Federated Security and the Security Assertion Markup Language
26
Federated Security and the Security Assertion Markup Language Will Darby 91.514 5 April 2010
description
Federated Security and the Security Assertion Markup Language. Will Darby 91.514 5 April 2010. Topics. What is Federated Security Example Implementations Security Assertion Markup Language (SAML) Overview Alternative Solutions for the Internet. Federated Security Example. - PowerPoint PPT Presentation
Transcript of Federated Security and the Security Assertion Markup Language
Federated Security and the Security Assertion Markup Language
Federated Security and the Security Assertion Markup LanguageWill Darby91.5145 April 2010TopicsWhat is Federated SecurityExample ImplementationsSecurity Assertion Markup Language (SAML) OverviewAlternative Solutions for the InternetFederated Security ExampleSecurity BasicsPKI OverviewSingle Sign-On (SSO) ChallengesShibbolethSecurity AssertionsShibboleth Web Application SSOWeb Application SSO DetailsWeb Service SSOWeb service diagramWeb Service SSO DetailsShibboleth Integratedwith Grid ComputingAuthorize users across all grids nodesMinimal changes to existing security Registry to map credentials to authorityAssertions passed among serversImage from paperFederated Identity DelegationFederated IdentityDelegation ExampleOpen SAMLSAML AssertionsSAML ProtocolAssociated XML SpecificationsXML SignatureXML EncryptionWS-SecurityWS-TrustOpenIDOpenID ExampleOAuthOAuth ExampleReferencesR.L. Morgan, S. Cantor, S. Carmody, W. Hoehn and K. Klingenstein. Federated Security: The Shibboleth Approach. EDUCAUSE Quarterly, Volume 27, Number 4, 2004. Pages 12-17. Available at: http://net.educause.edu/ir/library/pdf/EQM0442.pdf.K.D. Lewis and J.E. Lewis. Web Single Sign-On Authentication using SAML. International Journal of Computer Science Issues. Volume 2, 2009. Pages 41-48. Available at: http://www.ijcsi.org/papers/2-41-48.pdf.Security Assertion Markup Language (SAML) V2.0 Technical Overview. OASIS Security Services Technical Committee. March, 2008. Available at: http://www.oasis-open.org/committees/download.php/27819/sstc-saml-tech-overview-2.0-cd-02.pdf.References (cont)H. Gomi, M.Hatakeyama, S.Hosono and S. Fujita. A Delegation Framework for Federated Identity Management. Proceedings of the 2005 workshop on Digital identity management. Pages 94-103.F. Pinto and C. Fernau. An Approach for Shibboleth and Grid Integration. Proceedings of the UK e-Science All Hands Conference, 2005. Available at: http://www.allhands.org.uk/2005/proceedings/papers/531.pdf.D. Recordon and D. Reed. OpenID 2.0: A Platform for User-Centric Identity Management. Proceedings of the second ACM workshop on Digital Identity Management, 2006. Pages 11-16.E. Hammer-Lahav. The OAuth 1.0 Protocol. IETF Internet Draft. February, 2010. Available at: http://tools.ietf.org/html/draft-hammer-oauth-10.Questions?
