Showing pages 1 to 1 of 3 pages
Network Defense & CounterMeasuresCase Project 11-1: Security Assertion Markup Language(SAML)Use the Internet to researchSecurity Assertion Markup Language(SAML).Write a one-pagepaper on your research.SAML (Security Assertion Markup Language) is an XML-based standard for web browser singlesign-on (SSO) that eliminates application-specific passwords. SAML uses single-use, expiring,digital "tokens" to exchange authentication and authorization data between an identityprovider and cloud application service provider that have an established trust relationship.What are its features?https://www.ibm.com/support/knowledgecenter/en/SSAW57_8.5.5/com.ibm.websphere.nd.multiplatform.doc/ae/cwbs_samlssosummary.htmlAssertion consumer service (ACS) in WebSphere SAML service provider:ACS is a secured servlet that accepts a SAML protocol message and establishes the securitycontext. An ACS URL has a predefined ContextRoot as samlsps, and a URL has the followingformat:https://<host name>:<port>/samlsps/<any uri pattern>CopyThe SAMLResponse received by the ACS will be intercepted by TAI, and upon successfulvalidation, the request is redirected to the target application service.Multiple security domain support:An ACS is deployed in an application security domain, and it is expected that the ACS reside inthe same security domain as the business application. If the ACS and target business application(RelayState) are in different security domains, the following are some recommended options:Process the SAMLResponse in the security domain of the ACS.Reconfigure the ACS to have the same domain as the business application.Use the target business service as the ACS.https://en.wikipedia.org/wiki/SAML_2.0The resulting Authentication Request Protocol is a significant new feature of SAML 2.0.