SAML in Authorization Policies draft-guenther-geopriv-saml-policy-00.

Slides:

Advertisements

Similar presentations

802.1AF - directions define requirements to find and create connections in terms of Discovery - Authentication - Enable 1.Discover of what can be done.

Advertisements

SAML CCOW Work Item: Task 2

1 Authorization XACML – a language for expressing policies and rules.

Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.

1 CPCP Hisham Khartabil XCON WG IETF 60, San Diego 2 nd August, 2004

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

Will Darby April  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Authz work in GGF David Chadwick

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.

Copyright B. Wilkinson, This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.

XACML By Ganesh Godavari Craig Peltier. Information Sharing Information Sharing relates to the sharing of information between two or more entities. Entities.

Web services security I

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.

Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.

XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

XACML OASIS eXtensible Access Control Markup Language Steve Carmody July 10, 2003 Steve Carmody July 10, 2003.

Catalyst 2002 SAML InterOp July 15, 2002 Prateek Mishra San Francisco Netegrity.

James Cabral, David Webber, Farrukh Najmi, July 2012.

OASIS Provisioning Services Technical Committee An Introduction to version 2 of the Service Provisioning Markup Language.

Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

SAML, XACML & the Terrorism Information Sharing Environment “Interoperable Trust Networks” XML Community of Practice February 16, 2005 Martin Smith Program.

October 2, 2001 SAML RL "Bob" Morgan, University of Washington.

Session IV Chapter 9 – XML Schemas

Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.

Secure Systems Research Group - FAU Using patterns to compare web services standards E. Fernandez and N. Delessy.

SAML CCOW Work Item HL7 Working Group Meeting San Antonio - January 2008 Presented by: David Staggs, JD CISSP VHA Office of Information Standards.

XML – An Introduction Structured Data Mark-up James McCartney CSCE 590, Cluster and Grid Computing.

Elisa Bertino Purdue University Pag. 1 Security of Distributed Systems Part II Elisa Bertino CERIAS and CS &ECE Departments Purdue University.

A Document Format for Expressing Privacy Preferences H. Schulzrinne, J. Morris, H. Tschofenig, J. Cuellar, J. Polk, J. Rosenberg.

Clue data model Design team meeting 30/09/2014 Roberta Presta, Simon Romano.

Catalyst 2002 SAML InterOp July 15, 2002 San Francisco.

Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.

Saml-v1_x-tech-overview-dec051 Security Assertion Markup Language SAML 1.x Technical Overview Tom Scavo NCSA.

An XML based Security Assertion Markup Language

11 Usage policies for end point access control  XACML is Oasis standard to express enterprise security policies with a common XML based policy language.

Web - based business and XML security. Dagmar Brechlerova.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

Strategy Markup Language (StratML) XML CoP

SAML in Authorization Policies draft-guenther-geopriv-saml-policy-01.

SAML: An XML Framework for Exchanging Authentication and Authorization Information + SPML, XCBF Prateek Mishra August 2002.

WS-Trust “From each,according to his ability;to each, according to his need. “ Karl marx Ahmet Emre Naza Selçuk Durna

Access Control and Markup Languages Pages 183 – 187 in the CISSP 1.

Location Object and GML Issues H. Tschofenig C. Guenther.

Accessing Data Using XML CHAPTER NINE Matakuliah: T0063 – Pemrograman Visual Tahun: 2009.

Comments on SAML Attribute Mgmt Protocol Contribution to OASIS Security Services TC Phil Hunt & Prateek Mishra

Jennifer Widom XML Data Introduction, Well-formed XML.

CS 157B: Database Management Systems II February 11 Class Meeting Department of Computer Science San Jose State University Spring 2013 Instructor: Ron.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Policies September 7, 2010.

Internet & World Wide Web How to Program, 5/e. © by Pearson Education, Inc. All Rights Reserved.2.

XML A Language Presentation. Outline 1. Introduction 2. XML 2.1 Background 2.2 Structure 2.3 Advantages 3. Related Technologies 3.1 DTD 3.2 Schemas and.

January 9, 2002 Security Assertion Markup Language (SAML) RL "Bob" Morgan, University of Washington.

Martin Kruliš by Martin Kruliš (v1.1)1.

Old Dominion University1 eXtensible Access Control Markup Language [OASIS Standard] Kailash Bhoopalam Java and XML.

Security Assertion Markup Language (SAML) Interoperability Demonstration.

E-Authentication October Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure.

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

OASIS e Xtensible Access Control Markup Language (XACML) Hal Lockhart

CHAPTER NINE Accessing Data Using XML. McGraw Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved Introduction The eXtensible.

OGSA Attributes: Requirements, Definitions, and SAML Profile Abstract This document specifies elements and vocabulary for expressing attribute assertions.

Access Policy - Federation March 23, 2016

XML in Web Technologies

XML Data Introduction, Well-formed XML.

XML Data DTDs, IDs & IDREFs.

Tim Bornholtz Director of Technology Services

Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006

InfiNET Solutions 5/21/

Presentation transcript:

SAML in Authorization Policies draft-guenther-geopriv-saml-policy-00

SAML  Security Assertion Markup Language  XML language to exchange security information  Example of SAML assertion:  SAML Version 2 Committee Drafts to get OASIS standard status „Assertion Issuer I has authenticated Assertion Subject S using Authentication Method M“

saml-policy draft  common-policy:  policy rule = (conditions, actions, transformations)  saml-policy:  support for SAML assertions as conditions  This means, support for policy rules such as  saml-policy to extend common-policy framework in the same way as geopriv-policy does „If Assertion Issuer I has issued a SAML assertion assuring that the Assertion Subject S has been authenticated by means of Authentication Method M, then S is permitted to...“

saml-policy open issues 1)SAML authorization decision and attribute assertions SAML has not only authentication assertions, but also authorization decision and attribute assertions. Usefulness of these latter types of assertions in the scope of Geopriv, Simple,...? 2)SAML condition evaluation by XML parsing? This means: Instead of defining policy rules of the form „If the following elements of a SAML assertion have the following values, then...“, you could also derive specializations of the OASIS SAML Assertion schema that reflect desired constraints on the SAML assertions, and then use such a specialized XML schema in policy rules of the form „If a SAML assertion is valid with respect to the following XML schema, then...“. 3)Complete schema definition; Security and IANA Considerations