PricingBlogAbout Us

Network Defense & Counter Measures Case Project 11-1: SAML Research

Verified

Added on  2019/09/30

|3
|615
|260
Homework Assignment
AI Summary
This paper provides an overview of Security Assertion Markup Language (SAML), an XML-based standard for web browser single sign-on (SSO). It explores SAML's features, including its use of digital tokens for exchanging authentication and authorization data between an identity provider and a service provider. The paper discusses the Assertion Consumer Service (ACS) and its role in accepting SAML protocol messages, along with the support for multiple security domains. It examines the Authentication Request Protocol as a significant feature of SAML 2.0, and how SAML is used for authentication and authorization. Furthermore, the paper details the advantages of SAML, such as single sign-on capabilities in healthcare and time-saving benefits. It also acknowledges the disadvantages, including vulnerability problems, the lack of stronger authentication backups, and the critical nature of SSO systems. This research paper aims to provide a comprehensive understanding of SAML's functionality and its implications in network defense and security.
Document Page
Network Defense & Counter
Measures
Case Project 11-1: Security Assertion Markup Language
(SAML)
Use the Internet to research Security Assertion Markup Language (SAML). Write a one-page
paper on your research.
SAML (Security Assertion Markup Language) is an XML-based standard for web browser single
sign-on (SSO) that eliminates application-specific passwords. SAML uses single-use, expiring,
digital "tokens" to exchange authentication and authorization data between an identity
provider and cloud application service provider that have an established trust relationship.
What are its features?
https://www.ibm.com/support/knowledgecenter/en/SSAW57_8.5.5/com.ibm.websphere.nd.m
ultiplatform.doc/ae/cwbs_samlssosummary.html
Assertion consumer service (ACS) in WebSphere SAML service provider:
ACS is a secured servlet that accepts a SAML protocol message and establishes the security
context. An ACS URL has a predefined ContextRoot as samlsps, and a URL has the following
format:
https://<host name>:<port>/samlsps/<any uri pattern>Copy
The SAMLResponse received by the ACS will be intercepted by TAI, and upon successful
validation, the request is redirected to the target application service.
Multiple security domain support:
An ACS is deployed in an application security domain, and it is expected that the ACS reside in
the same security domain as the business application. If the ACS and target business application
(RelayState) are in different security domains, the following are some recommended options:
Process the SAMLResponse in the security domain of the ACS.
Reconfigure the ACS to have the same domain as the business application.
Use the target business service as the ACS.
https://en.wikipedia.org/wiki/SAML_2.0
The resulting Authentication Request Protocol is a significant new feature of SAML 2.0.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
How is it being used?
https://www.csoonline.com/article/3232355/authentication/what-is-saml-what-is-it-used-for-
and-how-does-it-work.html
http://saml.xml.org/how-saml-being-used
The Security Assertion Markup Language (SAML), is an open standard that allows security
credentials to be shared by multiple computers across a network. It describes a framework that
allows one computer to perform some security functions on behalf of one or more other
computers:
Authentication: Determining that the users are who they claim to be
Authorization: Determining if users have the right to access certain systems or content
Strictly speaking, SAML refers to the XML variant language used to encode all this information,
but the term can also cover various protocol messages and profiles that make up part of the
standard.
What are its advantages and disadvantages?
https://secureconnexion.wordpress.com/2012/08/24/the-advantages-and-disadvantages-of-
single-sign-on-sso-technology-mini-whitepaper/
Advantages
In the healthcare industry, it could be booming with single-sign-on. If a doctor were to need
to sign-on to a database to access a patient’s files, he/she would also have to access x-rays,
and other data that would be on a different application. Having a single-sign-on for all that
would be life-saving and totally worth it. Not only had that, but hours of saved time.
Apps such as OneLogin provide easy-access to tons of accounts across the board,
particularly social media. It says on their site that they are supporting “identity & access
management for the cloud”.
Disadvantages
Vulnerability problems, such as with authentication, privacy keys, etc.
The lacking of a backup stronger authentication, such as smart cards or one-time password
tokens.
The SSO is a highly-critical tool to keep up always. If the SSO goes out, the user would lose
access to all sites.
The Pros and Cons of Single Sign-On
For Web Services
Document Page
https://www.futurehosting.com/blog/the-pros-and-cons-of-single-sign-on-for-web-services/

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 3
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.