1 / 26

Federated Security and the Security Assertion Markup Language

Federated Security and the Security Assertion Markup Language. Will Darby 91.514 5 April 2010. Topics. What is Federated Security Example Implementations Security Assertion Markup Language (SAML) Overview Alternative Solutions for the Internet. Federated Security Example.

onawa
Download Presentation

Federated Security and the Security Assertion Markup Language

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Federated Security and the Security Assertion Markup Language Will Darby 91.514 5 April 2010

  2. Topics What is Federated Security Example Implementations Security Assertion Markup Language (SAML) Overview Alternative Solutions for the Internet

  3. Federated Security Example

  4. Security Basics

  5. PKI Overview

  6. Single Sign-On (SSO) Challenges

  7. Shibboleth

  8. Security Assertions

  9. Shibboleth Web Application SSO

  10. Web Application SSO Details

  11. Web Service SSO Web service diagram

  12. Web Service SSO Details

  13. Shibboleth Integratedwith Grid Computing • Authorize users across all grids nodes • Minimal changes to existing security • Registry to map credentials to authority • Assertions passed among servers • Image from paper

  14. Federated Identity Delegation

  15. Federated IdentityDelegation Example

  16. Open SAML

  17. SAML Assertions

  18. SAML Protocol

  19. Associated XML Specifications XML Signature XML Encryption WS-Security WS-Trust

  20. OpenID

  21. OpenID Example

  22. OAuth

  23. OAuth Example

  24. References R.L. Morgan, S. Cantor, S. Carmody, W. Hoehn and K. Klingenstein. “Federated Security: The Shibboleth Approach.” EDUCAUSE Quarterly, Volume 27, Number 4, 2004. Pages 12-17. Available at: http://net.educause.edu/ir/library/pdf/EQM0442.pdf. K.D. Lewis and J.E. Lewis. “Web Single Sign-On Authentication using SAML.” International Journal of Computer Science Issues. Volume 2, 2009. Pages 41-48. Available at: http://www.ijcsi.org/papers/2-41-48.pdf. “Security Assertion Markup Language (SAML) V2.0 Technical Overview.” OASIS Security Services Technical Committee. March, 2008. Available at: http://www.oasis-open.org/committees/download.php/27819/sstc-saml-tech-overview-2.0-cd-02.pdf.

  25. References (cont) H. Gomi, M.Hatakeyama, S.Hosono and S. Fujita. “A Delegation Framework for Federated Identity Management.” Proceedings of the 2005 workshop on Digital identity management. Pages 94-103. F. Pinto and C. Fernau. “An Approach for Shibboleth and Grid Integration.” Proceedings of the UK e-Science All Hands Conference, 2005. Available at: http://www.allhands.org.uk/2005/proceedings/papers/531.pdf. D. Recordon and D. Reed. “OpenID 2.0: A Platform for User-Centric Identity Management.” Proceedings of the second ACM workshop on Digital Identity Management, 2006. Pages 11-16. E. Hammer-Lahav. “The OAuth 1.0 Protocol.” IETF Internet Draft. February, 2010. Available at: http://tools.ietf.org/html/draft-hammer-oauth-10.

  26. Questions?

More Related