Will Darby 91.514 5 April 2010.  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative.

Slides:

Advertisements

Similar presentations

UDDI v3.0 (Universal Description, Discovery and Integration)

Advertisements

Contrail and Federated Identity Management

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Lecture 23 Internet Authentication Applications

Will Darby April  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.

Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.

IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.

1 SANS Technology Institute - Candidate for Master of Science Degree 1 STRIDE towards 2-factor Web SSO Rich Graves October 2014 GIAC GSE, GCIA, GCIH, GPEN,

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

Web Service Standards, Security & Management Chris Peiris

GridShib: Grid-Shibboleth Integration (Identity Federation and Grids) April 11, 2005 Von Welch

Catalyst 2002 SAML InterOp July 15, 2002 Prateek Mishra San Francisco Netegrity.

Quarterly Customer Meeting Active Directory Federation Services (ADFS) April 2015.

Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

Security and Information Assurance UC San Diego CSE 294 Winter Quarter 2008 Barry Demchak.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.

Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

SAML CCOW Work Item HL7 Working Group Meeting San Antonio - January 2008 Presented by: David Staggs, JD CISSP VHA Office of Information Standards.

PLoS ONE Application Journal Publishing System (JPS) First application built on Topaz application framework Web 2.0 –Uses a template engine to display.

WS-Trust Joseph Calandrino Vincent Noël Department of Computer Science University of Virginia February 9, 2004.

Serving society Stimulating innovation Supporting legislation Danny Vandenbroucke & Ann Crabbé KU Leuven (SADL) AAA-architecture for.

Catalyst 2002 SAML InterOp July 15, 2002 San Francisco.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

Single Sign-On for Professionals & Patients Phil Stradling.

SAML in Authorization Policies draft-guenther-geopriv-saml-policy-01.

SAML in Authorization Policies draft-guenther-geopriv-saml-policy-00.

Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.

Shibboleth: An Introduction

Web Services Security and Further References Presented by Ashraf Memon Presented by Ashraf Memon.

1 caGrid Security Overview Mark Grand Senior Engineer caGrid Knowledge Center February 7, 2011.

May 7, 2013 CEOS WGISS-35 Meeting 1 GEOSS Authentication and Single Sign-On Steven F. Browdy OMS Tech, Inc. IEEE.

Access Control and Markup Languages Pages 183 – 187 in the CISSP 1.

Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.

Shibboleth Access Management System Walter Hoehn & David Millman, Columbia University.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

National Computational Science National Center for Supercomputing Applications National Computational Science GSI Online Credential Retrieval Requirements.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Description WS Standards WS-Federation Picture Grid Security GridShib References 2.

Gridshell Security Master Project Akylbek Zhumabayev Rochester Institute of Technology.

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

SAML Interoperability Lab RSA Conference Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo.

In Vivo Imaging Middleware — Phase 6 Ashish Sharma, Tony Pan, Y. Nadir Saghar.

August 3, 2004WSRP Technical Committee WSRP v2 leveraging WS-Security 1. Motivation 2. WS-Securtiy Roadmap and Status 3. WSRP Use Cases 4. Strawman/Issues.

The FederID project The First Identity Management and Federation Free Software.

Access Policy - Federation March 23, 2016

LIGO Identity and Access Management

Analyn Policarpio Andrew Jazon Gupaal

SAML New Features and Standardization Status

HMA Identity Management Status

European AFS & Kerberos Conference 2010

Secure Authentication System for Public WLAN Roaming

Technical Approach Chris Louden Enspier

Authentication and Authorization Federation

Presentation transcript:

Will Darby April 2010

 What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative Solutions for the Internet

 Web service diagram

 Authorize users across all grids nodes  Minimal changes to existing security  Registry to map credentials to authority  Assertions passed among servers  Image from paper

 XML Signature  XML Encryption  WS-Security  WS-Trust

 R.L. Morgan, S. Cantor, S. Carmody, W. Hoehn and K. Klingenstein. “Federated Security: The Shibboleth Approach.” EDUCAUSE Quarterly, Volume 27, Number 4, Pages Available at:  K.D. Lewis and J.E. Lewis. “Web Single Sign-On Authentication using SAML.” International Journal of Computer Science Issues. Volume 2, Pages Available at:  “Security Assertion Markup Language (SAML) V2.0 Technical Overview.” OASIS Security Services Technical Committee. March, Available at: open.org/committees/download.php/27819/sstc-saml-tech- overview-2.0-cd-02.pdf. open.org/committees/download.php/27819/sstc-saml-tech- overview-2.0-cd-02.pdf

 H. Gomi, M.Hatakeyama, S.Hosono and S. Fujita. “A Delegation Framework for Federated Identity Management.” Proceedings of the 2005 workshop on Digital identity management. Pages  F. Pinto and C. Fernau. “An Approach for Shibboleth and Grid Integration.” Proceedings of the UK e-Science All Hands Conference, Available at: pdf. pdf  D. Recordon and D. Reed. “OpenID 2.0: A Platform for User- Centric Identity Management.” Proceedings of the second ACM workshop on Digital Identity Management, Pages  E. Hammer-Lahav. “The OAuth 1.0 Protocol.” IETF Internet Draft. February, Available at: