SAML Interoperability Lab RSA Conference 2004. Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo.

Slides:

Advertisements

Similar presentations

X509-bindings-profiles-sep061 Bindings and Profiles for Attribute-based Authz in the Grid Tom Scavo NCSA.

Advertisements

OASIS SAML 2.0 Interoperability Lab RSA Conference February 2005.

Security Standards (…and Competing Standards … and Implementations … and Interoperability) Marty Humphrey Assistant Professor Computer Science Department.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number Norman F. Brickman, Roger.

Will Darby April  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.

Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.

SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.

Web Service Standards, Security & Management Chris Peiris

E-Authentication: The Need for Open-Standards in Implementing E-Government October 6, 2004 The E-Authentication Initiative.

Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.

Catalyst 2002 SAML InterOp July 15, 2002 Prateek Mishra San Francisco Netegrity.

All Contents © 2007 Burton Group. All rights reserved. Addressing Interoperability Challenges June 12 & 13, 2007 Gerry Gebel VP & Service Director

Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

SAML, XACML & the Terrorism Information Sharing Environment “Interoperable Trust Networks” XML Community of Practice February 16, 2005 Martin Smith Program.

Disaster Management eGov Initiative (DM) Program Overview December 2004.

Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.

Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.

SAML Shibboleth Scott Cantor

Business-to-Business Authors: Authors: Mladenka Jakovljevic, Prof. Dr. Veljko Milutinovic,

E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.

Catalyst 2002 SAML InterOp July 15, 2002 San Francisco.

SAML 2.0: Federation Models, Use-Cases and Standards Roadmap

Integrating Federated Identity and Web services in the RHIO Environment John Richardson Vice-Chair, Liberty Alliance eHealth SIG Intel Corporation Digital.

Saml-v1_x-tech-overview-dec051 Security Assertion Markup Language SAML 1.x Technical Overview Tom Scavo NCSA.

An XML based Security Assertion Markup Language

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

SAML: An XML Framework for Exchanging Authentication and Authorization Information + SPML, XCBF Prateek Mishra August 2002.

PRESENTATION | OBLIX CORPORATE OVERVIEW Oblix Introduction Securely Managing Business in a Connected World.

Shibboleth: An Introduction

Shibboleth Update Eleventh Federal & Higher Education PKI Coordination Meeting (Fed/Ed Thursday, June 16, 2005.

Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee.

What is the Liberty Alliance ? A business alliance, formed in Sept 2001, with the goal of establishing an open standard for federated identity management.

Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.

All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October

Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.

XACML eXtensible Access Control Markup Language XML World September San Francisco, CA Simon Y. Blackwell Chairperson, XACML Technical Committee.

Identity Management in DEISA/PRACE Vincent RIBAILLIER, Federated Identity Workshop, CERN, June 9 th, 2011.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Shibboleth A Technical Overview

Security Assertion Markup Language (SAML) Interoperability Demonstration.

E-Authentication October Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure.

Federated Identity Management

Fidelity Feedback on SAML 1.X and ID-FF 1.X Patrick Harding Enterprise Architecture Fidelity Investments.

WebServices and Service-Oriented Architecture BJA Regional Information Sharing Conference Gerry Coleman Crime Information Bureau

SAML basics A technical introduction to the Security Assertion Markup Language Eve Maler XML Standards Architect XML Technology Center Sun Microsystems,

August 3, 2004WSRP Technical Committee WSRP v2 leveraging WS-Security Discussion 1. WS-* Standards 2. WS-Securtiy Interop&Implementations 3. Customer demands.

Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.

The FederID project The First Identity Management and Federation Free Software.

Access Policy - Federation March 23, 2016

Using Your Own Authentication System with ArcGIS Online

Shibboleth Roadmap

Federation Systems, ADFS, & Shibboleth 2.0

Data and Applications Security Developments and Directions

Your Key to Privacy, Security, and Access to Services

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

Shibboleth 2.0 IdP Training: Introduction

The Future of Campus Single Sign-On

Presentation transcript:

SAML Interoperability Lab RSA Conference 2004

Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo

SAML and the OASIS SSTC SAML: Security Assertion Markup Language —A framework for the exchange of security-related information Developed within OASIS, a non-profit with a standards creation mission — The OASIS Security Services Technical Committee (SSTC) manages the development of SAML Any OASIS member can participate in the SSTC —~35 active SSTC voting members (up from V1.1) —20+ companies and organizations

Brief SAML History SAML is a success because its development was and continues to be driven by real business use cases —Web SSO —Authorization Services —Distributed Transactions Very strong “coopetition” Focus, focus, focus! —Very careful prioritization of work items SAML solutions: —Save $$$ —Create new business opportunities

SAML Timeline SAML 1.0 Completed: May 2002 OASIS Standard: Nov 2002 SAML 1.1 Completed: May 2003 OASIS Standard: Sep 2003 LA 1.1 January 2003 ID-FF 1.2 October 2003 Shibboleth 1H 2003 Formally submitted to the SSTC SAML 2.0 mid-2004 LA: Liberty Alliance ID-FF: Identity Federation Framework

SAML Interop Lab Participants 12 Participants —Computer Associates —DataPower Technology —Entegrity Solutions —Entrust —GSA/Enspier Technologies —Hewlett-Packard GSA Sponsorship —eGov eAuthentication Initiative —Oblix —OpenNetwork —Ping Identity —RSA Security —Sun Microsystems —Trustgenix

SAML Interop Lab Overview 3 Days of Interop Testing Web SSO Interoperability —2 Demos: “eAuthentication” and “generic SAML” —3 Web Sites Portal Identity Provider - where you log in Service Provider - where an application lives —2 SAML Web SSO “Profiles” Browser/Artifact Profile (10 vendors) Browser/POST Profile (8 vendors) Attribute Query for web service authorization (1 scenario) Results in ~100 test cases!

SAML Interop Lab Web SSO Demo Focus on eAuthentication Architecture Demonstrate 3-site exchanges 1.Visit Portal 2.Choose an application site and a user logon site 3.Logon with username/password 4.Web SSO to the chosen application 5.Re-visit portal to choose another application 6.Web SSO to next application without re-authenticating Note the application customization based on user attributes obtained from the logon site

Wrapup Questions? On to the demo!

Browser/Artifact Profile

Browser/POST Profile