260 likes | 401 Views
Federated Security and the Security Assertion Markup Language. Will Darby 91.514 5 April 2010. Topics. What is Federated Security Example Implementations Security Assertion Markup Language (SAML) Overview Alternative Solutions for the Internet. Federated Security Example.
E N D
Federated Security and the Security Assertion Markup Language Will Darby 91.514 5 April 2010
Topics What is Federated Security Example Implementations Security Assertion Markup Language (SAML) Overview Alternative Solutions for the Internet
Web Service SSO Web service diagram
Shibboleth Integratedwith Grid Computing • Authorize users across all grids nodes • Minimal changes to existing security • Registry to map credentials to authority • Assertions passed among servers • Image from paper
Associated XML Specifications XML Signature XML Encryption WS-Security WS-Trust
References R.L. Morgan, S. Cantor, S. Carmody, W. Hoehn and K. Klingenstein. “Federated Security: The Shibboleth Approach.” EDUCAUSE Quarterly, Volume 27, Number 4, 2004. Pages 12-17. Available at: http://net.educause.edu/ir/library/pdf/EQM0442.pdf. K.D. Lewis and J.E. Lewis. “Web Single Sign-On Authentication using SAML.” International Journal of Computer Science Issues. Volume 2, 2009. Pages 41-48. Available at: http://www.ijcsi.org/papers/2-41-48.pdf. “Security Assertion Markup Language (SAML) V2.0 Technical Overview.” OASIS Security Services Technical Committee. March, 2008. Available at: http://www.oasis-open.org/committees/download.php/27819/sstc-saml-tech-overview-2.0-cd-02.pdf.
References (cont) H. Gomi, M.Hatakeyama, S.Hosono and S. Fujita. “A Delegation Framework for Federated Identity Management.” Proceedings of the 2005 workshop on Digital identity management. Pages 94-103. F. Pinto and C. Fernau. “An Approach for Shibboleth and Grid Integration.” Proceedings of the UK e-Science All Hands Conference, 2005. Available at: http://www.allhands.org.uk/2005/proceedings/papers/531.pdf. D. Recordon and D. Reed. “OpenID 2.0: A Platform for User-Centric Identity Management.” Proceedings of the second ACM workshop on Digital Identity Management, 2006. Pages 11-16. E. Hammer-Lahav. “The OAuth 1.0 Protocol.” IETF Internet Draft. February, 2010. Available at: http://tools.ietf.org/html/draft-hammer-oauth-10.