SAML2.0 in a Nutshell

SAML

SAML XML-based framework for marshaling security and identity information and exchanging it across domain boundaries.

SAML’s Core : asseertions about subjects

Assertions contain statements : authentication, attribute, entitlement or roll-your-own

SAML Use Cases

  1. SSO
  2. Identity Federation
  3. Attribute Services
  4. Single logout
  5. Securing Web Services messages

Terms and concepts :

  • Entity : An active element of a computer/network system
  • Principal : An entity whose identity can be authenticated
  • Subject : A principal in the context of a security domain
  • Identity : One’s characteristics, traits and preferences
  • Identifier : A data object that uniquely refers to a particular entity
  • Federated Identity : Existence of an agreement between providers on a set of identifiers to use to refer to a principal
  • Asserting Party (SAML Authority) : An entity that produces SAML assertions
  • Identity Provider: An entity that creates, maintains, and manages identity info for principals and provides principal authentication to other service providers.
  • Relying Party : An entity that decides to take an action based on information from another system entity.
  • Service Provider : An entity that provides services to principals or other entities.

SAML Assertions :

An assertion is a declaration of fact, according to someone. SAML assertions contain one or more statements about a subject :

  • Authentication statement : “Joe authenticated with a password at 9.00 am”
  • Attribute statement : “Joe is manager with a $500 spending limit”

<Assertion>
<Issuer/>
<Signature/>
<Subject/>
<Conditions/>
<AttributeStatement/>
<AuthnStatement/>
</Assertion>

SAML

Protocols :

  1. Assertion request
  2. Authentication request
  3. Artifact resolution
  4. Name identifier management
  5. Name identifier mapping
  6. Single logout

Artifacts :

  • A small fixed size structured data object pointing to a typically larger, variably sized SAML protocol message.
  • Designed to be embedded in URLs and conveyed in HTTP messages
  • Allows for “pulling” SAML messages rather than having to push them
  • SAML defines one artifact format but you can roll your own

Bindings

  1. SOAP : Basic way for IdPs and SPs to send SAML protocol messages
  2. Reverse SOAP
  3. HTTP redirect : Method to send SAML message by means of HTTP 302
  4. HTTP POST : Method to send SAML message in base64-encoded HTML form control
  5. HTTP Artifact : way to transport an artifact using HTTP in 2 ways :URL query string and HTML form control
  6. URI : How to retrieve a SAML message by resolving a URI

Profiles

  1. Web Browser SSO
  2. Enhanced client and proxy
  3. IdP discovery
  4. Single Logout
  5. Name identifier management
  6. Artifact resolution
  7. Assertion request
Advertisements

4 Key Things to learn

  1. Hire smart people that are passionate and enthusiastic about your vision
  2. Stay focused – there is a tendency to want to do so much but concentrate on what will get you the biggest bang for your buck
  3. Fail fast – be realistic about what is working and what isn’t and walk away from the non-productive initiatives
  4. Keep it simple – in today’s world of sensory overload, whatever you do make sure that someone gets it immediately

And have fun!

 

http://blog.linkedin.com/2014/06/25/inspiration-starts-at-home/

 

Identity and Access Management Links

Identity and Access Management Resource Links

Ping Identity Training Videos
https://www.pingidentity.com/support/training-center/

OIM Installer
https://code.google.com/p/ofm-installer/

LDAP Conference 2013 Slides
http://ldapcon.org/

LDAP Con 2013 Summary
http://ludopoitou.wordpress.com/2013/11/22/ldapcon-2013-a-summary/

ForgeRock OpenIDM Summit Slides
http://forgerock.com/who-we-are/summits/america-2013/

Things you should know about HTML5

HTML 5 Presentation

5 Things you should know about HTML5

By Identityguru
Dec 04, 2013

1. What is HTML5?

  • HTML5 is a new standard for HTML
  • HTML5 used for Structuring and presenting content for Web
  • HTML5 document is also called Web Pages
  • HTML5 documents contain HTML tags and plain text
  • HTML5 you can create your own Web site
    http://www.argonautsclub.com

2. New features in HTML5

  1. New content-specific elements, like <article>, <footer>, <header>, <nav>, <section>
  2. New form controls, like calendar, date, time, email, url, search
  3. The <video> and <audio> elements for media playback
  4. Full CSS3 Support
  5. The <canvas> element for 2D drawing

3. How to upgrade to HTML5?

  • Change your DOCTYPE:
  • <!DOCTYPE html> And that’s it.
  • Example html5 :
  • <!DOCTYPE html><html><head><meta charset=”UTF-8″>

    <title>Title of the document</title>

    </head>
    <body>

    Content of the document……

    </body>

    </html>

4. What are the HTML5 Rules

  • Reduce the need for external plugins like Flash
  • Better Error Handling
  • More markup to replace scripting like JavaScript
  • HTML5 should be device independent

5. HTML5 Multimedia Video – Bye bye, Flash!

With HTML5, playing video is easier than ever.

    • HTML5 <video> Element

Your browser does not support the video tag.

5. HTML5 Multimedia – Audio

With HTML5, playing audio is easier than ever.

    • HTML5 <audio> Element

Your browser does not support the audio element.

Thank You!

CISSP Study Guide

This blog is about CISSP certificate exam with all the resource information and links.


CISSP Exam :
Prerequisites: 5 year’s experience in any two or more Security Domains (10 listed below)
Number of questions: 250
Score needed to pass: 700 out of 1000
Duration: 6 hours
Price: $599 USD

To Register : http://www.pearsonvue.com/isc2/


CISSP Resources :
(ISC)2 : https://www.isc2.org/
Forum : http://www.cccure.org
FAQ : https://www.isc2.org/cbt-faqs.aspx


Ten Domains :
• Access Control
• Telecommunications and Network Security
• Information Security Governance and Risk Management
• Software Development Security
• Cryptography
• Security Architecture and Design
• Operations Security
• Business Continuity and Disaster Recovery Planning
• Legal, Regulations, Investigations and Compliance
• Physical (Environmental) Security


How to make Indian filter coffee?

How to make Indian filter coffee:

Put required teaspoons of sugar in a stainless steel filter, add powdered coffee. Pour hot water heated to 110 degrees into the filter and close. Collect the first decoction and keep it warm by placing in a tub of hot water. Pour 10 to 15 ml of decoction over sugar. Add milk, (preferably fresh) till it flows onto the saucer. Swish coffee once and drink hot.

 

Learning to Learn

Scoping the subject

The first step in learning about a subject and perhaps the most critical is to determine the scope of the subject you want to learn about.

Having a goal

The next thing you need is a goal. There is no point in learning something just for the sake of learning it.

Finding resources

After you know what you are going to learn and you have a good idea of how you will measure your achievement of the learning, you will undoubtedly need to find some resources for proceeding with your plan.

Putting it into practice

I’ve found the most effective way to actually learn something once I know what I am going to learn and where I am going to get the information from is to study and do at almost the same time.

Immersion

One excellent technique for learning something is to immerse yourself in it. If you really want to learn a programming language, start doing everything in that language.

This content is contributed by John Sonmez at

http://simpleprogrammer.com/2012/09/23/learning-to-learn/