master's thesis examines the issue of increasing the security level of the FreeIPA domain environment. This solution is increasingly being used in the organization of domain environments due to the sanctions pressure of foreign states and the desire of the Russian Federation for digital sovereignty. The study investigates the core characteristics of FreeIPA, conducts a comparative analysis with other access management, identification, and authentication systems, and examines the spectrum of vulnerabilities in FreeIPA, while also developing recommendations for system security. The practical significance of this work lies in bolstering the security of network infrastructure operating on the basis of FreeIPA technology with open source code, thereby contributing to the development of the domestic market for information technologies and scientific research in this field. Throughout the study, the following tasks have been addressed: analysis of the fundamental characteristics of the FreeIPA domain environment; compilation of a unified list of vulnerabilities in the FreeIPA domain environment based on the analysis of the MITRE CVE database and the Russian FSTEC database; development of a comprehensive security methodology for FreeIPA; implementation of a test scenario simulating real-world FreeIPA operational conditions. The work contains 63 pages, 24 figures, 3 tables, 18 sources and 2 appendices.