Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS."— Presentation transcript:

1 CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS

2 CS795/895.NET Passport2 OVERVIEW  Why Single Sign-on? (sso)  How Passport works?  Security threats  Passport Implementation (.NET)  TrustBridge

3 CS795/895.NET Passport3 Single Sign-on  The problem  Too many credentials  Which one for which app.  Multiple logon  Business Impact  Increased risk of compromise  Reduced Productivity  Increased helpdesk expenses

4 CS795/895.NET Passport4 Single sign-on  The problem  Provisioning new accounts  Password management  Auditing user activity  Managing non-user access  Deploying enterprise applications  Impact  No single view of user  Risk of unauthorized access  Delayed access

5 CS795/895.NET Passport5 Passport - Introduction  single-login system that allows users to navigate across Passport-enabled sites without having to maintain a separate login at each site  User Account contains A Unique Identifier (PUID) A User profile Credentials  3 security levels Standard sign-in Secure channel sign-in Strong credential sign-in

6 CS795/895.NET Passport6 Passport: How does it works?  Cookies 1.Ticket cookie 2.Profile cookie 3.Visited site cookie

7 CS795/895.NET Passport7 Problem Areas  Central point of attack  Weak user passwords  Cookies/persistent cookies  Bogus merchant attack  Active attack  DNS Attacks

8 CS795/895.NET Passport8 2. TrustBridge  Microsoft technology to provide AAA (Authentication, Authorization, Accounting)  Designed to achieve cross-organizational resource sharing  Uses windows active directory  Provides resilient defense against security attacks (data mining, Denial Of Service)  Convenient to use  But, do not provide heterogeneous enterprise system support

9 CS795/895.NET Passport9 TrustBridge

10 CS795/895.NET Passport10 Passport Implementation 1.Requirements:- passport SDK, passport manager, IIS, DNS name 2.Register application with.NET service manager 3.Get site ID, Encryption Keys, Certificate 4.Code, test, then deploy passport application 5.Compliance review from Microsoft 6.Launch live web-site

11 CS795/895.NET Passport11 Thank You…

Download ppt "CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS."

Similar presentations

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.

© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.
SINGLE SIGN-ON. Definition - SSO Single sign-on (SSO) is a session/user authentication process that permits a user to enter one name and password in order.

SINGLE SIGN-ON. Definition - SSO Single sign-on (SSO) is a session/user authentication process that permits a user to enter one name and password in order.
Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.
Virtual techdays INDIA │ 18-20 august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –

Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.

PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
An Authorization Service using.NET Passport ™ as underlying Authentication Scheme Bar-Hen Ron Hochberger Daniel Winter 2002 Technion – Israel Institute.

An Authorization Service using.NET Passport ™ as underlying Authentication Scheme Bar-Hen Ron Hochberger Daniel Winter 2002 Technion – Israel Institute.
Microsoft Passport www.passport.com Waldemar Swiercz.

Microsoft Passport Waldemar Swiercz.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.
Identity and Access Management

Identity and Access Management
Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.
Authentication via campus single sign-on 2012 VIVO Implementation Fest.

Authentication via campus single sign-on 2012 VIVO Implementation Fest.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
Single Sign-on Integration (SSI) MSIT 458 – Information Security Project Part 2 Prepared for Professor Yan Chen Prepared by Team Triad Radu Bulgaru Moniza.

Single Sign-on Integration (SSI) MSIT 458 – Information Security Project Part 2 Prepared for Professor Yan Chen Prepared by Team Triad Radu Bulgaru Moniza.
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.

Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Similar presentations

Ads by Google