Web Services Security and Federated Identity Management



Similar documents
OIOSAML Rich Client to Browser Scenario Version 1.0

Building Secure Applications. James Tedrick

Microsoft Office 365 Using SAML Integration Guide

DocuSign Information Guide. Single Sign On Functionality. Overview. Table of Contents

SAM Context-Based Authentication Using Juniper SA Integration Guide

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

New Single Sign-on Options for IBM Lotus Notes & Domino IBM Corporation

Enabling Federation and Web-Single Sign-On in Heterogeneous Landscapes with the Identity Provider and Security Token Service Supplied by SAP NetWeaver

JOSSO 2.4. Ws-Federation Integration Tutorial

OAuth 2.0 Developers Guide. Ping Identity, Inc th Street, Suite 100, Denver, CO

NIST s Guide to Secure Web Services

OpenHRE Security Architecture. (DRAFT v0.5)

Federated Identity Management Solutions

CA Nimsoft Service Desk

Digital Identity and Identity Management Technologies.

Dell One Identity Cloud Access Manager How to Develop OpenID Connect Apps

Web Based Single Sign-On and Access Control

OVERVIEW. DIGIPASS Authentication for Office 365

USING FEDERATED AUTHENTICATION WITH M-FILES

Server based signature service. Overview

Extending DigiD to the Private Sector (DigiD-2)

Computer Systems Security 2013/2014. Single Sign-On. Bruno Maia Pedro Borges

Flexible Identity Federation

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

Negotiating Trust in Identity Metasystem

Trend of Federated Identity Management for Web Services

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

SAML-Based SSO Solution

Securing Web Services With SAML

Login with Amazon. Developer Guide for Websites

The increasing popularity of mobile devices is rapidly changing how and where we

ADFS Integration Guidelines

JVA-122. Secure Java Web Development

Evaluation of different Open Source Identity management Systems

Department of Industry and Science

Perceptive Experience Single Sign-On Solutions

SAML Security Option White Paper

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

IBM WebSphere Application Server

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

A Standards-based Mobile Application IdM Architecture

Security IIS Service Lesson 6

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines

idp Connect for OutSystems applications

SECUREAUTH IDP AND OFFICE 365

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

Agenda. How to configure

Improving Security and Productivity through Federation and Single Sign-on

Your Gateway to Electronic Payments & Financial Services. Getting Started Guide - English

DualShield SAML & SSO. Integration Guide. Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.

PingFederate. Windows Live Cloud Identity Connector. User Guide. Version 1.0

Identity Server Guide Access Manager 4.0

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

Digital Identity Management

INUVIKA OPEN VIRTUAL DESKTOP ENTERPRISE

Liberty Alliance. CSRF Review. .NET Passport Review. Kerberos Review. CPSC 328 Spring 2009

An SAML Based SSO Architecture for Secure Data Exchange between User and OSS

STUDY ON IMPROVING WEB SECURITY USING SAML TOKEN

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

OpenSSO: Cross Domain Single Sign On

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

SAML and OAUTH comparison

The Challenges of Web single sign-on

Hack Proof Your Webapps

PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN

Lecture Notes for Advanced Web Security 2015

TIBCO Spotfire Platform IT Brief

M.Sc. Thesis within Computer Engineering AV 30 ECTS. Federated identity management AD FS for single sign-on and federated identity management

Biometric SSO Authentication Using Java Enterprise System

Enterprise Access Control Patterns For REST and Web APIs

API-Security Gateway Dirk Krafzig

365 Services. 1.1 Configuring Access Manager Prerequisite Adding the Office 365 Metadata. docsys (en) 2 August 2012

Interoperable Provisioning in a Distributed World

Addressing threats to real-world identity management systems

IBM WebSphere Application Server

INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE

Safewhere*Identify 3.4. Release Notes

ACR Connect Authentication Service Developers Guide

Feide Integration Guide. Technical Requisites

Information Security Group Active-client based identity management

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication

Siebel CRM On Demand Single Sign-On. An Oracle White Paper December 2006

Transcription:

Web Services Security and Federated Identity Management Birgit Pfitzmann, bpf@zurich.ibm.com with Thomas Gross March 8, 2005 www.zurich.ibm.com

Federated Identity Management (FIM) Roles Exchange Possible? Allowed? Efficient? 2 Collection, recognition Allowed? Efficient? Verified?

What s New? Scientifically Standards Management Federated single sign-on Federated provisioning Nothing. (Event-based directory integration) XML-based. (DSML, SPML, WS- Provisioning) Pure browser case. (Else 3-party authentication) SAML, Liberty, WS-Fed Passive. Also WS versions Also more attributes More liability and privacy issues Metadata exchange More liability and privacy issues 3

Literature Korman/Rubin 00: Passport problems Pfitzmann/Waidner 02 etc.: Privacy Pfitzmann/Waidner 02, Gross 03: Liberty and SAML problems Gordon et al: WS protocols, but not FIM Gross/Pfitzmann 04: Positive analysis of WSFPI 4

Attack Example: SAML Artifact Profile U B D S 0. Browse, redirect 1a. Authenticate user 2. Redirect to D & artifact 3. GET... & artifact 4. SAML Request w/ artifact 6. Result page 5. SAML Response: assertion 5

A Multi-Layer Vulnerability U B D S 1a. Authenticate user 2. Redirect to D & artifact 3. GET... & artifact 7. 6. Error page with non-ssl link 7a. GET non-ssl page HTTP Referer: URL w/ artifact Interrupts channel D S Gets artifact Impersonates U at D 6

What Can We Hope to Prove? Vulnerable operational environment Based on passwords Fake-screen attacks easy Browser security assumed OS security assumed Identity provider can impersonate user Privacy can be good except Not anonymity AND certified attributes Id supplier learns trail of id consumer URIs Here: Secure channel establishment under appropriate operational assumptions 7

Privacy Overview Attributes about a person P are only given to an organization O, used there, or forwarded with P's consent. Standard implication Explicit privacy policy for attributes (exceptions by law) Special cases: Attribute = ID Multiple roles Attribute = URL Traffic privacy O = wallet holder Allow multiple wallets, in particular local wallets 8

The WSFPI Protocol Basis for a Proof WSFPI Interop Profile WS-Fed Passive WS-Fed Active WS-Federation Other WS-Sec* HTTPS Tokens 9

Proof Challenges Browsers and users Browser as protocol party restricted abilities User also a protocol party zero-footprint browser contains no identity Browser and user might leak protocol-internal secrets Modularity, e.g., use of secure channels and SAML tokens Standard-style presentations We prove rigorous instantiation 10

WSFPI: Correct Message Flow U B S C 0. Browse 4. Redirect(URI S, (wa, wtrealm, [wreply, wctx, wct]) 5. Authenticate user 6. POSTForm(a, (wresult, [wctx])) 7. POST 10. Response a := wreply or wtrealm; wresult := sign(name S, (URI S, URI C, id U )) Verify... Secure channel 11

Structure of the Proof Proof of Secure Channel Establishment Precise Protocol Definition Submodules Security Assumptions Trust Scenario 12

Summary and Outlook FIM: 3-party authentication, often with attribute exchange First protocol proof exists Next steps: Relate assumptions to more detailed browser and user models Use such models as criteria for browser evaluation Privacy: Protocols can achieve privacy with 2 exceptions For private use, GUI and policies equally important 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information