SecurityRatty: tag: saml

SSO Summit Day One Morning Session

2008-07-24 13:35:02 by Gunnar Peterson in 1 Raindrop

...SAML and SOA security issues SSO without strong auth is and always will be simply nuts SAML gets its right His points around common weaknesses in integration in SOA and Web 2.0 technologies for companies that are *not* using SAML were excellent. Of course, I will go into some more details on this tomorrow Ping's CTO Patrick Harding took...

Tags: sso, sso history talk, sso summit, mainframe sso, sso options, sso protocols, real world, real world lessons, authorization internal

It Was Sposed to Be So Eaaasy

2008-09-10 07:12:42 by Gunnar Peterson in 1 Raindrop

...SAML has such great adoption across the industry because they have a use case centric view and so gave the vendors something to engineer and optimize for. I think we'll still get there in WS-Security and other areas as well, but the use cases are not built into the spec (as with SAML) and so its taking longer One of our points in the talk...

Tags: ws-security, support ws-security, web service security, service, security, primitives, security primitives directly, ws-security support, security api

Dynamic Security Assertion Markup Language: Simplifying Single Sign-On

2008-05-22 06:22:47 by Editor in IEEE Security and Privacy

Dynamic Security Assertion Markup Language (SAML) simplifies the establishment of secure single sign-on between Web applications in different organizations by automating the exchange of SAML configuration information and simplifying cryptographic trust establishment

Tags: establishment, cryptographic trust establishment, saml configuration information, saml, secure single sign-on, web applications, organizations, simplifies, exchange

SSO Summit Wrap Up

2008-07-25 13:41:07 by Gunnar Peterson in 1 Raindrop

...SAML adoption and awareness by customers and partners. And I quite liked his quote - "If you are a SAAS vendors and you are not supporting SAML you won't be in business very long Kent Beck says programs are not things, they are shadows of communities. If you look at a big vendors' IDENTITY AND ACCESS MANAGEMENT SUITE - its not a cohesive...

Tags: sso, sso summit, sso functionality, sso community, vendors, saas vendors, person conference, conference, real

Web Services and XML Security Training at OWASP

2008-08-28 08:55:59 by Gunnar Peterson in 1 Raindrop

...SAML PingFederate Web Services - we'll look at how to implement a STS in Web services Bandit - Cardspace , authorization, and auditing Security Services VordelSecure - XML gateway, comprehensive web services security policy creation and enforcement, deploying decentralized security services Apache Ramparts modecurity Testing Soapbox - web...

Tags: security, soa security standards, security standards, soa security, soa, security critical environment, information security, information, application security principles

Identity Framework Probable Feature List

2007-12-16 06:42:00 by Keith Brown in Security Briefs

...SAML from personal cards Username/Password Fx helps you expose your STS using WCF Fx supplies a custom ServiceHostFactory (currently called WindowsInformationCardServiceHostFactory This allows you to create a .SVC file for a WCF endpoint to expose your STS Fx supplies an HttpModule for the traditional ASP.NET authentiation pipeline According...

Tags: informationcard login control, login control, information card serializer, information, control, user authentication methods, user, custom sts, card

OpenID family grows How it can transform Identity Federation between enteprises

2008-02-07 14:06:33 by Andras Cser in Security & Risk Management

...SAML and other federation technologies will be key enablers in OpenIDs success and promotion from the current low-value (e.g. blogsite) authentication usage, to becoming a full-fledged, enterprise-level federation solution

Tags: openid, openid foundation, openid camp, accept openid authentication, integration, strong authentication integration, identity federations proliferation, simple technology, technology

Microsoft's directory team forced to reconsider ignored standards

2008-03-04 00:00:00 by John Fontana in Network World on Security

Recent proclamations by Microsoft CEO Steve Ballmer that the company would move toward interoperability and support for standards is putting pressure on the head of the company's directory and identity development to reconsider support for industry standards such as SAML that have been long ignored

Tags: standards, support, reconsider support, industry standards, identity development, directory, company, recent proclamations, head

Jericho Forum and the Collaboration Oriented Architecture (COA) position paper

2008-05-09 14:16:55 by Burton Group in Security and Risk Management Strategies Blog

...SAML or other XML) is insufficient to support COA. The following elements are also valuable: [Here, I shorten and paraphrase the list of bullet points attribute brokers access brokers contract brokers policy language (like XACML 3.0 performance manager (builds audit logs and reputation systems I wish that the COA position paper had spent more...

Tags: coa, coa framework, coa paper focuses, jericho forum, paper, reputation repository, reputation, coa position paper, future jericho forum

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo