Review of Liberty Alliance 1.1 Web Browser Profiles Prateek Mishra Netegrity.

Slides:

Advertisements

Similar presentations

XML Standards Architect

Advertisements

Shibboleth 2.0 and Beyond Chad La Joie Georgetown University Internet2.

1© Nokia Siemens Networks SAML Name Identifier Request-Response Protocol Contribution to OASIS Security Services TC Christian Günther, Thinh Nguyenphu.

Step Up Authentication in SAML (and XACML) Hal Lockhart February 6, 2014.

Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.

Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.

State Services Commission New Zealand Government Crown Copyright “Standards are only the beginning.. …of the beginning.. … of interoperability”

SAML basics A technical introduction to the Security Assertion Markup Language Eve Maler XML Standards Architect XML Technology Center Sun Microsystems,

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.

SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

Draft-ietf-abfab-aaa-saml Josh Howlett, JANET IETF 82.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

SAML Conformance Sub-Group Report Face-to-face meeting August 29, 2001 Bob Griffin.

Catalyst 2002 SAML InterOp July 15, 2002 Prateek Mishra San Francisco Netegrity.

SASL-SAML update Klaas Wierenga Kitten WG 9-Nov-2010.

SWITCHaai Team Introduction to Shibboleth.

Identity Management Report By Jean Carreon and Marlon Gonzales.

Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

SAML Right Here, Right Now Hal Lockhart September 25, 2012.

Section 2.4 solving equations with variables on both sides of the equal sign. Day 1.

OTP-WSS-Token John Linn, RSA Laboratories DRAFT: 24 May 2005.

SAML 2.1 Building on Success. Outline n Summary of SAML 2.0 n Work done since 2.0 n Objectives of SAML 2.1 n Proposed Task List n Undecided Issues n Invitation.

Catalyst 2002 SAML InterOp July 15, 2002 San Francisco.

SAML 2.0: Federation Models, Use-Cases and Standards Roadmap

Saml-v1_x-tech-overview-dec051 Security Assertion Markup Language SAML 1.x Technical Overview Tom Scavo NCSA.

An XML based Security Assertion Markup Language

Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

SAML: An XML Framework for Exchanging Authentication and Authorization Information + SPML, XCBF Prateek Mishra August 2002.

Workshop Presentation [1] Investigating Liberty Alliance and Shibboleth Integration Nishen Naidoo, Supervisor: Dr. Steve Cassidy.

Shibboleth: An Introduction

Technical Break-out group What are the biggest issues form past projects – need for education about standards and technologies to get everyone on the same.

GFIPM FICAM Status Update GFIPM Delivery Team Meeting November 2011.

Comments on SAML Attribute Mgmt Protocol Contribution to OASIS Security Services TC Phil Hunt & Prateek Mishra

Shibboleth 2.0 Update Ken Klingenstein. 2 Topics Shib v1.3 Status SAML new features Shibboleth 2.0 Features Shibboleth 2.x Features We Need Feedback.

Attribute Aggregation in Federated Identity Management David Chadwick, George Inman, Stijn Lievens University of Kent.

Status Update on Other GFIPM Activity Threads GFIPM Delivery Team Meeting November 2011.

Using SAML for SIP H. Tschofenig, J. Peterson, J. Polk, D. Sicker, M. Tegnander.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

Security Assertion Markup Language (SAML) Interoperability Demonstration.

EGovernment Commonalities within Europe and beyond Colin Wallis & Fulup Ar Foll European Identity Conference 2011.

Fidelity Feedback on SAML 1.X and ID-FF 1.X Patrick Harding Enterprise Architecture Fidelity Investments.

SAML Interoperability Lab RSA Conference Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo.

SAML basics A technical introduction to the Security Assertion Markup Language Eve Maler XML Standards Architect XML Technology Center Sun Microsystems,

Workshop on Security for Web Services. Amsterdam, April 2010 Applying SAML to Identity Data Exchange.

SAML & OAuth V2 Nov 19/09. Goals Explore (useful) combinations of SAML & Oauth Builds on 2008 proposal from Ping ID for combining SAML SSO & Oauth authz.

Security Assertion Markup Language, v2.0 Chad La Joie Georgetown University / Internet2.

WEB 237 Week 1 DQ 1 Why is it important to test your web pages in various Web browsers? Explain how XML has impacted HTML. Check this A+ tutorial guideline.

Access Policy - Federation March 23, 2016

Federation Systems, ADFS, & Shibboleth 2.0

INDUSTRY WORKSHOP STORK OVERVIEW 2nd Industry Group – 26 June, 2009

SAML New Features and Standardization Status

HMA Identity Management Status

Identity Federations - Overview

Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support

A Use Case for SAML Extensibility

Scalability of trust and metadata exchange across federations

Identity management Aalto University, autumn 2013.

Put SAML assertion in context

A01 DESIGN To be completed Your proposal  Your House style 

The E-Authentication Initiative

Social Practice of the language: Describe and share information

Diameter ABFAB Application

INTEGRATIONS WITH Single Sign-On

Presentation transcript:

Review of Liberty Alliance 1.1 Web Browser Profiles Prateek Mishra Netegrity

Web Browser Profiles in SAML 1.0 SAML 1.0 (Form POST/Artifact Profile) Source Site (LA IdP) Destination Site (LA SP) Proposed for inclusion in SAML 1.1 (Form POST/Artifact Profile) Flow and solution proposal are described in: sstc-bindings-extensions-03

LA 1.1 Solution Proposal Analysis Assumptions: Use-Case and requirements are well understood How is the LA 1.1 solution proposal different from SAML 1.0 and SAML 1.1 drafts?

LA 1.1 Flows LA IdP LA SP or Artifact Rules for mapping XML elements into query strings are described (Section of Bindings and Profiles) AuthNRequest SHOULD be signed Assertions with AuthNResponse MUST be signed; it is recommended that the response itself not be signed Question: What about counter-measures based on signing TARGET in SAML 1.0? Artifact profile Request-Response: MUST be signed MAY be signed but contained assertions MUST be signed. ISSUE: Update and reconcile signing with SAML 1.1 guidelines