Security Assertion Markup Language (SAML) - Features, Usage, Advantages and Disadvantages


Added on  2019-09-30

3 Pages615 Words260 Views
Network Defense & Counter MeasuresCase Project 11-1: Security Assertion Markup Language (SAML)Use the Internet to research Security Assertion Markup Language (SAML). Write a one-page paper on your research.SAML (Security Assertion Markup Language) is an XML-based standard for web browser single sign-on (SSO) that eliminates application-specific passwords. SAML uses single-use, expiring, digital "tokens" to exchange authentication and authorization data between an identity provider and cloud application service provider that have an established trust relationship.What are its features? https://www.ibm.com/support/knowledgecenter/en/SSAW57_8.5.5/com.ibm.websphere.nd.multiplatform.doc/ae/cwbs_samlssosummary.htmlAssertion consumer service (ACS) in WebSphere SAML service provider:ACS is a secured servlet that accepts a SAML protocol message and establishes the security context. An ACS URL has a predefined ContextRoot as samlsps, and a URL has the following format:https://<host name>:<port>/samlsps/<any uri pattern>CopyThe SAMLResponse received by the ACS will be intercepted by TAI, and upon successful validation, the request is redirected to the target application service.Multiple security domain support:An ACS is deployed in an application security domain, and it is expected that the ACS reside in the same security domain as the business application. If the ACS and target business application(RelayState) are in different security domains, the following are some recommended options:Process the SAMLResponse in the security domain of the ACS.Reconfigure the ACS to have the same domain as the business application.Use the target business service as the ACS.https://en.wikipedia.org/wiki/SAML_2.0The resulting Authentication Request Protocol is a significant new feature of SAML 2.0.

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Deployment Plan for Disaster Recovery Environment with Active Directory