Peter Sylvester - EdelWeb
|
|
- Patience Ford
- 8 years ago
- Views:
Transcription
1 Peter Sylvester - EdelWeb A standard for authorization management for secure interoperability of multi-organisation information systems 6th European Forum on Electronic Signatures June 7-9, 2006, Amber Baltic Hotel, Miedzyzdroje peter.sylvester@edelweb.fr EdelWeb, 2005 Page N 1
2 The actors in the play The French social security organisations distributed services for retirement management CNAM, CNAF, CANAM, MSA, CANCAVA/ORGANSIC ACOSS, Ministry of health and social Security The Prime Minister s Agency for the Development of the Electronic Administration ADAE now DGME EdelWeb Page N 2
3 EdelWeb Spin-off from French INRIA and German GMD, created in consultants, experts or engineers Branch of ON-X Group (220 people) One of the first French companies specialized in IT Security Technical audits and penetration tests Security architecture and technology experts Cryptography R&D lab for operational evaluations and specific developments Many references within telecom operators, banks, organizations, administrations, civil and military industries Quality certification ISO9001:2000 Page N 3
4 The problem space Implement client/server applications between consenting but independent organisations Allow certain persons determined by one organisation access to applications in other organisations Each organisation is responsible for its personnel and rights and duty attribution Authentication techniques, roles, access management are specific in each organisation A radical change or harmonisation is not a realistic approach Centralized management does not work. Distance between interested parties to large Problem of responsibility in case of errors Page N 4
5 Interactions between organisations Communication between two different information systems consumer and provider Two types of interactions Web portals Application to application web services Context of explicit and controllable trust Professional actors (persons) are clearly identified Vs federation of identity of «clients» Roles, rights, application profiles are specific and not compatible in each organisation Page N 5
6 Objectif of the standard Establishment of a service and a contract among organisations permitting each partner to remain «master at home» and to assume his responsibilities. The consumer organisation manages the attribution of rights to access an application. An assertion/attestation of this attribution is propagated to the producer Guaranty of a sufficient general security level Authentication, traceability A priori trust with a posterior control Page N 6
7 Web Portal Scenario Consumer Organisation Employee Org A Portal Authentication Producer Organisation Application 1 Resource Employee OrgB Portal Authentication Portal producer Application 2 Resource Employee OrgC Portal Authentication Application 3 Rssource Page N 7
8 Scenarion Web Services Consumer Organisation Provider Organisation Application 1 Application 1 Resource Employee Application 2 Application 2 Resource Page N 8
9 Communication scenarii Org. A Appli 1 Org. B Appli z 1 to 1 Org. A Appli 1 Org. B Appli 3 Org. C Appli 5 Org. X Appli z N to 1 The real scenario is Many to Many Org. N Appli p Org. A Appli 1 Org. X Appli z Org. B Appli 3 Org. C Appli 5 Org. Y Appli s N to P Org. N Appli p Org. Z Appli t Page N 9
10 Roles and profiles Org. A Appli 1 Org. X Appli z Many Different Roles Org. B Appli 3 Org. C Appli 5 Org. N Appli p Org. Y Appli s Org. Z Appli t N to P Many Different Application Profiles Org. A Appli 1 Org. B Appli 3 Org. C Appli 5 Org. N Appli p Generic Applicatiion Profile 1 Generic Application Profile 2 Org. X Appli z Org. Y Appli s Org. Z Appli t N to P Generic Application Profile (PAGM) Profil Applicatif Générique Métier Page N 10
11 The selected approach Séparation of duties and responsibilities in a context of trust delegation Right management Towards target service Identification vector transmission of a commonly defined PAGM Asserted by l'organisation A Application profile Access rights Authentication Responsability organisation A Responsibility organisation B Right 1 Resource 2 Agent Organisme A Application Organisme B Ressources Page N 11
12 The Indentification Vector SAML 2.0 AuthAssertion Identification Vector Issuer Subject NameID NameID / Encrypted ID Client organisation ID Client ID Validity period Target organisation ID Target Service PAGM (one or more) Other attributs Level of authentication Conditions Conditions SAMLAuthzStatement AuthenticationDecision Evidence NotOnOrAfter AudienceRestriction Audience Ressource SAML Assertion AttributStatement Attribute Name=PAGM AtttributeValue Attribute Name AtttributeValue Attribute value AuthContextClassRef Page N 12
13 Data flow scenario web portals client Right and Attribute management Security infrastructure PAGM attribution assertion SAML creation Client gateway SSL client certificat transmission of Request and SAML assertion Producer proxy Right verification and user mapping Application vérification of SAML assertion reception All security control is done in the two organisations no third party using gateways (client) et proxies (producer) Page N 13
14 Functional decomposition Configuration and contract preparation Administration of contracts EbXML Opérational Systems Client Gateway Apache and modules Producer Proxy Security Infrastructures Right management SSO, etc. Creation and verifictaion Identification vector service Traces IGC Existing Open SAML Dedicated for Gateway to proxy authentication Page N 14
15 Technical choices summary Base technologies SAML for the format of the identification vector SSL between organisations gateways and proxies Study ebxml for the administration of the contracts Simple interface to tracing and journaling service No need to change the local authentication and authorisation systems For the client add PAGM management (role mapping) For the consumer mapping to some local user. Preference for open source technologies and standards Page N 15
16 Creation of identification vector traces Gestion PAGM Gestion d'application traces Vecteur d'identification Requête Attribution Authentification SAML Assertion d'authentification Attribution PAGM SAML Assertion d'attribut PAGM Attribution Application SAML Assertion d'autorisation Authentification mutuelle et chiffrement Requête HTTP Cookie SAML traces Application ou Proxy départ WS - SOAP Requête limite de l'organisme client Assertion d'autorisation SAML Page N 16
17 Consumer Treatment of Identification Vector Authentification mutuelle et chiffrement Requête HTTP Cookie SAML traces Proxy arrivée SAML Assertion d'autorisation Gestion PAGM et profils applicatif Attribution profil applicatif profil applicatif Application WS - SOAP Assertion Requête d'autorisation SAML Application traces limite de l'organisme fournisseur Page N 17
18 Actual situation Standard and detailed description defined and published Comments from the public included ADAE/DGME supports activity as a possible solution for the whole administration Social sphere actors have started implementation experiment Large parts of the standard can be implemented with existing open source technology Page N 18
MS-50412 - Implementing Active Directory Federation Services 2.0 for Windows Server 2008
MS-50412 - Implementing Active Directory Federation Services 2.0 for Windows Server 2008 Table of Contents Introduction Audience Prerequisites At Course Completion Student Materials Course Outline Introduction
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationOIO SAML Profile for Identity Tokens
> OIO SAML Profile for Identity Tokens Version 1.0 IT- & Telestyrelsen October 2009 Content > Document History 3 Introduction 4 Related profiles 4 Profile Requirements 6 Requirements 6
More informationAngel Dichev RIG, SAP Labs
Enabling SSL and Client Certificates on the SAP J2EE Engine Angel Dichev RIG, SAP Labs Learning Objectives As a result of this session, you will be able to: Understand the different SAP J2EE Engine SSL
More informationAutomated Testing of SAML 2.0 Service Providers. Andreas Åkre Solberg UNINETT andreas@uninett.no http://rnd.feide.no
Automated Testing of SAML 2.0 Service Providers Andreas Åkre Solberg UNINETT andreas@uninett.no http://rnd.feide.no Background 0% of SAML 2.0 implementations do SAML 100% correct. SAML includes alot of
More informationContents at a Glance. 1 Introduction 17. 2 Basic Principles of IT Security 23. 3 Authentication and Authorization in
at a Glance 1 Introduction 17 2 Basic Principles of IT Security 23 3 Authentication and Authorization in SAP NetWeaver Application Server Java 53 4 Single Sign-On 151 5 Identity Provisioning 289 6 Secure
More informationCS 356 Lecture 28 Internet Authentication. Spring 2013
CS 356 Lecture 28 Internet Authentication Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationAuthentication and access control in Sympa mailing list server
Authentication and access control in Sympa mailing list server February 2004 Serge Aumont & Olivier Salaün Comité Réseau des Universités http://www.cru.fr Campus de Beaulieu, Rennes France 1 Introduction
More information50412: Implementing Active Directory Federation Services 2.0
50412: Implementing Active Directory Federation Services 2.0 Microsoft - Servidores Nível: Avançado Duração: 30h Sobre o curso This four-day instructor-ledcourse provides students with the knowledge and
More informationOn Breaking SAML: Be Whoever You Want to Be
On Breaking SAML: Be Whoever You Want to Be Juraj Somorovsky 1, Andreas Mayer 2, Jörg Schwenk 1, Marco Kampmann 1, and Meiko Jensen 1 1 Horst-Görtz Institute for IT-Security, Ruhr-University Bochum 2 Adolf
More informationIBM WebSphere Application Server
IBM WebSphere Application Server SAML 2.0 web single-sign-on 2012 IBM Corporation This presentation describes support for SAML 2.0 web browser Single Sign On profile included in IBM WebSphere Application
More informationJVA-122. Secure Java Web Development
JVA-122. Secure Java Web Development Version 7.0 This comprehensive course shows experienced developers of Java EE applications how to secure those applications and to apply best practices with regard
More informationINTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE
INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE Legal Marks No portion of this document may be reproduced or copied in any form, or by
More informationStep-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x
Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x Sverview Trust between SharePoint 2010 and ADFS 2.0 Use article Federated Collaboration with Shibboleth 2.0 and SharePoint 2010 Technologies
More informationImplementation Guide SAP NetWeaver Identity Management Identity Provider
Implementation Guide SAP NetWeaver Identity Management Identity Provider Target Audience Technology Consultants System Administrators PUBLIC Document version: 1.10 2011-07-18 Document History CAUTION Before
More informationSecuring ArcGIS Server Services: First Steps
Federal GIS Conference February 9 10, 2015 Washington, DC Securing ArcGIS Server Services: First Steps Michael Sarhan Esri msarhan@esri.com Agenda Review Basic Security Workflow ArcGIS Server Roles and
More informationRun-time Service Oriented Architecture (SOA) V 0.1
Run-time Service Oriented Architecture (SOA) V 0.1 July 2005 Table of Contents 1.0 INTRODUCTION... 1 2.0 PRINCIPLES... 1 3.0 FERA REFERENCE ARCHITECTURE... 2 4.0 SOA RUN-TIME ARCHITECTURE...4 4.1 FEDERATES...
More informationBiometric Single Sign-on using SAML
Biometric Single Sign-on using SAML Architecture & Design Strategies Ramesh Nagappan CISSP Ramesh.Nagappan@sun.com 1 Setting Expectations What you can take away! Understand the importance of Single Sign-On
More informationAn SAML Based SSO Architecture for Secure Data Exchange between User and OSS
An SAML Based SSO Architecture for Secure Data Exchange between User and OSS Myungsoo Kang 1, Choong Seon Hong 1,Hee Jung Koo 1, Gil Haeng Lee 2 1 Department of Computer Engineering, Kyung Hee University
More informationThis chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:
CHAPTER 1 SAML Single Sign-On This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections: Junos Pulse Secure Access
More informationCA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam
CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam (CAT-140) Version 1.4 - PROPRIETARY AND CONFIDENTIAL INFORMATION - These educational materials (hereinafter referred to as
More informationThe Role of Identity Enabled Web Services in Cloud Computing
The Role of Identity Enabled Web Services in Cloud Computing April 20, 2009 Patrick Harding CTO Agenda Web Services and the Cloud Identity Enabled Web Services Some Use Cases and Case Studies Questions
More informationLets get a federated identity. Intro to Federated Identity. Feide OpenIdP. Enter your email address. Do you have access to your email?
Lets get a feated identity Intro to Feated Identity EuroCAMP Training for APAN32 This work is licensed un a Creative Commons Attribution ShareAlike 3.0 Unported License. Do you have access to your email?
More informationAuthentication and Single Sign On
Contents 1. Introduction 2. Fronter Authentication 2.1 Passwords in Fronter 2.2 Secure Sockets Layer 2.3 Fronter remote authentication 3. External authentication through remote LDAP 3.1 Regular LDAP authentication
More informationHow to Implement Enterprise SAML SSO
How to Implement Enterprise SSO THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY How to Implement Enterprise SSO Introduction Security Assertion Markup Language, or, provides numerous The advantages and
More informationAuthentication and access control in Sympa mailing list software
Authentication and access control in Sympa mailing list software May 2004 Serge Aumont & Olivier Salaün Comité Réseau des Universités http://www.cru.fr Campus de Beaulieu, Rennes France 1 Introduction
More informationPerceptive Experience Single Sign-On Solutions
Perceptive Experience Single Sign-On Solutions Technical Guide Version: 2.x Written by: Product Knowledge, R&D Date: January 2016 2016 Lexmark International Technology, S.A. All rights reserved. Lexmark
More informationSecurity Testing For RESTful Applications
Security Testing For RESTful Applications Ofer Shezaf, HP Enterprise Security Products ofr@hp.com What I do for a living? Product Manager, Security Solutions, HP ArcSight Led security research and product
More informationSwedbank Payment Portal Implementation Overview
Swedbank Payment Portal Implementation Overview Product: Hosted Pages Region: Baltics September 2015 Version 1.0 Contents 1. Introduction 1 1.1. Audience 1 1.2. Hosted Page Service Features 1 1.3. Key
More informationOn Breaking SAML: Be Whoever You Want to Be OWASP 7.11.2012. The OWASP Foundation http://www.owasp.org. Juraj Somorovsky and Christian Mainka
On Breaking SAML: Be Whoever You Want to Be Juraj Somorovsky and Christian Mainka 7.11.2012 Horst-Görtz Institute for IT-Security Ruhr-University Bochum Copyright The Foundation Permission is granted to
More informationSingle Sign-On Implementation Guide
Salesforce.com: Salesforce Winter '09 Single Sign-On Implementation Guide Copyright 2000-2008 salesforce.com, inc. All rights reserved. Salesforce.com and the no software logo are registered trademarks,
More informationIVOA Single-Sign-On Profile: Authentication Mechanisms Version 2.0
International Virtual Observatory Alliance IVOA Single-Sign-On Profile: Authentication Mechanisms Version 2.0 IVOA Proposed Recommendation 20151029 Working group http://www.ivoa.net/twiki/bin/view/ivoa/ivoagridandwebservices
More informationIdentity Assurance Hub Service SAML 2.0 Profile v1.2a
1 2 3 4 Identity Assurance Hub Service SAML 2.0 Profile v1.2a Identity Assurance Programme, 07 August 2015 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Document identifier: IDAP/HubService/Profiles/SAML Editors:
More informationfrench e-government forge
AdmiSource french e-government forge IDABC OSS Badajóz event 8th February 2007 Alexis Monville Strategic Plan Manager Directorate General for State Modernisation Ministry for Economy, Finance and Industry
More informationThe Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions
The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions Radomir Vranesevic Director and IT Architect Oracle Certified Master, CISSP Fusion Professionals 1 Agenda Introduction
More informationTest Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0
1 2 3 4 5 6 7 8 9 10 11 Test Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0 Version 3.2.2 Editor: Kyle Meadors, Drummond Group Inc. Abstract: This document describes the test steps to
More informationCNS-207 - Implementing NetScaler 11.0 For App and Desktop Solutions
CNS-207 - Implementing NetScaler 11.0 For App and Desktop Solutions Overview The objective of this course is to provide the foundational concepts and teach the skills necessary to implement, configure,
More informationJava Security Web Services Security (Overview) Lecture 9
Java Security Web Services Security (Overview) Lecture 9 Java 2 Cryptography Java provides API + SPI for crypto functions Java Cryptography Architecture Security related core classes Access control and
More informationIAM Application Integration Guide
IAM Application Integration Guide Date 03/02/2015 Version 0.1 DOCUMENT INFORMATIE Document Title IAM Application Integration Guide File Name IAM_Application_Integration_Guide_v0.1_SBO.docx Subject Document
More informationMS-55096: Securing Data on Microsoft SQL Server 2012
MS-55096: Securing Data on Microsoft SQL Server 2012 Description The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary
More informationEnsuring the Security of Your Company s Data & Identities. a best practices guide
a best practices guide Ensuring the Security of Your Company s Data & Identities Symplified 1600 Pearl Street, Suite 200» Boulder, CO, 80302» www.symplified.com» @Symplified Safe and Secure Identity Management
More informationBiometric Single Sign-on using SAML Architecture & Design Strategies
Biometric Single Sign-on using SAML Architecture & Design Strategies Ramesh Nagappan Java Technology Architect Sun Microsystems Ramesh.Nagappan@sun.com 1 Setting Expectations What you can take away! Understand
More informationSAP SECURITY AND AUTHORIZATIONS - RISK MANAGEMENT AND COMPLIANCE WITH LEGAL REGULATIONS IN THE SAP ENVIRONMENT
SAP SECURITY AND AUTHORIZATIONS - RISK MANAGEMENT AND COMPLIANCE WITH LEGAL REGULATIONS IN THE SAP ENVIRONMENT Foreword by Prof. Wolfgang Lassmann... 15 Foreword by Dr. Sachar Paulus... 17 1 Introduction...
More informationDisclaimer. SAP 2008 / SAP TechEd 08 / SIM202 / Page 2
SIM202 SAML 2.0 and Identity Federation Yonko Yonchev, NW PM Security SAP AG Dimitar Mihaylov, NW Security and Identity Management SAP Labs Bulgaria Tsvetomir Tsvetanov, Active Global Support SAP America
More informationTechnical Interoperability Standard for Data Mediation Protocols
Technical Interoperability Standard for Data Mediation Protocols TITLE: Technical Interoperability Standard for Data Mediation Protocols / TÍTULO: Norma Técnica de Interoperabilidad de Protocolos de intermediación
More informationOPENIAM ACCESS MANAGER. Web Access Management made Easy
OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access
More informationOASIS Standard Digital Signature Services (DSS) Assures Authenticity of Data for Web Services
www.oasis-open.org OASIS Standard Digital Signature Services (DSS) Assures Authenticity of Data for Web Services Juan Carlos Cruellas UPC Spain Nick Pope Thales esecurity (Co-Chairs Chairs DSS Technical
More informationSAML SSO Configuration
SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting
More informationSAML Federated Identity at OASIS
International Telecommunication Union SAML Federated Identity at OASIS Hal Lockhart BEA Systems Geneva, 5 December 2006 SAML and the OASIS SSTC o SAML: Security Assertion Markup Language A framework for
More informationA viable alternative to TMG / UAG Web Application security, acceleration and authentication with DenyAll s DA-WAF
A viable alternative to TMG / UAG Web Application security, acceleration and authentication with DenyAll s DA-WAF Whitepaper 08/17/2015 Summary 1. Introductio... 3 1.1 What is TMG / UAG?... 3 2. How can
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationPrivacy and Security within an Interoperable EHR
1 Privacy and Security within an Interoperable EHR Stan Ratajczak Director Privacy and Security Solutions Architecture Group November 30, 2005 Electronic Health Information and Privacy Conference Ottawa
More informationDesigning a Microsoft SharePoint 2010 Infrastructure
Course Code: M10231 Vendor: Microsoft Course Overview Duration: 5 RRP: 1,980 Designing a Microsoft SharePoint 2010 Infrastructure Overview This five day ILT course teaches IT professionals to design and
More informationThe Role-ID project. Kantara meeting Munich April 13, 2012. Mikaël Ates Entr ouvert. The Role-ID project. Mikaël Ates. Project outline.
Kantara meeting Munich April 13, 2012 Entr ouvert 2.1 Outline 1 2 3 4 2.2 Label and fundings Research project funded by Eureka, ITEA 2 programme. Started in october 2009, end in september 2012. French
More informationRevised edition. OIO Web SSO Profile V2.0.9 (also known as OIOSAML 2.0.9) Includes errata and minor clarifications
OIO Web SSO Profile V2.0.9 (also known as OIOSAML 2.0.9) Revised edition Includes errata and minor clarifications Danish Agency for Digitisation September 2012 Contents > 1 Introduction 8 1.1 Referenced
More informationSingle Sign On for UNICORE command line clients
Single Sign On for UNICORE command line clients Krzysztof Benedyczak ICM, Warsaw University Current status of UNICORE access Legacy certificates still fully supported nice on home workstation, especially
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationFederation Proxy for Cross Domain Identity Federation
Proxy for Cross Domain Identity Makoto Hatakeyama NEC Corporation, Common Platform Software Res. Lab. 1753, Shimonumabe, Nakahara-Ku, Kawasaki, Kanagawa 211-8666, Japan +81-44-431-7663 m-hatake@ax.jp.nec.com
More informationA Federated Authorization and Authentication Infrastructure for Unified Single Sign On
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On Sascha Neinert Computing Centre University of Stuttgart Allmandring 30a 70550 Stuttgart sascha.neinert@rus.uni-stuttgart.de
More informationAAI: SAP NETWEAVER INTEGRATION. André Hunziker and André Wahlig, ETH Zürich ID-BI Februar 2010
AAI: SAP NETWEAVER INTEGRATION André Hunziker and André Wahlig, ETH Zürich ID-BI Agenda ETH Zürich Company profile Introduction / Starting Point ETHZ SAP System Landscape 3rd party SSO solution selection
More informationCICS Web Service Security. Anthony Papageorgiou IBM CICS Development March 13, 2012 Session: 10282
Web Service Security Anthony Papageorgiou IBM Development March 13, 2012 Session: 10282 Agenda Web Service Support Overview Security Basics and Terminology Pipeline Security Overview Identity Encryption
More informationA Secure Internet Service for Delivering Documents for the Blind
A Secure Internet Service for Delivering Documents for the Blind Benoit Guillon 1, Dominique Burger 1, and Bruno Marmol 2 1 Université Pierre et Marie Curie B23, INSERM U483, 75252 Paris Cedex, France
More informationCore Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems
Core Feature Comparison between XML / SOA Gateways and Web Application Firewalls Jason Macy jmacy@forumsys.com CTO, Forum Systems XML Gateway vs Competitive XML Gateways or Complementary? and s are Complementary
More informationPrepared by Enea S.Teresa (Italy) Version 1.0 2006-October 24
Mersea Information System: an Authentication and Authorization System to access distributed oceanographic data. Prepared by Enea S.Teresa (Italy) Version 1.0 2006-October 24 Revision History Date Version
More informationApplication Security Testing
Tstsec - Version: 1 09 July 2016 Application Security Testing Application Security Testing Tstsec - Version: 1 4 days Course Description: We are living in a world of data and communication, in which the
More informationSecurity for Cloud- and On Premise Deployment. Mendix App Platform Technical Whitepaper
Security for Cloud- and On Premise Deployment Mendix App Platform Technical Whitepaper Security for Cloud- and On Premise Deployment EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 THE MENDIX APP PLATFORM...
More informationTable of Contents. Introduction. Audience. At Course Completion
Table of Contents Introduction Audience At Course Completion Prerequisites Microsoft Certified Professional Exams Student Materials Course Outline Introduction This three-day instructor-led course provides
More informationAn Oracle White Paper August 2010. Oracle OpenSSO Fedlet
An Oracle White Paper August 2010 Oracle OpenSSO Fedlet Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated
More informationSecurity in B2B. Sami Tähtinen FRENDS Technology, Inc. S-38.153 Security of Communication Protocols January 28 th, 2003
Security in B2B Sami Tähtinen FRENDS Technology, Inc. S-38.153 Security of Communication Protocols January 28 th, 2003 Contents What is B2B information exchange? Threats against B2B information exchange
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and
More informationApplication Gateway with Apache
Application Gateway with Apache Multi-backend scenarios Nghia Nguyen SAP NetWeaver RIG Americas, SAP Labs, LLC Introduction Session Objectives and Requirements Use Cases and Scenarios Limitations Configuring
More informationWeb Services Security with SOAP Security Proxies
Web Services Security with Security Proxies Gerald Brose, PhD Technical Product Manager Xtradyne Technologies AG OMG Web Services Workshop USA 22 April 2003, Philadelphia Web Services Security Risks! Exposure
More informationRFP 95200, City-Wide Electronic/Digital Signature Solution. Vendor Questions (AFTER Pre-Proposal Conference on March 17, 2015) and Answers (in bold)
RFP 95200, City-Wide Electronic/Digital Signature Solution Vendor Questions (AFTER Pre-Proposal Conference on March 17, 2015) and Answers (in bold) Proposal Due Date: Monday, April 6, 2015 1. Per the RFP,
More informationSAML application scripting guide
Chapter 151 SAML application scripting guide You can use the generic SAML application template (described in Creating a custom SAML application profile) to add a SAML-enabled web application to the app
More informationORACLE DATABASE SECURITY. Keywords: data security, password administration, Oracle HTTP Server, OracleAS, access control.
ORACLE DATABASE SECURITY Cristina-Maria Titrade 1 Abstract This paper presents some security issues, namely security database system level, data level security, user-level security, user management, resource
More informationSecuring Data on Microsoft SQL Server 2012
Securing Data on Microsoft SQL Server 2012 Course 55096 The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary to
More informationEnabling Federation and Web-Single Sign-On in Heterogeneous Landscapes with the Identity Provider and Security Token Service Supplied by SAP NetWeaver
Enabling Federation and Web-Single Sign-On in Heterogeneous Landscapes with the Identity Provider and Security Token Service Supplied by SAP NetWeaver SAP Product Management, SAP NetWeaver Identity Management
More informationPARTNER INTEGRATION GUIDE. Edition 1.0
PARTNER INTEGRATION GUIDE Edition 1.0 Last Revised December 11, 2014 Overview This document provides standards and guidance for USAA partners when considering integration with USAA. It is an overview of
More informationgoberlin a Trusted Cloud Marketplace for Governmental and Commercial Services
goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services Data Protection and Security Considerations in an egovernment Cloud in Germany Dr. Klaus-Peter Eckert Public Sector Cloud Forum
More informationUsing SAML for Single Sign-On in the SOA Software Platform
Using SAML for Single Sign-On in the SOA Software Platform SOA Software Community Manager: Using SAML on the Platform 1 Policy Manager / Community Manager Using SAML for Single Sign-On in the SOA Software
More informationPingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1
PingFederate Salesforce Connector Version 4.1 Quick Connection Guide 2011 Ping Identity Corporation. All rights reserved. PingFederate Salesforce Quick Connection Guide Version 4.1 June, 2011 Ping Identity
More informationOIO Web SSO Profile V2.0.5
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
More informationCOURSE 20413C: DESIGNING AND IMPLEMENTING A SERVER INFRASTRUCTURE
ABOUT THIS COURSE This 5 day course covers the knowledge and skills needed to provide an enterprise solution that supports manual and automated server installations in a physical and virtual environment
More informationSAML Authentication Quick Start Guide
SAML Authentication Quick Start Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2013 SafeNet, Inc. All rights reserved.
More informationKantega Secure Identity Witnessed Signed Document Format. Document version 1.0
Kantega Secure Identity Witnessed Signed Document Format Document version 1.0 Introduction Purpose This document describes the KSI Witnessed Signed Document Format. The format is the one used by id.kantega
More informationRevised edition. OIO Web SSO Profile V2.0.8 (also known as OIOSAML 2.0.8) Includes errata and minor clarifications
OIO Web SSO Profile V2.0.8 (also known as OIOSAML 2.0.8) Revised edition Includes errata and minor clarifications Danish Agency for Digitisation December 2011 Contents > 1 Introduction 8 1.1 Referenced
More informationAn Oracle White Paper Dec 2013. Oracle Access Management Security Token Service
An Oracle White Paper Dec 2013 Oracle Access Management Security Token Service Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only,
More informationThe Development of the Security Network
Turvallisuus. Käytettävyys. Yhteistyö. The Development of the Security Network Ministry of Finance Security Network Project 03/2012 Contents of the Presentation 1. What is the Goverment Security Network?
More informationMicrosoft 10972 - Administering the Web Server (IIS) Role of Windows Server
1800 ULEARN (853 276) www.ddls.com.au Microsoft 10972 - Administering the Web Server (IIS) Role of Windows Server Length 5 days Price $4169.00 (inc GST) Version B Overview This course provides students
More informationResearch and Implementation of Single Sign-On Mechanism for ASP Pattern *
Research and Implementation of Single Sign-On Mechanism for ASP Pattern * Bo Li, Sheng Ge, Tian-yu Wo, and Dian-fu Ma Computer Institute, BeiHang University, PO Box 9-32 Beijing 100083 Abstract Software
More informationDesigning and Implementing a Server Infrastructure 20413C; 5 days, Instructor-led
Designing and Implementing a Server Infrastructure 20413C; 5 days, Instructor-led Course Description Get hands-on instruction and practice planning, designing and deploying a physical and logical Windows
More informationGaps in Patient-Centric Healthcare Standards. IEEE Health IT Standards Study Group March 29, 2006
Gaps in Patient-Centric Healthcare Standards IEEE Health IT Standards Study Group March 29, 2006 MedCommons Standards Participation HIMSS IHE ASTM-CCR Liberty Alliance Project ONC HITSP IEEE-SA 2 Consumer
More informationProject Title: Judicial Branch Enterprise Document Management System RFP Number: FIN122210CK Appendix D Technical Features List
FEAT891 Medium Recoverable using backup The solution shall be recoverable from backup storage media storage media. FEAT893 Desired Medium Support Load Sharing High Availability The solution should utilize
More informationCourse 20413: Designing and Implementing a Server Infrastructure
Course 20413: Designing and Implementing a Server Infrastructure Overview About this course Get hands-on instruction and practice planning, designing and deploying a physical and logical Windows Server
More informationFederated Portals. Subbu Allamaraju Staff Engineer BEA Systems Inc
Federated Portals Subbu Allamaraju Staff Engineer BEA Systems Inc Agenda Federated portals and SOA Federated portals internals Best practices Upcoming features Q&A (C) Copyright 2005, BEA Systems, Inc
More informationDesingning and Implementing a Server Infrastructure
About this Course Desingning and Implementing a Server Get hands-on instruction and practice planning, designing and deploying a physical and logical Windows Server 2012 R2 enterprise infrastructure in
More informationSAML 2.0 Configurations at SAP NetWeaver AS ABAP and Microsoft ADFS
SAML 2.0 Configurations at SAP NetWeaver AS ABAP and Microsoft ADFS Applies to: SAP Gateway 2.0 Summary This guide describes how you install and configure SAML 2.0 on Microsoft ADFS server and SAP NetWeaver
More informationFTP-Stream Integrating Active Directory Federation Services
FTP-Stream Integrating Active Directory Federation Services 1 Overview Active Directory Federation Services (ADFS) is a standards-based service that allows the secure sharing of identity information between
More informationOSOR.eu eid/pki/esignature Community Workshop in Brussels, 13. November 2008 IT Architect Søren Peter Nielsen - spn@itst.dk
The OIOSAML Toolkits Accelerating a common egov infrastructure using open source reference implementations OSOR.eu eid/pki/esignature Community Workshop in Brussels, 13. November 2008 IT Infrastructure
More informationPrime Minister. The French Networks and Information Security Agency Agence nationale de la sécurité des systèmes d information
Prime Minister The French Networks and Information Security Agency Agence nationale de la sécurité des systèmes d information Security incident detection service providers Prestataires de détection des
More information