Sometimes It's Better to Be STUCK! SAML Transportation Unit for Cryptographic Keys
نویسندگان
چکیده
Over the last decade the Security Assertion Markup Language (SAML) framework evolved to a versatile standard for exchanging security statements about subjects. Most notably, SAML facilitates the authentication of users, and is thus deployed in both Webservice (SOAP, WS-Security) and REST-based (SAML SSO webbrowser profile, SAML Bearer token in OAuth) services. But at least SAML provides no standardized, overall solution to transport key material. This paper recommends an extension, STUCK the SAML Transportation Unit for Cryptographic Keys, to the SAML framework which provides an easy way to transport cryptographic key material bound to assertions issued by particular subjects. The proposal fits into existing solutions and is fully compliant with the Security Assertion Markup Language, XML Digital Signature and XML Encryption standards.
منابع مشابه
Design of cybernetic metamodel of cryptographic algorithms and ranking of its supporting components using ELECTRE III method
Nowadays, achieving desirable and stable security in networks with national and organizational scope and even in sensitive information systems, should be based on a systematic and comprehensive method and should be done step by step. Cryptography is the most important mechanism for securing information. a cryptographic system consists of three main components: cryptographic algorithms, cryptogr...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کاملAn XML Standards Based Authorization Framework for Mobile Agents
An outstanding security problem in mobile agent systems is resource access control, or authorization in its broader sense. In this paper we present an authorization framework for mobile agents. The system takes as a base distributed RBAC policies allowing the discretionary delegation of authorizations. A solution is provided to assign authorizations to mobile agents in a safe manner. Mobile age...
متن کاملModeling and Analyzing Incremental Quantity Discounts in Transportation Costs for a Joint Economic Lot Sizing Problem
Joint economic lot sizing (JELS) addresses integrated inventory models in a supply chain. Most of the studies in this field either do not consider the role of the transportation cost in their analysis or consider transportation cost as a fixed part of the ordering costs. In this article, a model is developed to analyze an incremental quantity discount in transportation cost. Appropriate equatio...
متن کاملLPKP: location-based probabilistic key pre-distribution scheme for large-scale wireless sensor networks using graph coloring
Communication security of wireless sensor networks is achieved using cryptographic keys assigned to the nodes. Due to resource constraints in such networks, random key pre-distribution schemes are of high interest. Although in most of these schemes no location information is considered, there are scenarios that location information can be obtained by nodes after their deployment. In this paper,...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012