Dynamic Stateful Service Security
Size: px
Start display at page:

Download "Dynamic Stateful Service Security"

Transcription

1 Dynamic Stateful Security FIA Workshop, Prague 12 May 2009 Mike Surridge innovation.soton.ac.uk

2 Overview Why is dynamic service security important? How we implemented dynamic security? How this relates to service/policy semantics How dynamic security can be applied

3 Dynamic Business Contexts 1. Negotiate Consumer C SLA SLA Factory F 2. Update 3. Request 2. Create SLA Consumer C policy Context T storage 1. Select SLA Context S delegate credential 5. Store data 4. Create store Consumer D 3. Access service Context T Business Context Management Business Delegation

4 Implementation: Process-Based Access Control General approach similar to (say) XACML Key features of Process Based Access Control policies depend on service state as well as user role PDP allows these to be updated by the service Used extensively in GRIA 5.x

5 Dynamic Contextualised PDP Events and State Transitions Static Policy Policy Decision Point (PDP) Dynamic Policy Contexts and their States Context Creation State Changes Allowed Actions per State per and Role Subject Criteria for Roles Role Mappings Target Decision Request (subject, context and action) Decision Response (permit / deny) Policy Enforcement Point (PEP)

6 Policy: States and Roles Example: a simple lockable data storage service delete Start empty full create write lock unlock destroy destroy End locked Roles reader: can retrieve data from the service writer: can also upload or replace data owner: can also change role mappings States empty: service has no data writer: can upload data full: service has data reader: can read data writer: can replace data locked: service has data reader: can read data

7 Role Mappings and Semantics User Roles Reviewer Policy Management map toreader Roles Reader Editor map towriter Writer Author On-the-fly generation of semantic mappings Owner

8 Dynamic Security and Semantics States Semantic Workflow Roles Actors/Agents Dynamic Security process constraints process participation -centric centric Specifications XACML SAML Semantic Web process workflow agent roles User/agent-centric Specifications OWL-S, WSMO, etc FIPA, etc

9 Semantic Web Mediator Semantic Web description including orchestration and security constraints Security-aware service discovery Semantic Firewall Semantic Registry Dynamic PDP Dynamic, stateful, role-based policies Computationally efficient policy decisions /Network Administrator User Policy Enforcement Target

10 Semantic Web Mediator Semantic Web description including orchestration and security constraints Security-aware service discovery Semantic Firewall Semantic Registry Dynamic PDP Dynamic, stateful, role-based policies Computationally efficient policy decisions /Network Administrator Autonomic Management User Policy Enforcement Target

11 Application: TTP Simulation Crash Compatibility Testing, Crash testing is now largely simulated during auto design Crash compatibility: are vehicles safe if they hit each other? Different manufacturers must contribute vehicle design data Neither wants the other to see their data Access to outputs may be conditional on the simulation outcome Centre, AUDI AG and other members of the SIMDAT consortium,

12 Application: TTP Simulation Crash Compatibility Testing, AUDI AG and other members of the SIMDAT consortium,

13 Application: TTP Simulation Crash Compatibility Testing, AUDI AG and other members of the SIMDAT consortium,

14 Dynamic Business Applications 1. Negotiate 2. Update Consumer C ID STS Factory F Consumer C policy Context T 4. Update policy 2. Create ID 1. Select delegate credental 2. Establish trust 3. Select STS Context S STS Context S delegate credental(s) 3. Request ID token 4. Access service Anonymized Consumer D Anonymized Consumer D ID Management Federated Trust Management

15 Summary Dynamic security is a pre-requisite requisite for business- oriented service provision Dynamic security policies will normally be contextualised to a particular service and/or relationship stateful aware of service state role-based aware of service roles and the mappings of user credentials to these roles Dynamic policies can support semantic federated security via dynamic credential-role role mappings security-aware semantic service description Applications include dynamic SLA negotiation, collaborative computation, ID/trust management, etc

Similar documents

Obligation Standardization

Obligation Standardization Standardization David Chadwick, University of Kent Mario Lischka NEC Laboratories Europe 1 Problems with Existing Model s have not been handled fully, they are simply attribute assignments which are consumed

More information

[GSoC Proposal] Securing Airavata API

[GSoC Proposal] Securing Airavata API [GSoC Proposal] Securing Airavata API TITLE: Securing AIRAVATA API ABSTRACT: The goal of this project is to design and implement the solution for securing AIRAVATA API. Particularly, this includes authenticating

More information

Authentication and Authorization of Users and Services in Federated SOA Environments Challenges and Opportunities

Authentication and Authorization of Users and Services in Federated SOA Environments Challenges and Opportunities Federated SOA Environments Challenges and Opportunities Bartosz Jasiul, Joanna Sliwa, Rafał Piotrowski, Robert Goniacz, Marek Amanowicz Military Communication Institute ul. Warszawska 22A, 05-130 Zegrze

More information

SOFTWARE DEMONSTRATION

SOFTWARE DEMONSTRATION SOFTWARE DEMONSTRATION IDENTITY AND ACCESS MANAGEMENT SOFTWARE AND SERVICES RFP 644456 DEMONSTRATION AGENDA Executive Summary Technical Overview Break User Interfaces and Experience Multi-Campus and Inter-Campus

More information

* Inter-Cloud Research: Vision

* Inter-Cloud Research: Vision * Inter-Cloud Research: Vision for 2020 Ana Juan Ferrer, ATOS & Cluster Chair Vendor lock-in for existing adopters Issues: Lack of interoperability, regulatory context, SLAs. Inter-Cloud: Hardly automated,

More information

Identity Provider for SAP Single Sign-On and SAP Identity Management

Identity Provider for SAP Single Sign-On and SAP Identity Management Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with

More information

NAC 2007 Spring Conference

NAC 2007 Spring Conference NAC 2007 Spring Conference Click to edit Master title style OASIS XACML Update Hal Lockhart Office of the CTO BEA Systems hlockhar@bea.com Hal Lockhart Senior Principal Technologist, OCTO Co-chair XACML

More information

Novell Access Manager 3.1

Novell Access Manager 3.1 Technical White Paper IDENTITY AND SECURITY www.novell.com Novell Access Manager 3.1 Access Control, Policy Management and Compliance Assurance Novell Access Manager 3.1 Table of Contents: 2..... Complete

More information

Cloud Access Manager Overview

Cloud Access Manager Overview Cloud Access Manager 8.1.3 Overview Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished

More information

UMA and Dynamic Client Registration. Thomas Hardjono on behalf of the UMA Work Group

UMA and Dynamic Client Registration. Thomas Hardjono on behalf of the UMA Work Group UMA and Dynamic Client Registration Thomas Hardjono on behalf of the UMA Work Group 1 UMA is... A web protocol that lets you control authorization of data sharing and service access made on your behalf

More information

Security Assertions Markup Language (SAML)

Security Assertions Markup Language (SAML) Security Assertions Markup Language (SAML) The standard XML framework for secure information exchange Netegrity White Paper PUBLISHED: MAY 20, 2001 Copyright 2001 Netegrity, Inc. All Rights Reserved. Netegrity

More information

ServiceNow Deployment Guide

ServiceNow Deployment Guide ServiceNow Deployment Guide (For Eureka release and forward) Okta Inc. 301 Brannan Street, 3 rd Floor San Francisco, CA, 94107 info@okta.com 1-888-722-7871 Contents Overview... 3 Active Directory Integration...

More information

BSE-SINGLE SIGN ON. For Brokers/ Banks/ Mutual Funds

BSE-SINGLE SIGN ON. For Brokers/ Banks/ Mutual Funds BSE-SINGLE SIGN ON For Brokers/ Banks/ Mutual Funds Contents Introduction:... 2 Features:... 2 Advantages:... 2 On-boarding process.... 3 SSO application Login Process... 7 Authentication via OTP... 7

More information

Panel 1 Service Platform and Network Infrastructure for Ubiquitous Services

Panel 1 Service Platform and Network Infrastructure for Ubiquitous Services Panel 1 Platform and Network Infrastructure for Ubiquitous s Wolfgang Kellerer DoCoMo Euro-Labs Munich, Germany WWRF WG2 ( Architecture) Vice Chair DoCoMo Communications Landsberger Str. 312 80687 Munich

More information

BEAAquaLogic. Service Bus. Upgrade Guide

BEAAquaLogic. Service Bus. Upgrade Guide BEAAquaLogic Service Bus Upgrade Guide Version 2.5 Document Date: July 2006 Copyright Copyright 1995-2005 BEA Systems, Inc. All Rights Reserved. Restricted Rights Legend This software is protected by copyright,

More information

PERMIS An Application Independent Authorisation Infrastructure. David Chadwick

PERMIS An Application Independent Authorisation Infrastructure. David Chadwick PERMIS An Application Independent Authorisation Infrastructure David Chadwick Role/Attribute Based Access Control Model Hierarchical Role based Access Control (RBAC) Permissions are allocated to roles/attributes

More information

How to create a System Logon Account in Backup Exec for Windows Servers

How to create a System Logon Account in Backup Exec for Windows Servers How to create a System Logon Account in Backup Exec for Windows Servers Problem How to create a System Logon Account in Backup Exec for Windows Servers Solution The Backup Exec System Logon Account (SLA)

More information

Electronic ID at work: issues and perspective

Electronic ID at work: issues and perspective Electronic ID at work: issues and perspective Antonio Lioy < lioy @ polito.it > Politecnico di Torino Dip. Automatica e Informatica Why should I have/use an (e-) ID? to prove my identity to an "authority":

More information

A solution for Access Delegation based on SAML. Ciro Formisano Ermanno Travaglino Isabel Matranga

A solution for Access Delegation based on SAML. Ciro Formisano Ermanno Travaglino Isabel Matranga A solution for Access Delegation based on SAML Ciro Formisano Ermanno Travaglino Isabel Matranga Access Delegation in distributed environments SAML 2.0 Condition to Delegate Implementation Future plans

More information

Scalable and Privacy-preserving Access Mechanism for Dynamic Clouds

Scalable and Privacy-preserving Access Mechanism for Dynamic Clouds Scalable and Privacy-preserving Access Mechanism for Dynamic Clouds Uttam Thakore Spring 2012 Summa Cum Laude Bachelor of Science in Computer Engineering Advisor: Dr. Shigang Chen Table of Contents 1.

More information

CASCOM. Context-Aware Business Application Service Co-ordination ordination in Mobile Computing Environments

CASCOM. Context-Aware Business Application Service Co-ordination ordination in Mobile Computing Environments CASCOM Context-Aware Business Application Service Co-ordination ordination in Mobile Computing Environments Specific Targeted Research Project SIXTH FRAMEWORK PROGRAMME PRIORITY [FP6-2003 2003-IST-2] INFORMATION

More information

Oracle Fusion Middleware

Oracle Fusion Middleware Oracle Fusion Middleware Interoperability Guide for Oracle Web Services Manager 11g Release 1 (11.1.1) E16098-01 October 2009 This document describes how to implement the most common Oracle WSM interoperability

More information

NIST Cloud Computing Security Working Group

NIST Cloud Computing Security Working Group NIST Cloud Computing Security Working Group NIST Cloud Computing Security Reference Architecture NIST Enterprise-Wide Data-Centric Computing Environment February, 2013 Dr. Michaela Iorga, NIST, Computer

More information

SAP Security in a Hybrid World. Kiran Kola

SAP Security in a Hybrid World. Kiran Kola SAP Security in a Hybrid World Kiran Kola Agenda Cybersecurity SAP Cloud Platform Identity Provisioning service SAP Cloud Platform Identity Authentication service SAP Cloud Connector & how to achieve Principal

More information

Identity & Policy (for Security, Privacy and Trust)

Identity & Policy (for Security, Privacy and Trust) Identity & Policy (for Security, Privacy and Trust) October 28th, 2008 Liberty Alliance Wrbcast Rakesh Radhakrishnan Principle Architect (Telco) Technology Lead (Telco) Sun Microsystems, Inc. 1 Agenda

More information

Enhanced Privacy ID (EPID), 156

Enhanced Privacy ID (EPID), 156 Index A Accountability, 148 ActiveDirectory, 153 Amazon AWS EC2, 168 Anonymity, 148 Asset tagging, 96 Attestation definition, 65 dynamic remote attestation techniques, 66 IMA, 67 Intel Trust Attestation

More information

EUDAT - Open Data Services for Research

EUDAT - Open Data Services for Research EUDAT - Open Data Services for Research Johannes Reetz EUDAT operations Max Planck Computing & Data Centre Science Operations Workshop 2015 ESO, Garching 24-27th November 2015 EUDAT receives funding from

More information

Sentinet for Windows Azure VERSION 2.2

Sentinet for Windows Azure VERSION 2.2 Sentinet for Windows Azure VERSION 2.2 Sentinet for Windows Azure 1 Contents Introduction... 2 Customer Benefits... 2 Deployment Topologies... 3 Isolated Deployment Model... 3 Collocated Deployment Model...

More information

Technical Overview. Version March 2018 Author: Vittorio Bertola

Technical Overview. Version March 2018 Author: Vittorio Bertola Technical Overview Version 1.2.3 26 March 2018 Author: Vittorio Bertola vittorio.bertola@open-xchange.com This document is copyrighted by its authors and is released under a CC-BY-ND-3.0 license, which

More information

Oracle Fusion Middleware

Oracle Fusion Middleware Oracle Fusion Middleware Interoperability Guide for Oracle Web Services Manager 11g Release 1 (11.1.1) E16098-04 January 2011 This document describes how to implement the most common Oracle WSM interoperability

More information

Dell One Identity Cloud Access Manager 8.0. Overview

Dell One Identity Cloud Access Manager 8.0. Overview Dell One Identity Cloud Access Manager 8.0 2015 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under

More information

Schedule Identity Services

Schedule Identity Services This document (this Schedule") is the Schedule for Services related to the identity management ( Identity Services ) made pursuant to the ehealth Ontario Services Agreement (the Agreement ) between ehealth

More information

Collaborative Technologies and Enterprise Middleware:

Collaborative Technologies and Enterprise Middleware: Collaborative Technologies and Enterprise Middleware: A View of the Next Few Years A Day in the Life of Jean Blue Chair: OOPS! After the break, we will have Session 2D: Middleware Authentication (instead

More information

TAS 3 Architecture. Sampo Kellomäki Symlabs , ServiceWave, Stockholm

TAS 3 Architecture. Sampo Kellomäki Symlabs , ServiceWave, Stockholm TAS 3 Architecture Sampo Kellomäki (sampo@symlabs.com), Symlabs 23.11.2009, ServiceWave, Stockholm The research leading to these results has received funding from the European Community s Seventh Framework

More information

9.0 Help for Community Managers About Jive for Google Docs...4. System Requirements & Best Practices... 5

9.0 Help for Community Managers About Jive for Google Docs...4. System Requirements & Best Practices... 5 for Google Docs Contents 2 Contents 9.0 Help for Community Managers... 3 About Jive for Google Docs...4 System Requirements & Best Practices... 5 Administering Jive for Google Docs... 6 Quick Start...6

More information

VMware AirWatch Android Platform Guide

VMware AirWatch Android Platform Guide VMware AirWatch Android Platform Guide Workspace ONE UEM v9.4 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com. This product

More information

Attributes used for Authorisation in Network Resource Provisioning

Attributes used for Authorisation in Network Resource Provisioning Attributes used for Authorisation in Network Resource Provisioning (XACML-NRP Authorisation Interoperability Profile for NRP) Yuri Demchenko System and Network Engineering Group University of Amsterdam

More information

Participant User Guide, Version 2.6

Participant User Guide, Version 2.6 Developers Integration Lab (DIL) Participant User Guide, Version 2.6 3/17/2013 REVISION HISTORY Author Date Description of Change 0.1 Laura Edens Mario Hyland 9/19/2011 Initial Release 1.0 Michael Brown

More information

Data Replication: Automated move and copy of data. PRACE Advanced Training Course on Data Staging and Data Movement Helsinki, September 10 th 2013

Data Replication: Automated move and copy of data. PRACE Advanced Training Course on Data Staging and Data Movement Helsinki, September 10 th 2013 Data Replication: Automated move and copy of data PRACE Advanced Training Course on Data Staging and Data Movement Helsinki, September 10 th 2013 Claudio Cacciari c.cacciari@cineca.it Outline The issue

More information

Interoperability Solutions Guide for Oracle Web Services Manager 12c (12.2.1)

Interoperability Solutions Guide for Oracle Web Services Manager 12c (12.2.1) [1]Oracle Fusion Middleware Interoperability Solutions Guide for Oracle Web Services Manager 12c (12.2.1) E57783-01 October 2015 Documentation for software developers that describes how to implement the

More information

A. Post-Onboarding. the device wit be assigned the BYOQ-Provision firewall role in me Aruba Controller.

A. Post-Onboarding. the device wit be assigned the BYOQ-Provision firewall role in me Aruba Controller. Volume: 98 Questions Question: 1 Based on the ClearPass and Aruba Controller configuration settings for On boarding shown, which statement accurate describes an employee's new personal device connecting

More information

Identität und Autorisierung als Grundlage für sichere Web-Services. Dr. Hannes P. Lubich IT Security Strategist

Identität und Autorisierung als Grundlage für sichere Web-Services. Dr. Hannes P. Lubich IT Security Strategist Identität und Autorisierung als Grundlage für sichere Web-Services Dr. Hannes P. Lubich IT Security Strategist The Web Services Temptation For every $1 spent on software $3 to $5 is spent on integration

More information

Juliusz Pukacki OGF25 - Grid technologies in e-health Catania, 2-6 March 2009

Juliusz Pukacki OGF25 - Grid technologies in e-health Catania, 2-6 March 2009 Grid Technologies for Cancer Research in the ACGT Project Juliusz Pukacki (pukacki@man.poznan.pl) OGF25 - Grid technologies in e-health Catania, 2-6 March 2009 Outline ACGT project ACGT architecture Layers

More information

On the Use of Peer-to-Peer Architectures for the Management of Highly Dynamic Environments

On the Use of Peer-to-Peer Architectures for the Management of Highly Dynamic Environments Pisa, Italy - March, 17-2006 On the Use of Peer-to-Peer Architectures for the Management of Highly Dynamic Environments Carlos Kamienski (cak@gprt.ufpe.br) Djamel Sadok (jamel@cin.ufpe.br) Joseane Fidalgo

More information

Identify and cluster touchpoints in several ways Identify risks and initiatives associated to touchpoints

Identify and cluster touchpoints in several ways Identify risks and initiatives associated to touchpoints ARIS ARIS 9.8 SR4 OVERVIEW ARIS Architect / ARIS Designer Use CXM specific queries and spreadsheets to retrieve information and receive a graphical overview of the journey or its related objects. CXM queries

More information

Identity, Authentication and Authorization. John Slankas

Identity, Authentication and Authorization. John Slankas Identity, Authentication and Authorization John Slankas jbslanka@ncsu.edu Identity Who or what a person or thing is; a distinct impression of a single person or thing presented to or perceived by others;

More information

IPitomy System IP1000v2 IP1200 IP2000 IP5000 Extensions Extension Capacity

IPitomy System IP1000v2 IP1200 IP2000 IP5000 Extensions Extension Capacity Feature List IPitomy System IP1000v2 IP1200 IP2000 IP5000 Extensions Extension Capacity Up to Up to Up to Up to 250 30 100 500 Import Names and Email Adresses Auto Create Extensions and Voice Mail Boxes

More information

ISACA Silicon Valley. APIs The Next Hacker Target or a Business and Security Opportunity? Tim Mather, CISO Cadence Design Systems

ISACA Silicon Valley. APIs The Next Hacker Target or a Business and Security Opportunity? Tim Mather, CISO Cadence Design Systems ISACA Silicon Valley APIs The Next Hacker Target or a Business and Security Opportunity? Tim Mather, CISO Cadence Design Systems Why Should You Care About APIs? Because cloud and mobile computing are built

More information

Securing Content in the Department of Defense s Global Information Grid

Securing Content in the Department of Defense s Global Information Grid Securing Content in the Department of Defense s Global Information Grid Secure Knowledge Workshop State University of New York - Buffalo 23-24 September 2004 Robert W. McGraw Technical Director IA Architecture

More information

Privacy Policy Languages:

Privacy Policy Languages: Privacy Policy Languages: XACML vs EPAL 5 th Annual Privacy & Security Workshop 29 October 2004 Anne Anderson Staff Engineer Sun Microsystems Labs Burlington, MA, USA Anne.Anderson@sun.com Copyright 2004

More information

DemoSite.txt Demo Site http://164.100.128.138/eapar Login ID local-admin2 Password eoffice Organization ANDHRA PRADESH Page 1 Step By Step Guide for eapar Application (Demo URL) 1. Login to the eapar URL

More information

glite Java Authorisation Framework (gjaf) and Authorisation Policy coordination

glite Java Authorisation Framework (gjaf) and Authorisation Policy coordination glite Java Authorisation Framework (gjaf) and Authorisation Policy coordination Yuri Demchenko University of Amsterdam MWSG meeting EGEE 06 Conference, September 27, 2006, Geneve www.eu-egee.org EGEE and

More information

Identity in the Cloud Outsourcing Profile Version 1.0

Identity in the Cloud Outsourcing Profile Version 1.0 Identity in the Cloud Outsourcing Profile Version 1.0 Committee Note 01 05 August 2013 Specification URIs This version: http://docs.oasis-open.org/id-cloud/idcloudoutsourcing/v1.0/cn01/idcloud-outsourcing-v1.0-cn01.doc

More information

Case Management System

Case Management System Case Management System Investigator/non-Administrator Instructions Your Lighthouse Services Case Management System (CMS) has been set up and is ready for your use. It is a powerful tool to oversee and

More information

SELF SERVICE INTERFACE CODE OF CONNECTION

SELF SERVICE INTERFACE CODE OF CONNECTION SELF SERVICE INTERFACE CODE OF CONNECTION Definitions SSI Administration User Identity Management System Identity Provider Service Policy Enforcement Point (or PEP) SAML Security Patch Smart Card Token

More information

Federated Authentication with Web Services Clients

Federated Authentication with Web Services Clients Federated Authentication with Web Services Clients in the context of SAML based AAI federations Thomas Lenggenhager thomas.lenggenhager@switch.ch Mannheim, 8. March 2011 Overview SAML n-tier Delegation

More information

5G-ENSURE Workshop, ETSI Security Week Sophia Antipolis, 16 June Mike Surridge, University of Southampton IT Innovation Centre

5G-ENSURE Workshop, ETSI Security Week Sophia Antipolis, 16 June Mike Surridge, University of Southampton IT Innovation Centre 5G-ENSURE (Project Number 671562) A Trust Model for 5G 5G-ENSURE Workshop, ETSI Security Week Sophia Antipolis, 16 June 2017 Mike Surridge, University of Southampton IT Innovation Centre ms _at_ it-innovation.soton.ac.uk

More information

Warm Up to Identity Protocol Soup

Warm Up to Identity Protocol Soup Warm Up to Identity Protocol Soup David Waite Principal Technical Architect 1 Topics What is Digital Identity? What are the different technologies? How are they useful? Where is this space going? 2 Digital

More information

Deploying Access Control using Extended XACML in Open Web Service Environment

Deploying Access Control using Extended XACML in Open Web Service Environment Deploying Access Control using Extended XACML in Open Web Service Environment Thirumaran.M Pondicherry Engg College Dhavachelvan.P Pondicherry University Divya.A Pondicherry Engg College ABSTRACT Now a

More information

CIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products

CIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products CIAM: Need for Identity Governance & Assurance Yash Prakash VP of Products Key Tenets of CIAM Solution Empower consumers, CSRs & administrators Scale to millions of entities, cloud based service Security

More information

The Modern Web Access Management Platform from on-premises to the Cloud

The Modern Web Access Management Platform from on-premises to the Cloud The Modern Web Access Management Platform from on-premises to the Cloud Single Sign On, Access Controls, Session Management and how to use Access Management to protect applications both on premises and

More information

Credential Management in the Grid Security Infrastructure. GlobusWorld Security Workshop January 16, 2003

Credential Management in the Grid Security Infrastructure. GlobusWorld Security Workshop January 16, 2003 Credential Management in the Grid Security Infrastructure GlobusWorld Security Workshop January 16, 2003 Jim Basney jbasney@ncsa.uiuc.edu http://www.ncsa.uiuc.edu/~jbasney/ Credential Management Enrollment:

More information

EUDAT. Towards a pan-european Collaborative Data Infrastructure. Damien Lecarpentier CSC-IT Center for Science, Finland EUDAT User Forum, Barcelona

EUDAT. Towards a pan-european Collaborative Data Infrastructure. Damien Lecarpentier CSC-IT Center for Science, Finland EUDAT User Forum, Barcelona EUDAT Towards a pan-european Collaborative Data Infrastructure Damien Lecarpentier CSC-IT Center for Science, Finland EUDAT User Forum, Barcelona Date: 7 March 2012 EUDAT Key facts Content Project Name

More information

Sophos Mobile. startup guide. Product Version: 8.1

Sophos Mobile. startup guide. Product Version: 8.1 Sophos Mobile startup guide Product Version: 8.1 Contents About this guide... 1 Sophos Mobile licenses... 2 Trial licenses...2 Upgrade trial licenses to full licenses... 2 Update licenses... 2 What are

More information

Topics of Discussion

Topics of Discussion CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies Lecture on NIST Cloud Computing Definition, Standards & Roadmap, Security & Privacy Guidelines Spring 2013 A Specialty Course for Purdue

More information

Carnegie Mellon University. Carnegie Mellon University

Carnegie Mellon University. Carnegie Mellon University OWL-S S Outreach and Tools Carnegie Mellon University Katia Sycara katia@cs.cmu.edu Carnegie Mellon University http://www.cs.cmu.edu/~softagents Outline Goal: Create the Semantic Web Services revolution.

More information

WorldCat Knowledge Base Release Notes for Contents

WorldCat Knowledge Base Release Notes for Contents WorldCat Knowledge Base Release Notes for 2014-07-27 Contents New Features... 2 Knowledge Base Cooperative Data Management: Phase Three... 2 Enhancements... 3 Migration to WorldShare Interface Complete...

More information

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE March 2018 Table of Contents Introduction...1 Design...2 Use Cases...2 Underlay...3 Overlay...3 Dynamic Segmentation...3 Non-Stop Networking...4 Summary...5

More information

DCCKI Interface Design Specification. and. DCCKI Repository Interface Design Specification

DCCKI Interface Design Specification. and. DCCKI Repository Interface Design Specification DCCKI Interface Design Specification and DCCKI Repository Interface Design Specification 1 INTRODUCTION Document Purpose 1.1 Pursuant to Section L13.13 of the Code (DCCKI Interface Design Specification),

More information

Lesson 22 XACML Service Oriented Architectures Security Module 1 - Basic technologies Unit 1 Introduction

Lesson 22 XACML Service Oriented Architectures Security Module 1 - Basic technologies Unit 1 Introduction Lesson 22 XACML Service Oriented Architectures Security Module 1 - Basic technologies Unit 1 Introduction Ernesto Damiani Università di Milano Pag. 1 XACML - Topics Goals Approach Examples Summary Purdue

More information

1. Federation Participant Information DRAFT

1. Federation Participant Information DRAFT INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES [NOTE: This document should be considered a as MIT is still in the process of spinning up its participation in InCommon.] Participation in InCommon

More information

extensible Access Control Markup Language (XACML) Anne Anderson Sun Microsystems, Inc. GSA Identity Workshop 27 Feb 2007

extensible Access Control Markup Language (XACML) Anne Anderson Sun Microsystems, Inc. GSA Identity Workshop 27 Feb 2007 extensible Access Control Markup Language (XACML) Anne Anderson Sun Microsystems, Inc. GSA Identity Workshop 27 Feb 2007 Outline Introduction to XACML XACML 3.0: Coming soon! > Administrative Policy and

More information

Nuance Management Center

Nuance Management Center Nuance Management Center Version 5.6 Release Notes Copyright Copyright 2002-2016 Nuance Communications, Inc. All rights reserved. Nuance, ScanSoft, the Nuance logo, the Dragon logo, Dragon, DragonBar,

More information

An authorization Framework for Grid Security using GT4

An authorization Framework for Grid Security using GT4 www.ijcsi.org 310 An authorization Framework for Grid Security using GT4 Debabrata Singh 1, Bhupendra Gupta 2,B.M.Acharya 3 4, Sarbeswar Hota S O A University, Bhubaneswar Abstract A Grid system is a Virtual

More information

Securing your Standards Based Services. Rüdiger Gartmann (con terra GmbH) Satish Sankaran (Esri)

Securing your Standards Based Services. Rüdiger Gartmann (con terra GmbH) Satish Sankaran (Esri) Securing your Standards Based Services Rüdiger Gartmann (con terra GmbH) Satish Sankaran (Esri) Agenda What are your security goals? Access control Standards and interoperability User management and authentication

More information

Case Management System

Case Management System Case Management System Administrator Instructions Your Lighthouse Services Case Management System (CMS) has been set up and is ready for your use. It is a powerful tool to oversee and manage all your Lighthouse

More information

Advanced Grid Technologies, Services & Systems: Research Priorities and Objectives of WP

Advanced Grid Technologies, Services & Systems: Research Priorities and Objectives of WP Advanced Grid Technologies, Services & Systems: Research Priorities and Objectives of WP 2005-06 06 IST Call 5 Preparatory Workshop Brussels, 31 Jan 1 Feb 2005 Enabling application Max Lemke Deputy Head

More information

Contents About This Guide... 5 About Notifications... 5 Managing User Accounts... 6 Managing Companies Managing Password Policies...

Contents About This Guide... 5 About Notifications... 5 Managing User Accounts... 6 Managing Companies Managing Password Policies... Cloud Services Identity Management Administration Guide Version 17 July 2017 Contents About This Guide... 5 About Notifications... 5 Managing User Accounts... 6 About the User Administration Table...

More information

Trust Eleva,on Architecture v03

Trust Eleva,on Architecture v03 Trust Eleva,on Architecture v03 DISCUSSION DRAFT 2015-01- 27 Andrew Hughes 1 Purpose of this presenta,on To alempt to explain the Trust Eleva,on mechanism as a form of ALribute Based Access Control To

More information

Oracle Banking Digital Experience

Oracle Banking Digital Experience Oracle Banking Digital Experience Core Corporate Admin User Manual Release 17.1.0.0.0 Part No. E83887-01 March 2017 Core Corporate Admin User Manual March 2017 Oracle Financial Services Software Limited

More information

Welcome to the New DocuSign Experience!

Welcome to the New DocuSign Experience! Welcome to the! Sending an Envelope If you are reading this then you have begun your transition from the DocuSign application to the New DocuSign Experience. We believe you will find the to be a refreshing

More information

Case Management System

Case Management System Case Management System Investigator/non-Administrator Instructions Your Lighthouse Services Case Management System (CMS) has been set up and is ready for your use. It is a powerful tool to oversee and

More information

Setting up Special Credentials:

Setting up Special Credentials: Setting up Special Credentials: Adding a Toggle Credential A toggle badge will allow a specific credential to toggle a door from an unlock state and then back to a locked state. For example: if a door

More information

SEMANTIC SOLUTIONS FOR OIL & GAS: ROLES AND RESPONSIBILITIES

SEMANTIC SOLUTIONS FOR OIL & GAS: ROLES AND RESPONSIBILITIES SEMANTIC SOLUTIONS FOR OIL & GAS: ROLES AND RESPONSIBILITIES Jeremy Carroll, Ralph Hodgson, {jeremy,ralph}@topquadrant.com This paper is submitted to The W3C Workshop on Semantic Web in Energy Industries

More information

McAfee Cloud Identity Manager

McAfee Cloud Identity Manager WebExConnect Cloud Connector Guide McAfee Cloud Identity Manager version 3.5 or later COPYRIGHT Copyright 2013 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,

More information

WebPeer: A P2P-based System for

WebPeer: A P2P-based System for Huazhong University of Science and Technology Web: A P2P-based System for Publishing and Discovering Web Services Ruixuan Li Internet and Distributed Computing Laboratory College of Computer Science and

More information

The Web Information system for the Italian National Institute for Astrophysics: the experience by using the Zope/Plone framework

The Web Information system for the Italian National Institute for Astrophysics: the experience by using the Zope/Plone framework The Web Information system for the Italian National Institute for Astrophysics: the experience by using the Zope/Plone framework Serena Pastore, Caterina Boccato INAF-Astronomical Observatory of Padova

More information

Securing Containers Using a PNSC and a Cisco VSG

Securing Containers Using a PNSC and a Cisco VSG Securing Containers Using a PNSC and a Cisco VSG This chapter contains the following sections: About Prime Network Service Controllers, page 1 Integrating a VSG into an Application Container, page 4 About

More information

Canadian Access Federation: Trust Assertion Document (TAD)

Canadian Access Federation: Trust Assertion Document (TAD) Participant Name: Portage Network 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources

More information

Identity Management (IdM) is a crosscutting focus area for DHS

Identity Management (IdM) is a crosscutting focus area for DHS DHS & Identity Management Anil John Telephone: (443) 778-0612 Email: anil.john@jhuapl.edu 1 Identity Management (IdM) is a crosscutting focus area for DHS Enabling Homeland Capabilities EHC #1: Cross-Agency

More information

Integration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for SonicWALL Secure Remote Access

Integration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for SonicWALL Secure Remote Access SafeNet Authentication Manager Integration Guide Using SAM as an Identity Provider for SonicWALL Secure Remote Access Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright

More information

Authlogics Forefront TMG and UAG Agent Integration Guide

Authlogics Forefront TMG and UAG Agent Integration Guide Authlogics Forefront TMG and UAG Agent Integration Guide With PINgrid, PINphrase & PINpass Technology Product Version: 3.0.6230.0 Publication date: January 2017 Authlogics, 12 th Floor, Ocean House, The

More information

Securing Containers Using a PNSC and a Cisco VSG

Securing Containers Using a PNSC and a Cisco VSG Securing Containers Using a PNSC and a Cisco VSG This chapter contains the following sections: About Prime Network Service Controllers, page 1 Integrating a VSG into an Application Container, page 3 About

More information

Oracle Banking Digital Experience

Oracle Banking Digital Experience Oracle Banking Digital Experience Core Corporate Admin User Manual Release 17.2.0.0.0 Part No. E88573-01 July 2017 Core Corporate Admin User Manual July 2017 Oracle Financial Services Software Limited

More information

Oracle 1Z Oracle SOA Suite 12c Essentials.

Oracle 1Z Oracle SOA Suite 12c Essentials. Oracle 1Z0-434 Oracle SOA Suite 12c Essentials http://killexams.com/exam-detail/1z0-434 QUESTION: 76 After a successful web application login, an Oracle Access Manager (OAM) token is made available to

More information

Nuance Management Center

Nuance Management Center Nuance Management Center Version 5.7 Release Notes Copyright Copyright 2002-2016 Nuance Communications, Inc. All rights reserved. Nuance, ScanSoft, the Nuance logo, the Dragon logo, Dragon, DragonBar,

More information

Box Competitive Sheet January 2014

Box Competitive Sheet January 2014 This document is a comparison of file sharing and collaboration capabilities offered by Soonr Workplace and Box. Narrative is provided when there is no direct comparison between the capabilities or when

More information

Managing Trust in e-health with Federated Identity Management

Managing Trust in e-health with Federated Identity Management ehealth Workshop Konolfingen (CH) Dec 4--5, 2007 Managing Trust in e-health with Federated Identity Management Dr. rer. nat. Hellmuth Broda Distinguished Director and CTO, Global Government Strategy, Sun

More information

Thebes, WS SAML, and Federation

Thebes, WS SAML, and Federation Thebes, WS SAML, and Federation Internet2 Fall Member Meeting November 3, 2010 Thebes Consortium Georgetown University Arnie Miles adm35@georgetown.edu http://code.google.com/p/thebes/ Back story I haven't

More information

Implementing Policy-based Content Filtering for Web Servers

Implementing Policy-based Content Filtering for Web Servers Implementing Policy-based Content Filtering for Web Servers Tony White 1, Eugen Bacic 2 1 School of Computer Science, Carleton University 2 Cinnabar Networks {arpwhite@scs.carleton.ca, ebacic@cinnabar.ca}

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback