Dynamic Security Assertion Markup Language: Simplifying Single Sign-On

2008 ◽  
Vol 6 (2) ◽  
pp. 83-85 ◽  
Author(s):  
P. Harding ◽  
L. Johansson ◽  
N. Klingenstein
Keyword(s):  
Markup Language ◽  
Single Sign On ◽  
Dynamic Security ◽  
Security Assertion Markup Language

Automatic Security Analysis of SAML-Based Single Sign-On Protocols

2011 ◽  
pp. 168-187 ◽  
Author(s):  
Alessandro Armando ◽  
Roberto Carbone ◽  
Luca Compagna ◽  
Giancarlo Pellegrino
Keyword(s):  
Life Cycle ◽  
Model Checking ◽  
Security Analysis ◽  
Security Protocols ◽  
Markup Language ◽  
Access To Services ◽  
Web Browser ◽  
Single Sign On ◽  
Development Life Cycle ◽  
Security Assertion Markup Language

Single-Sign-On (SSO) protocols enable companies to establish a federated environment in which clients sign in the system once and yet are able to access to services offered by different companies. The OASIS Security Assertion Markup Language (SAML) 2.0 Web Browser SSO Profile is the emerging standard in this context. In previous work a severe security flaw in the SAML-based SSO for Google Apps was discovered. By leveraging this experience, this chapter will show that model checking techniques for security protocols can support the development and analysis of SSO solutions helping the designer not only to detect serious security flaws early in the development life-cycle but also to provide assurance on the security of the solutions identified.

Web Services Security

2008 ◽  
pp. 334-408
Author(s):  
Manuel Mogollon
Keyword(s):  
Web Services ◽  
Key Management ◽  
Markup Language ◽  
Access Protocol ◽  
Xml Encryption ◽  
Extensible Markup ◽  
Xml Signature ◽  
Web Services Security ◽  
Open Standards ◽  
Security Assertion Markup Language

A service is an application offered by an organization that can be accessed through a programmable interface. Web services allow computers running on different operating platforms to access and share each other’s databases by using open standards, such as extensible markup language (XML) and simple object access protocol (SOAP). In this chapter, the following Web services mechanisms are discussed: (1) XML encryption, XML signature, and XML key management specification (XKMS); (2) security assertion markup language (SAML); and (3) Web services security (WS-security).

Protecting Privacy Using XML, XACML, and SAML

2011 ◽  
pp. 203-233
Author(s):  
Ed Simon
Keyword(s):  
Access Control ◽  
Markup Language ◽  
Security Assertion Markup Language

This chapter describes how two new XML-based technologies, XACML (eXtensible Access Control Markup Language) and SAML (Security Assertion Markup Language) can be used to help protect privacy in e-services. The chapter is primarily a tutorial, briefly introducing XML, and then detailing the privacy features of XACML and SAML including XACML’s ability to ensure the expressed purpose of an action matches a purpose allowed for the resource on which the action is to be performed and SAML’s support for pseudonymity and communicating consent. Concepts are illustrated with detailed examples. The author hopes that readers will be both informed and intrigued by the possibilities for privacy applications made possible by XML, XACML, and SAML.

Sign in / Sign up

Export Citation Format

Share Document