Presentation is loading. Please wait.

Presentation is loading. Please wait.

Will Darby 91.514 5 April 2010.  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Will Darby 91.514 5 April 2010.  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative."— Presentation transcript:

1 Will Darby 91.514 5 April 2010

2  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative Solutions for the Internet

3

4

5

6

7

8

9

10

11  Web service diagram

12

13  Authorize users across all grids nodes  Minimal changes to existing security  Registry to map credentials to authority  Assertions passed among servers  Image from paper

14

15

16

17

18

19  XML Signature  XML Encryption  WS-Security  WS-Trust

20

21

22

23

24  R.L. Morgan, S. Cantor, S. Carmody, W. Hoehn and K. Klingenstein. “Federated Security: The Shibboleth Approach.” EDUCAUSE Quarterly, Volume 27, Number 4, 2004. Pages 12-17. Available at: http://net.educause.edu/ir/library/pdf/EQM0442.pdf.  K.D. Lewis and J.E. Lewis. “Web Single Sign-On Authentication using SAML.” International Journal of Computer Science Issues. Volume 2, 2009. Pages 41-48. Available at: http://www.ijcsi.org/papers/2-41-48.pdf.http://www.ijcsi.org/papers/2-41-48.pdf  “Security Assertion Markup Language (SAML) V2.0 Technical Overview.” OASIS Security Services Technical Committee. March, 2008. Available at: http://www.oasis- open.org/committees/download.php/27819/sstc-saml-tech- overview-2.0-cd-02.pdf.http://www.oasis- open.org/committees/download.php/27819/sstc-saml-tech- overview-2.0-cd-02.pdf

25  H. Gomi, M.Hatakeyama, S.Hosono and S. Fujita. “A Delegation Framework for Federated Identity Management.” Proceedings of the 2005 workshop on Digital identity management. Pages 94-103.  F. Pinto and C. Fernau. “An Approach for Shibboleth and Grid Integration.” Proceedings of the UK e-Science All Hands Conference, 2005. Available at: http://www.allhands.org.uk/2005/proceedings/papers/531. pdf. http://www.allhands.org.uk/2005/proceedings/papers/531. pdf  D. Recordon and D. Reed. “OpenID 2.0: A Platform for User- Centric Identity Management.” Proceedings of the second ACM workshop on Digital Identity Management, 2006. Pages 11-16.  E. Hammer-Lahav. “The OAuth 1.0 Protocol.” IETF Internet Draft. February, 2010. Available at: http://tools.ietf.org/html/draft-hammer-oauth-10. http://tools.ietf.org/html/draft-hammer-oauth-10

26

Download ppt "Will Darby 91.514 5 April 2010.  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative."

Similar presentations

UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
Contrail and Federated Identity Management

Contrail and Federated Identity Management
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Will Darby 91.514 5 April 2010.  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.

Will Darby April  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,

Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.
Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.

Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.
Www.eduserv.org.uk/openathens Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.

Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.
IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.

IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 STRIDE towards 2-factor Web SSO Rich Graves October 2014 GIAC GSE, GCIA, GCIH, GPEN,

1 SANS Technology Institute - Candidate for Master of Science Degree 1 STRIDE towards 2-factor Web SSO Rich Graves October 2014 GIAC GSE, GCIA, GCIH, GPEN,
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.
Web Service Standards, Security & Management Chris Peiris www.ChrisPeiris.com.

Web Service Standards, Security & Management Chris Peiris

Similar presentations

Ads by Google