Information Network I Web 3.0. Youki Kadobayashi NAIST
|
|
- Candice McCarthy
- 5 years ago
- Views:
Transcription
1 Information Network I Web 3.0 Youki Kadobayashi NAIST
2 Web 3.0 Overview: Interoperability in the Web dimension (1) Interoperability of data: Metadata Data about data Assist in interacting with arbitrary (including unknown) resources that support known interfaces Identification Identification of resources Common ID space Openness Discovery Discovery of services associated with the resource Maps Appointments Social media Address Copyright(C)2010 Youki Kadobayashi. All rights reserved. 2
3 Web 3.0 Overview: Interoperability in the Web dimension (2) Interoperability of user identifier Identification Identification of user Common ID space Discovery Authentication Proof of identity through shared secret, proof of possession, physical traits etc. Authorization Access privileges Set of granted operations Maps Appointments Social media Copyright(C)2010 Youki Kadobayashi. All rights reserved. 3 User
4 Data about data Metadata Assist in interacting with arbitrary (including unknown) resources that support known interfaces Copyright(C)2010 Youki Kadobayashi. All rights reserved. 4
5 Metadata standard: RDF RDF: Resource Description Format W3C standards RDF primer RDF concepts and abstract syntax RDF vocabulary description language 1.0: RDF schema Many representation forms: RDF/XML RDF triples Turtle Copyright(C)2010 Youki Kadobayashi. All rights reserved. 5
6 RDF: an example (1) An RDF Graph. Source: W3C RDF primer Copyright(C)2010 Youki Kadobayashi. All rights reserved. 6
7 RDF/XML example RDF: an example (2) <?xml version="1.0"?> <rdf:rdf xmlns:rdf=" xmlns:contact=" <contact:person rdf:about=" <contact:fullname>eric Miller</contact:fullName> <contact:mailbox <contact:personaltitle>dr.</contact:personaltitle> </contact:person> </rdf:rdf> RDF triples ex:index.html dc:creator exstaff: ex:index.html exterms:creation-date "August 16, 1999". ex:index.html dc:language "en". Source: W3C RDF primer Copyright(C)2010 Youki Kadobayashi. All rights reserved. 7
8 RDF: an example (3) Turtle serialization syntax for rdf: contact: < < rdf:type contact:person; contact:fullname "Eric Miller"; contact:mailbox contact:personaltitle "Dr.". Source: W3C RDF primer, turtle version Copyright(C)2010 Youki Kadobayashi. All rights reserved. 8
9 Microformat XHTML-based Simple, open data formats microformats.org People, events, tags, No new language hcard <span class="tel"> <span class="type">home</span>: <span class="value"> </span> </span> hcalendar <span class="vevent"> <span class="summary">the WASForum 2010</span> on <span class="dtstart"> </span> at the Kokuyo Hall in <span class="location">tokyo, Japan</span>. </span> Look for Microformat-aware plugin for your favorite Web browser Copyright(C)2010 Youki Kadobayashi. All rights reserved. 9
10 Identification of resources Common ID space Openness URI revisited foo://example.com:8042/over/there?name=ferret#nose _/ / / / / scheme authority path query fragment / / urn:example:animal:ferret:nose Globally unique identification of resources? Copyright(C)2010 Youki Kadobayashi. All rights reserved. 10
11 Data identification standards DOI: Digital Object Identifier UUID: Universally Unique Identifier Copyright(C)2010 Youki Kadobayashi. All rights reserved. 11
12 DOI: Digital Object Identifier Coordinated by International DOI Foundation Standardized as ISO/DIS Used to globally and uniquely identify electronic document or other object DOI: / Naming authority (10: DOI project) Registrant (1145: ACM) Item ID Copyright(C)2010 Youki Kadobayashi. All rights reserved. 12
13 UUID: Universally Unique Identifier also known as GUID X.667 (ITU-T SG17) RFC 4122 (IETF) Generation and registration of Universally Unique Identifiers (UUIDs) and their use as ASN.1 object identifier components Time-based UUID (v1) Node: 48-bit MAC address Name-based UUID (v3, v5) Node: 48 bits from hash: MD5(name) or SHA1(name) Random number-based UUID (v4) Node: 48-bit random UUID URN namespace urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6 v node Copyright(C)2010 Youki Kadobayashi. All rights reserved. 13
14 Discovery Discovery of services associated with the resource Resource identifier Resolver? Service endpoint identifier Capabilities Copyright(C)2010 Youki Kadobayashi. All rights reserved. 14
15 Discovery standards Handle System For DOI etc. Defined by: IETF EPCglobal Object Name Service (ONS) For RFID tags Defined by: EPCglobal XRI For web 3.0 etc. Defined by: OASIS OID resolver For OID (object identifier) Defined by: ITU-T SG Copyright(C)2010 Youki Kadobayashi. All rights reserved. 15
16 RFC 3650 Handle System Identifier and resolution services DOI: an application of Handle System >> redirects you to CACM 52(9), Security in the Browser For more info: Copyright(C)2010 Youki Kadobayashi. All rights reserved. 16
17 Discovery standard: XRI -- An OASIS standard for service discovery Source: OASIS Extensible Resource Identifier (XRI) Resolution Version Copyright(C)2010 Youki Kadobayashi. All rights reserved. 17
18 Interoperability of data in Web 3.0 Identification Discovery Metadata Data Metadata Confined Data Interactions 3.0 Services Bring back the ownership of data! Copyright(C)2010 Youki Kadobayashi. All rights reserved. 18
19 Common ID space Hierarchical vs Federated Identification of user Implications of openness Assignment Identity ownership Conflict resolution/avoidance Assurance Verification Persistence Maps Appointments User Social media Copyright(C)2010 Youki Kadobayashi. All rights reserved. 19
20 Identity management standards X.500 series Hierarchical ID space Distinguished Name as user identifier Originally defined by ITU-T SG 17 in X.500 series Today: IETF PKIX WG / ITU-T SG 17 Q.12 OpenID Federated ID space URL as user identifier Notion of Persona Ability to control privacy of identity information Developed by OpenID Foundation Copyright(C)2010 Youki Kadobayashi. All rights reserved. 20
21 Authentication Proof of identity through: Shared secret Password Use of public/private key pair Digital certificate Proof of possession Hardware token -- IC card etc. Physical traits Fingerprints etc. etc. Multi-factor authentication Combination of two or more of the above Copyright(C)2010 Youki Kadobayashi. All rights reserved. 21
22 X.509 Digital Certificate Defined in ITU-T X.509 Information technology Open Systems Interconnection The Directory: Public-key and attribute certificate frameworks X.509 certificate contains: Issuer CN Subject CN Validity period Subject Public Key Signature Algorithm Signature of the issuer Digital signature in X.509. Source: ITU-T Rec. X / Copyright(C)2010 Youki Kadobayashi. All rights reserved. 22
23 X.509 Digital Certificate in action Issuer CN: Equifax Secure Global ebusiness CA-1 Subject CN: Equifax Secure Global ebusiness CA-1 Validity period: 99/06/21 13:00:00-20/06/21 13:00:00 Subject Public Key: ba e Signature Algorithm: PKCS #1 MD5 With RSA Encryption Signature of the issuer: 30 e aa c7 sign certificate Issuer CN: Equifax Secure Global ebusiness CA-1 Subject CN: *.myopenid.com Validity period: 09/04/29 7:08:45-11/05/30 7:08:45 Subject Public Key: d bb Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption Signature of the issuer: 5e 54 e4 c e 9c Copyright(C)2010 Youki Kadobayashi. All rights reserved. 23
24 OpenID authentication protocol Federated ID space URL as user identifier OP: OpenID provider Provides authentication service RP: Relying Party Service that relies on OpenID authentication service Copyright(C)2010 Youki Kadobayashi. All rights reserved. 24
25 OpenID auth protocol in action User Agent Relying Party OpenID Provider User URI or XRI Redirect; get token Get token Discovery XRDS Diffie-Hellman Post credential Redirect Token For more details, consult OpenID Authentication 2.0 spec Copyright(C)2010 Youki Kadobayashi. All rights reserved. 25
26 Authorization Now I know your name and you re here, but it s completely different from what you may do in this room Access privileges Set of granted operations Create, Delete Read, Update User Persona Example: CRUD operation over Persona in social media Copyright(C)2010 Youki Kadobayashi. All rights reserved. 26
27 Authorization process Identify user Authenticate user Map to specific group or role Identify access privilege Permit or deny operation N.B. many variations do exist Copyright(C)2010 Youki Kadobayashi. All rights reserved. 27
28 OAuth Authorization standards For use with OpenID authentication An open protocol to allow secure API authorization in a simple and standard method from desktop and web applications IETF Open Authentication Protocol WG X.509 attribute certificate RFC 3281: An Internet Attribute Certificate Profile for Authorization For use with X.509 digital certificate Copyright(C)2010 Youki Kadobayashi. All rights reserved. 28
29 Open Identity in Web 3.0 Identification Discovery Metadata Metadata User Confined Assignment Ownership Conflict resolution Assurance Verification Persistence User Interactions 3.0 Services Bring back the ownership of identity! Copyright(C)2010 Youki Kadobayashi. All rights reserved. 29
30 Summary -- Web 3.0: Interoperability in the Web dimension Interoperability of data: Metadata Interoperability of user ID: Identification Identification Discovery Discovery Authentication Authorization Copyright(C)2010 Youki Kadobayashi. All rights reserved. 30
Web 3.0 Overview: Interoperability in the Web dimension (1) Web 3.0 Overview: Interoperability in the Web dimension (2) Metadata
Information Network I Web 3.0 Youki Kadobayashi NAIST Web 3.0 Overview: Interoperability in the Web dimension (1) Interoperability of data: Assist in interacting with arbitrary (including unknown) resources
More informationChapter 13: Advanced topic 3 Web 3.0
Chapter 13: Advanced topic 3 Web 3.0 Contents Web 3.0 Metadata RDF SPARQL OWL Web 3.0 Web 1.0 Website publish information, user read it Ex: Web 2.0 User create content: post information, modify, delete
More informationWhat's New in RDF 1.1
What's New in RDF 1.1 SemTechBiz June 2013 http://www.w3.org/2013/talks/0603-rdf11 Sandro Hawke, W3C Staff sandro@w3.org @sandhawke Overview 1. Stability and Interoperability 2. Non-XML Syntaxes Turtle
More informationImplementing and extending SPARQL queries over DLVHEX
Implementing and extending SPARQL queries over DLVHEX Gennaro Frazzingaro Bachelor Thesis Presentation - October 5, 2007 From a work performed in Madrid, Spain Galway, Ireland Rende, Italy How to solve
More informationSemantic Web Engineering
Semantic Web Engineering Gerald Reif reif@ifi.unizh.ch Fr. 10:15-11:45, Room 2.A.10 The Resource Description Framework RDF Trust Proof Logic Ontology vocabulary RDF + RDF Schema XML + NS + XML Schema Unicode
More informationPKI Knowledge Dissemination Program. PKI Standards. Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore
PKI Standards Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore Under the Aegis of Controller of Certifying Authorities (CCA) Government of India 1 PKCS Why PKCS? Even
More informationIdentity management. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2014
Identity management Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014 Outline 1. Single sign-on 2. SAML and Shibboleth 3. OpenId 4. OAuth 5. (Corporate IAM) 6. Strong identity 2
More informationO N T O P E D I A. The Identity of Everything. Subject Identity. Steve Pepper. INF5909,
Subject Identity Steve Pepper pepper.steve@gmail.com INF5909, 2009-02-23 Agenda Merging in Topic Maps The Importance of Identity The Topic Maps Approach to Identity The Identity Crisis of the Web Published
More informationRDF and RDF Schema. Resource Description Framework
RDF and RDF Schema Resource Description Framework Outline RDF Design objectives RDF General structure RDF Vocabularies Serialization: XML Semantic features RDF Schema RDF Semantics and Reasoning 2019-01-14
More informationAuthentication in the Cloud. Stefan Seelmann
Authentication in the Cloud Stefan Seelmann Agenda Use Cases View Points Existing Solutions Upcoming Solutions Use Cases End user needs login to a site or service End user wants to share access to resources
More informationDescriptions. Robert Grimm New York University
Descriptions Robert Grimm New York University The Final Assignment! Your own application! Discussion board! Think: Paper summaries! Time tracker! Think: Productivity tracking! Web cam proxy! Think: George
More informationWeb Based Single Sign-On and Access Control
0-- Web Based Single Sign-On and Access Control Different username and password for each website Typically, passwords will be reused will be weak will be written down Many websites to attack when looking
More informationIdentity management. Tuomas Aura T Information security technology. Aalto University, autumn 2011
Identity management Tuomas Aura T-110.4206 Information security technology Aalto University, autumn 2011 Outline 1. Single sign-on 2. OpenId 3. SAML and Shibboleth 4. Corporate IAM 5. Strong identity 2
More informationDescriptions. Robert Grimm New York University
Descriptions Robert Grimm New York University The Final Assignment! Your own application! Discussion board! Think: Paper summaries! Web cam proxy! Think: George Orwell or JenCam! Visitor announcement and
More informationTechnical Overview. Version March 2018 Author: Vittorio Bertola
Technical Overview Version 1.2.3 26 March 2018 Author: Vittorio Bertola vittorio.bertola@open-xchange.com This document is copyrighted by its authors and is released under a CC-BY-ND-3.0 license, which
More informationPractical. David Recordon Brian Ellin
Practical David Recordon drecordon@verisign.com Brian Ellin brian@janrain.com OSCON 2006 What was OpenID 1.1? An identity authentication system A protocol gratis, libre Not a service or company not Passport
More informationLesson 13 Securing Web Services (WS-Security, SAML)
Lesson 13 Securing Web Services (WS-Security, SAML) Service Oriented Architectures Module 2 - WS Security Unit 1 Auxiliary Protocols Ernesto Damiani Università di Milano element This element
More informationPKCS #15: Conformance Profile Specification
Table of Contents PKCS #15: Conformance Profile Specification RSA Laboratories August 1, 2000 1 INTRODUCTION... 2 1 REFERENCES AND RELATED DOCUMENTS... 2 2 DEFINITIONS... 2 3 SYMBOLS AND ABBREVIATIONS...
More informationDigital Certificates Demystified
Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates
More informationINTEGRATED SECURITY SYSTEM FOR E-GOVERNMENT BASED ON SAML STANDARD
INTEGRATED SECURITY SYSTEM FOR E-GOVERNMENT BASED ON SAML STANDARD Jeffy Mwakalinga, Prof Louise Yngström Department of Computer and System Sciences Royal Institute of Technology / Stockholm University
More informationThe Semantic Web Revisited. Nigel Shadbolt Tim Berners-Lee Wendy Hall
The Semantic Web Revisited Nigel Shadbolt Tim Berners-Lee Wendy Hall Today sweb It is designed for human consumption Information retrieval is mainly supported by keyword-based search engines Some problems
More informationThe Identity Web An Overview of XNS and the OASIS XRI TC
The Identity Web An Overview of XNS and the OASIS XRI TC XML WG December 17, 2002 Marc LeMaitre VP Technology Strategy OneName Corporation Goals of this presentation Introduce the idea of the Identity
More informationTutorial: Building the Services Ecosystem
Tutorial: Building the Services Ecosystem GlobusWorld 2018 Steve Tuecke tuecke@globus.org What is a services ecosystem? Anybody can build services with secure REST APIs App Globus Transfer Your Service
More informationDistributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018
Distributed Systems 25. Authentication Paul Krzyzanowski Rutgers University Fall 2018 2018 Paul Krzyzanowski 1 Authentication For a user (or process): Establish & verify identity Then decide whether to
More informationU.S. E-Authentication Interoperability Lab Engineer
Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI
More informationCS November 2018
Authentication Distributed Systems 25. Authentication For a user (or process): Establish & verify identity Then decide whether to allow access to resources (= authorization) Paul Krzyzanowski Rutgers University
More informationExtended Identity for Social Networks
Extended Identity for Social Networks Antonio Tapiador, Antonio Fumero, and Joaquín Salvachúa Universidad Politécnica de Madrid, ETSI Telecomunicación, Avenida Complutense 30, 28040 Madrid, Spain {atapiador,amfumero,jsalvachua}@dit.upm.es
More informationSecurity Protocols and Infrastructures. Winter Term 2015/2016
Security Protocols and Infrastructures Winter Term 2015/2016 Nicolas Buchmann (Harald Baier) Chapter 5: Standards for Security Infrastructures Contents Introduction and naming scheme X.509 and its core
More informationAPI Gateway. Version 7.5.1
O A U T H U S E R G U I D E API Gateway Version 7.5.1 15 September 2017 Copyright 2017 Axway All rights reserved. This documentation describes the following Axway software: Axway API Gateway 7.5.1 No part
More informationSecurity Protocols and Infrastructures
Security Protocols and Infrastructures Dr. Michael Schneider michael.schneider@h-da.de Chapter 5: Standards for Security Infrastructures November 13, 2017 h_da WS2017/18 Dr. Michael Schneider 1 1 Introduction
More informationSemantic Web Tools. Federico Chesani 18 Febbraio 2010
Semantic Web Tools Federico Chesani 18 Febbraio 2010 Outline A unique way for identifying concepts How to uniquely identified concepts? -> by means of a name system... SW exploits an already available
More informationDistributed Access Control. Trust Management Approach. Characteristics. Another Example. An Example
CS489/589: Access Control & System Security Lecture 5 : Distributed Access Control and Trust anagement Distributed Access Control Flexible and scalable access control in large scale, open, distributed,
More informationOverview! Automated Certificate Management (ACME) Protocol! IP-NNI Task Force! Mary Barnes - iconectiv!
Overview! Automated Certificate Management (ACME) Protocol! IP-NNI Task Force! Mary Barnes - iconectiv! ACME Overview! ACME is a protocol being developed in IETF for Automated Certificate Management.!
More informationFederal Identity, Credentialing, and Access Management. OpenID 2.0 Profile. Version Release Candidate
Federal Identity, Credentialing, and Access Management OpenID 2.0 Profile Version 1.0.1 Release Candidate November 18, 2009 Document History Status Release Date Comment Audience Release Candidate Release
More information05/31/2010. Smart OpenID
05/31/2010 Smart OpenID Smart OpenID Smartcard Webserver Enabled SSO for Web 2.0 using OpenID Andreas Leicher, Andreas U. Schmidt (Novalyst IT), Inhyok Cha, Yogendra Shah (InterDigital Communications)
More informationRSA SecurID Ready Implementation Guide. Last Modified: December 13, 2013
Ping Identity RSA SecurID Ready Implementation Guide Partner Information Last Modified: December 13, 2013 Product Information Partner Name Ping Identity Web Site www.pingidentity.com Product Name PingFederate
More informationDisplaying SSL Configuration Information and Statistics
CHAPTER 7 Displaying SSL Configuration Information and Statistics This chapter describes the show commands available for displaying CSS SSL configuration information and statistics and an explanation of
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 11: Public Key Infrastructure Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Public key infrastructure Certificates Trust
More informationWarm Up to Identity Protocol Soup
Warm Up to Identity Protocol Soup David Waite Principal Technical Architect 1 Topics What is Digital Identity? What are the different technologies? How are they useful? Where is this space going? 2 Digital
More informationAuthentication. August 17, 2018 Version 9.4. For the most recent version of this document, visit our documentation website.
Authentication August 17, 2018 Version 9.4 For the most recent version of this document, visit our documentation website. Table of Contents 1 Authentication 4 1.1 Authentication mechanisms 4 1.2 Authentication
More informationUnique Identifiers Assessment: Results. R. Duerr
Unique Identifiers Assessment: Results 1 Outline Background Identifier schemes Assessment criteria Levels of data Use cases Assessment Results Preparing Data for Ingest, R. presented Duerr 10/27/09 by
More informationWeb Services Security: XCBF Token Profile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 Web Services Security: XCBF Token Profile Working Draft 1.1, Sunday, 30 March 2003 Document identifier:
More informationPUBLIC-KEY CERTIFICATES
INFS 766 Internet Security Protocols Lecture 6 Digital Certificates Prof. Ravi Sandhu PUBLIC-KEY CERTIFICATES reliable distribution of public-keys public-key encryption sender needs public key of receiver
More informationWeb Services Security XCBF Token Profile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 Web Services Security XCBF Token Profile Working Draft 1.0, Monday, 25 November 2002 Document identifier:
More informationNigori: Storing Secrets in the Cloud. Ben Laurie
Nigori: Storing Secrets in the Cloud Ben Laurie (benl@google.com) April 23, 2013 1 Introduction Secure login is something we would clearly like, but achieving it practically for the majority users turns
More informationISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University
Identity Management and Federated ID (Liberty Alliance) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Identity Identity is the fundamental concept of uniquely
More informationSingle Sign-On for PCF. User's Guide
Single Sign-On for PCF Version 1.2 User's Guide 2018 Pivotal Software, Inc. Table of Contents Table of Contents Single Sign-On Overview Installation Getting Started with Single Sign-On Manage Service Plans
More informationAuthentication CHAPTER 17
Authentication CHAPTER 17 Authentication Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources. getting entrance
More informationOAuth 2 and Native Apps
OAuth 2 and Native Apps Flows While all OAuth 2 flows can be used by native apps, only the user delegation flows will be considered in this document: Web Server, User-Agent and Device flows. The Web Server
More informationContents. G52IWS: The Semantic Web. The Semantic Web. Semantic web elements. Semantic Web technologies. Semantic Web Services
Contents G52IWS: The Semantic Web Chris Greenhalgh 2007-11-10 Introduction to the Semantic Web Semantic Web technologies Overview RDF OWL Semantic Web Services Concluding comments 1 See Developing Semantic
More informationValidation Working Group: Proposed Revisions to
Validation Working Group: Proposed Revisions to 3.2.2.4 Introduction Current Baseline Requirements For each Fully Qualified Domain Name listed in a Certificate, the CA SHALL confirm that, as of the date
More informationCertification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure
Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure 1.0 INTRODUCTION 1.1 Overview The Federal Reserve Banks operate a public key infrastructure (PKI) that manages
More informationMajor SAML 2.0 Changes. Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007
Major SAML 2.0 Changes Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007 Tokens, Protocols, Bindings, and Profiles Tokens are requests and assertions Protocols bindings are communication
More informationHow to Configure Authentication and Access Control (AAA)
How to Configure Authentication and Access Control (AAA) Overview The Barracuda Web Application Firewall provides features to implement user authentication and access control. You can create a virtual
More informationIBM i Version 7.2. Security Digital Certificate Manager IBM
IBM i Version 7.2 Security Digital Certificate Manager IBM IBM i Version 7.2 Security Digital Certificate Manager IBM Note Before using this information and the product it supports, read the information
More informationSAS Event Stream Processing 4.2: Security
SAS Event Stream Processing 4.2: Security Encryption on Sockets Overview to Enabling Encryption You can enable encryption on TCP/IP connections within an event stream processing engine. Specifically, you
More informationVMware Identity Manager vidm 2.7
RSA SECURID ACCESS Standard Agent Implementation Guide VMware Daniel R. Pintal, RSA Partner Engineering Last Modified: August 19, 2016 Solution Summary VMware Identity
More informationRegistry for identifiers assigned by the Swedish e- identification
Registry for identifiers assigned by the Swedish e- identification board ELN-0603-v1.3 Version 1.3 2015-10-05 1 (14) 1 BACKGROUND... 3 2 STRUCTURE... 4 2.1 URI IDENTIFIERS... 4 2.2 OID IDENTIFIERS... 4
More informationMediaAUTH Draft Proposal
MediaAUTH Draft Proposal August 21, 2012 Contents 1 Introduction 2 2 Service & User Perspective 2 2.1 Login...................................... 2 2.2 Soft Login.................................... 3
More informationKEY DISTRIBUTION AND USER AUTHENTICATION
KEY DISTRIBUTION AND USER AUTHENTICATION Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman
More informationIntegration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for PingFederate
SafeNet Authentication Manager Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationIntroduction to Linked Data
Introduction to Linked Data Sandro Hawke, W3C sandro@hawke.org @sandhawke http://www.w3.org/2010/talks/0608-linked-data June 8 2010, Cambridge Semantic Web Gathering Outline Context Motivation Prerequisites
More informationCA SiteMinder Federation
CA SiteMinder Federation Legacy Federation Guide 12.52 SP1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationCryptologic and Cyber Systems Division
Cryptologic and Cyber Systems Division OVERALL BRIEFING IS Someone Scraped My Identity! Is There a Doctrine in the House? AF Identity, Credential, and Access Management (ICAM) August 2018 Mr. Richard Moon,
More informationINDIGO-Datacloud Identity and Access Management Service
INDIGO-Datacloud Identity and Access Management Service RIA-653549 Presented by Andrea Ceccanti (INFN) andrea.ceccanti@cnaf.infn.it WLCG AuthZ WG Meeting Dec, 14th 2017 IAM overview INDIGO IAM The Identity
More informationRegistry for identifiers assigned by the Swedish e-identification board
Registry for identifiers assigned by the Swedish e-identification board Version 1.5-2018-06-19 ELN-0603-v1.5 Table of Contents 1. Background 2. Structure 2.1. URI Identifiers 2.2. OID Identifiers 3. Assigned
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationIntegration Guide. PingFederate SAML Integration Guide (SP-Initiated Workflow)
Integration Guide PingFederate SAML Integration Guide (SP-Initiated Workflow) Copyright Information 2018. SecureAuth is a registered trademark of SecureAuth Corporation. SecureAuth s IdP software, appliances,
More informationNCP Secure Enterprise macos Client Release Notes
Service Release: 3.10 r40218 Date: July 2018 Prerequisites Apple OS X operating systems: The following Apple macos operating systems are supported with this release: macos High Sierra 10.13 macos Sierra
More informationX.509 CERTIFICATE X.509 CERTIFICATE PUBLIC-KEY CERTIFICATES THE CERTIFICATE TRIANGLE CERTIFICATE TRUST. INFS 766 Internet Security Protocols
INFS 766 Internet Security Protocols X.509 CERTIFICATE Lecture 6 Digital Certificates VERSION SERIAL NUMBER SIGNATURE ALGORITHM ISSUER VALIDITY Prof. Ravi SUBJECT SUBJECT PUBLIC KEY INFO SIGNATURE 4 PUBLIC-KEY
More informationChapter 17 Web Services Additional Topics
Prof. Dr.-Ing. Stefan Deßloch AG Heterogene Informationssysteme Geb. 36, Raum 329 Tel. 0631/205 3275 dessloch@informatik.uni-kl.de Chapter 17 Web Services Additional Topics Prof. Dr.-Ing. Stefan Deßloch
More informationDecentralized IDentifers (DIDs) Markus Sabadello, M.Sc., M.A. Danube Tech, Sovrin Foundation, OASIS XDI TC.
Decentralized IDentifers (DIDs) Markus Sabadello, M.Sc., M.A. Danube Tech, Sovrin Foundation, OASIS XDI TC https://danubetech.com/ on Privacy and Linked Data, Vienna, 17th April 2018 Intro: Self-Sovereign
More informationWeb 2.0 Lecture 8: Resource Description Framework
Web 2.0 Lecture 8: Resource Description Framework doc. Ing. Tomáš Vitvar, Ph.D. tomas@vitvar.com @TomasVitvar http://www.vitvar.com Leopold-Franzens Universität Innsbruck and Czech Technical University
More informationEnhanced OpenID Protocol in Identity Management
Enhanced OpenID Protocol in Identity Management Ronak R. Patel 1, Bhavesh Oza 2 1 PG Student, Department of Computer Engg, L.D.College of Engineering, Gujarat Technological University, Ahmedabad 2 Associate
More informationTowards the Semantic Desktop. Dr. Øyvind Hanssen University Library of Tromsø
Towards the Semantic Desktop Dr. Øyvind Hanssen University Library of Tromsø Agenda Background Enabling trends and technologies Desktop computing and The Semantic Web Online Social Networking and P2P Computing
More informationHIPAA by the Numbers. Presented by: Mark L. Schuweiler Director of Global Information Assurance Services EDS Corporation
HIPAA by the Numbers Presented by: Mark L. Schuweiler Director of Global Information Assurance Services EDS Corporation Security vs Privacy Privacy right of a individual to control his/her personal information
More informationstir-certs-02 IETF 93 (Prague) STIR WG Jon
stir-certs-02 IETF 93 (Prague) STIR WG Jon What we did since -01 Basic specification of the cert extension (TNAuthList) didn t change much here Cert scope may include one or more or many TNs Fleshed out
More informationTelemetry Data Sharing Using S/MIME
Telemetry Data Sharing Using S/MIME Item Type text; Proceedings Authors Kalibjian, Jeffrey R. Publisher International Foundation for Telemetering Journal International Telemetering Conference Proceedings
More informationCOMP20008 Elements of Data Processing. Week 1: Lecture 2. Data format and storage
COMP20008 Elements of Data Processing Week 1: Lecture 2 Data format and storage Announcements Lecture recordings Lecture Capture: Current Technical Issue. There are currently long delays in processing
More informationCopyright. Copyright Ping Identity Corporation. All rights reserved. PingAccess Server documentation Version 4.
Server 4.3 Copyright 1 Copyright 2017 Ping Identity Corporation. All rights reserved. PingAccess Server documentation Version 4.3 June, 2017 Ping Identity Corporation 1001 17th Street, Suite 100 Denver,
More informationInland Revenue. Build Pack. Identity and Access Services. Date: 04/09/2017 Version: 1.5 IN CONFIDENCE
Inland Revenue Build Pack Identity and Access Services Date: 04/09/2017 Version: 1.5 IN CONFIDENCE About this Document This document is intended to provide Service Providers with the technical detail required
More informationALAP - AgiLe Authentication Provider
Documentation ALAP - AgiLe Authentication Provider Description of the Agile Authentication Provider (ALAP) Version 0.1, 23.11.2015 Andreas Fitzek andreas.fitzek@egiz.gv.at Summary: This document describes
More informationParticipant User Guide, Version 2.6
Developers Integration Lab (DIL) Participant User Guide, Version 2.6 3/17/2013 REVISION HISTORY Author Date Description of Change 0.1 Laura Edens Mario Hyland 9/19/2011 Initial Release 1.0 Michael Brown
More informationCORRIGENDA ISIS-MTT SPECIFICATION 1.1 COMMON ISIS-MTT SPECIFICATIONS VERSION JANUARY 2008 FOR INTEROPERABLE PKI APPLICATIONS
COMMON ISIS-MTT SPECIFICATIONS FOR INTEROPERABLE PKI APPLICATIONS FROM T7 & TELETRUST CORRIGENDA TO ISIS-MTT SPECIFICATION 1.1 AS OF 16 MARCH 2004 VERSION 1.2 18 JANUARY 2008 Contact Information The up-to-date
More informationPublic Key Establishment
Public Key Establishment Bart Preneel Katholieke Universiteit Leuven February 2007 Thanks to Paul van Oorschot How to establish public keys? point-to-point on a trusted channel mail business card, phone
More informationCloud Access Manager Configuration Guide
Cloud Access Manager 8.1.3 Configuration Guide Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationOPENID CONNECT 101 WHITE PAPER
OPENID CONNECT 101 TABLE OF CONTENTS 03 04 EXECUTIVE OVERVIEW WHAT IS OPENID CONNECT? Connect Terminology Relationship to OAuth 08 Relationship to SAML CONNECT IN MORE DETAIL Trust Model Discovery Dynamic
More informationAssignment 11 (NF) - Repetition
Assignment 11 (NF) - Repetition -- no due date, no submission -- This assignment is meant to help you prepare for the exam. It is not necessary to turn in your solutions. The solutions will be discussed
More informationFrom the Web to the Semantic Web: RDF and RDF Schema
From the Web to the Semantic Web: RDF and RDF Schema Languages for web Master s Degree Course in Computer Engineering - (A.Y. 2016/2017) The Semantic Web [Berners-Lee et al., Scientific American, 2001]
More informationSecurity analysis of OpenID, followed by a reference implementation of an npabased OpenID provider
Security analysis of OpenID, followed by a reference implementation of an npabased OpenID provider Sebastian Feld, Norbert Pohlmann Institute for Internet-Security, if(is) Gelsenkirchen University of Applied
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationNAVAL POSTGRADUATE SCHOOL THESIS
NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS DEVICE PROFILING ANALYSIS IN DEVICE-AWARE NETWORK by Shang-Yuan Tsai December 2004 Thesis Advisor: Thesis Co-Advisor: Singh Gurminder John Gibson Approved
More informationKnowledge Representation RDF Turtle Namespace
Knowledge Representation RDF Turtle Namespace Jan Pettersen Nytun, UiA 1 URIs Identify Web Resources Web addresses are the most common URIs, i.e., uniform Resource Locators (URLs). RDF resources are usually
More informationNetwork Security Essentials
Network Security Essentials Fifth Edition by William Stallings Chapter 4 Key Distribution and User Authentication No Singhalese, whether man or woman, would venture out of the house without a bunch of
More informationTest Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0
1 2 3 4 5 6 7 8 9 10 11 Test Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0 Version 3.1 Editor: Kyle Meadors, Drummond Group Inc. Abstract: This document describes the test steps to achieve
More information[MS-ADFSOAL]: Active Directory Federation Services OAuth Authorization Code Lookup Protocol
[MS-ADFSOAL]: Active Directory Federation Services OAuth Authorization Code Lookup Protocol Intellectual Property Rights Notice for Open Specifications Documentation Technical Documentation. Microsoft
More informationPKI-An Operational Perspective. NANOG 38 ARIN XVIII October 10, 2006
PKI-An Operational Perspective NANOG 38 ARIN XVIII October 10, 2006 Briefing Contents PKI Usage Benefits Constituency Acceptance Specific Discussion of Requirements Certificate Policy Certificate Policy
More informationand Registration Authorities
Introduction to Object Identifiers (OIDs) and Introduction Registration to Authorities Object Identifiers (OIDs) and Registration Authorities France Telecom Orange Olivier Dubuisson 7 March 2011 Many approaches
More informationReferences differences between SVG 1.1 Full and SVG 1.2 Tiny
References differences between SVG 1.1 Full and SVG 1.2 Tiny Differences in XML related s XML 1.0 (Second Edition) XML 1.0 (Fourth Edition) XML 1.1 April 2004. XML-NS 1.0 (First Edition) Jan. 1999. XML
More informationSemantic Web Fundamentals
Semantic Web Fundamentals Web Technologies (706.704) 3SSt VU WS 2017/18 Vedran Sabol with acknowledgements to P. Höfler, V. Pammer, W. Kienreich ISDS, TU Graz December 11 th 2017 Overview What is Semantic
More information