Access Control and Markup Languages Pages 183 – 187 in the CISSP 1.

Slides:

Advertisements

Similar presentations

Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.

Advertisements

Click to edit Master title style HEALTH INFORMATION 1 Identity & Access Management Presenter: Mike Davis (760) January 09, 2007.

NRL Security Architecture: A Web Services-Based Solution

CS 5511 Introduction to WS Authorization Brian P. Barrett.

0 Web Service Security JongSu Bae. 1  Introduction 2. Web Service Security 3. Web Service Security Mechanism 4. Tool Support 5. Q&A  Contents.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Lecture 23 Internet Authentication Applications

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Session 28 Techie Terminology and Benefits for Financial Aid Administrators Tim Bornholtz Holly Hyland.

16/3/2015 META ACCESS MANAGEMENT SYSTEM Implementing Authorised Access Dr. Erik Vullings MAMS Programme Manager

XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.

Copyright B. Wilkinson, This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.

OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.

Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,

CS 522 WebServices -Sujeeth Narayan -Ankur Patwa.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Privacy Policy.

Web services security I

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.

Web Service Standards, Security & Management Chris Peiris

SAML, XACML & the Terrorism Information Sharing Environment “Interoperable Trust Networks” XML Community of Practice February 16, 2005 Martin Smith Program.

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

Web Services An introduction for eWiSACWIS May 2008.

HTML and XML Behind Web Authoring Tools. 2 Objectives Introduce HTML Learn HTML Step by step Introduce XML.

Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.

Tech Terminology for non-technical people Tim Bornholtz 2006 Annual Conference.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

SAML CCOW Work Item HL7 Working Group Meeting San Antonio - January 2008 Presented by: David Staggs, JD CISSP VHA Office of Information Standards.

17 March 2008 © 2008 The University of Edinburgh, European Microsoft Innovation Center and University of Southampton IT Innovation Centre 1 NextGRID Security.

An XML based Security Assertion Markup Language

Web - based business and XML security. Dagmar Brechlerova.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

Navigating the Standards Landscape Andrew Owen SEARCH.

SAML in Authorization Policies draft-guenther-geopriv-saml-policy-01.

SAML: An XML Framework for Exchanging Authentication and Authorization Information + SPML, XCBF Prateek Mishra August 2002.

SAML in Authorization Policies draft-guenther-geopriv-saml-policy-00.

Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.

W3C Web Services Architecture Security Discussion Kick-Off Abbie Barbir, Ph.D. Nortel Networks.

Shibboleth: An Introduction

Semantic Web Technologies Research Topics and Projects discussion Brief Readings Discussion Research Presentations.

Dr. Rebhi S. Baraka Advanced Topics in Information Technology (SICT 4310) Department of Computer Science Faculty of Information Technology.

Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.

By: Nikhil Bendre Gauri Jape.  What is Identity?  Digital Identity  Attributes  Role  Relationship.

Module: Software Engineering of Web Applications Chapter 2: Technologies 1.

Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.

HTML, Internet, & Networking By Peter McIlwee and Lorenc Cici.

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

OGSA Attributes: Requirements, Definitions, and SAML Profile Abstract This document specifies elements and vocabulary for expressing attribute assertions.

Access Policy - Federation March 23, 2016

HMA Identity Management Status

Federation made simple

HMA Identity Management Status

Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support

CS1001 Lecture 8.

Techie Terminology and Benefits for Financial Aid Administrators

Service-Oriented Computing: Semantics, Processes, Agents

Service-Oriented Computing: Semantics, Processes, Agents

Presentation transcript:

Access Control and Markup Languages Pages 183 – 187 in the CISSP 1

Mark-up languages  A way to structure text and data sets  Control how it looks and some of the functionality 2

XML  As the web grew, we needed additional functionality beyond HTML Foundational standard providing a structure for other independent mark-up languages XML is like English and independent standards may be something like the difference between a lawyer's vocabulary and a doctor's vocabulary – different, but with the same underlying root.  XML for identity management and access control purposes  SPML  SAML  XACML 3

XML for identity management and access control purposes Service Provisioning Markup Language (SPML)  Allows for the exchange of provisioning data between applications & the automation of user management  Three main entities  Requesting Authority  Provisioning Service Provider (software that responds to requests)  Provisioning Service Target (carries out requests on the system)  See page 185 for a diagram 4

Security Assertion Markup Language (SAML)  Allows for the exchange of authentication and authorization data (ex. password, key, digital certificate)  Does NOT tell the receiving system how to interpret this data  Provides the authentication pieces to federated identity management systems  Transmission of SAML data is typically done over Simple Object Access Protocol (SOAP)  See Figure 3-8 on page 186  Allows for Service Oriented Architecture (SOA)  A way to provide independent services residing on different systems in one consistent manner 5 XML for identity management and access control purposes

Extensible Access Control Markup Language (XACML)  Express security policies and access rights  Access policies are developed in XACML but enforced through the software  Policies can be installed on multiple systems to ensure consistent security enforcement and management  3 Elements  Subject (Requesting Entity)  Resource (Requested Entity)  Action (Type of access) 6 XML for identity management and access control purposes