Simon Josefsson

Size: px
Start display at page:

Download "Simon Josefsson"

Transcription

1 Simon Josefsson Copyright 2007 Simon Josefsson Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

2 What is OpenID?

3 Decentralized web-based authentication system

4 What does that mean?

5 You can reduce the number of username and passwords you need to remember

6

7 You don't need to maintain a username and password database for your web site

8 How do I use it?

9 You pick a provider you trust

10 You can change provider any time you want

11

12 You can even run the server yourself

13 C# C++ Java PHP Perl Python Ruby

14

15 Too many choices, I'm lazy.

16 33k employees

17

18 10m users

19 65m users

20 Ok, I have an account, now what?

21

22 Find sites that supports OpenID

23 (or better, ask the sites you use to support OpenID)

24

25

26

27

28 And this is new?

29 SAML Higgins Cardspace X.509 / eid

30 How does OpenID work?

31 RTFM

32 New! Version 2.0!

33 OpenID Terminology..?

34 User-Supplied Identifier What you type at the OpenID URL prompt simonj.myopenid.com josefsson.org

35 Relying Party (RP) aka Consumer Web site that wants proof of who you are WikiTravel Zooomr LiveJournal

36 OpenID Provider (OP) Web site that you rely on for authentication services myopenid VeriSign PIP Livejournal Yubico

37 Protocol flow...?

38 1. User enters Identifier at RP

39 1. User enters Identifier at RP 2. RP locates the OP Several mechanisms exists, simplest is to retrieve the URL and look for HTML HEAD link rel nodes

40 1. User enters Identifier at RP 2. RP locates the OP Several mechanisms exists, simplest is to retrieve the URL and look for HTML HEAD link rel nodes 3. RP redirects browser to OP HTTP redirect, the new URL contains DiffieHellman exchange and parameters for OP

41 1. User enters Identifier at RP 2. RP locates the OP Several mechanisms exists, simplest is to retrieve the URL and look for HTML HEAD link rel nodes 3. RP redirects browser to OP HTTP redirect, the new URL contains DiffieHellman exchange and parameters for OP 4. OP authenticates user The protocol doesn't care how this happens

42 1. User enters Identifier at RP 2. RP locates the OP Several mechanisms exists, simplest is to retrieve the URL and look for HTML HEAD link rel nodes 3. RP redirects browser to OP HTTP redirect, the new URL contains DiffieHellman exchange and parameters for OP 4. OP authenticates user The protocol doesn't care how this happens 5. OP redirect back to RP HTTP redirect again, the new URL for RP finishes the DH and provides information

43 Can OpenID do more?

44 Yes! Simple Registration

45 Your OpenID server can send personal information to the web site

46 , nickname, home address, etc

47 Allows multiple personas, or user profiles

48 You need to trust your OpenID server to not reveal anything without your approval

49 I don't want to be foobar.myopenid.com! I'm foobar.com.

50 Add <link rel="openid.server" href=" <link rel="openid.delegate" href=" to HTML source.

51

52 Changing provider by editing two lines of HTML Your OpenID URL remains the same

53 Are there security problems in OpenID?

54 Phishing is a real security problem for OpenID

55 Solutions?

56 Never enter passwords in the attackers' control flow

57 Microsoft CardSpace What about flash..?

58 Better Solutions?

59 Protocol changes to OpenID? (unlikely!)

60 Generally, just avoid using passwords

61 HTTPS with clientside certificates (complex!)

62 Hardware authentication devices

63

64 Company started in May 2007

65 6 people in Stockholm and California

66 Yubico Identity Platform OpenID, Radius, PAM, PHP, Perl,...

67 Developing a multiplatform USB key with no device drivers

68 RFID card with buttons, card reader and proprietary device drivers

69 USB key with pin entry

70 USB key with one button

71 Ultra-Thin

72 Demo!

73 How does the Yubikey work?

74 128-bit AES key

75 Two factor authentication

76

77 Wallet size

78 No display or batteries

79 Questions? Answers? Copyright 2007 Simon Josefsson Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. Credits: Some screenshots from Simon Willison

80 How to use Yubikey via your own homepage Add <link rel="openid.server" href=" /> <link rel="openid.delegate" href= > Replace ljitnjbcujvh with your Yubikey's identity string: the first 12 characters printed by the key when you press the button

Practical. David Recordon Brian Ellin

Practical. David Recordon Brian Ellin Practical David Recordon drecordon@verisign.com Brian Ellin brian@janrain.com OSCON 2006 What was OpenID 1.1? An identity authentication system A protocol gratis, libre Not a service or company not Passport

More information

Implementing. David Recordon Brian Ellin

Implementing. David Recordon Brian Ellin Implementing David Recordon drecordon@verisign.com Brian Ellin brian@janrain.com Web 2.0 Expo April 15-18, 2007 brief intro...and then into the code What is OpenID? Single sign-on for the web Simple and

More information

Security analysis of OpenID, followed by a reference implementation of an npabased OpenID provider

Security analysis of OpenID, followed by a reference implementation of an npabased OpenID provider Security analysis of OpenID, followed by a reference implementation of an npabased OpenID provider Sebastian Feld, Norbert Pohlmann Institute for Internet-Security, if(is) Gelsenkirchen University of Applied

More information

Enhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation

Enhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation Enhancing cloud applications by using external authentication services After you complete this section, you should understand: Terminology such as authentication, identity, and ID token The benefits of

More information

The OpenID Book A comprehensive guide to OpenID protocol and running OpenID enabled web sites G E T R E A D Y F O R

The OpenID Book A comprehensive guide to OpenID protocol and running OpenID enabled web sites G E T R E A D Y F O R The OpenID Book A comprehensive guide to OpenID protocol and running OpenID enabled web sites G E T R E A D Y F O R OPENID Getting started with OpenID Understanding the OpenID protocol messages Creating

More information

AES Key Upload Guide. Version 2.0

AES Key Upload Guide. Version 2.0 AES Key Upload Guide Version 2.0 September 15, 2009 Introduction Disclaimer Yubico is the leading provider of simple, open online identity protection. The company s flagship product, the YubiKey, uniquely

More information

Florence Blanc-Renaud Senior Software Engineer - Identity Management - Red Hat

Florence Blanc-Renaud Senior Software Engineer - Identity Management - Red Hat TOO BAD... YOUR PASSWORD HAS JUST BEEN STOLEN! DID YOU CONSIDER USING 2FA? Florence Blanc-Renaud (flo@redhat.com) Senior Software Engineer - Identity Management - Red Hat A GOOD PASSWORD: SECURITY THROUGH

More information

Digital Identity. Rob Richards October 20,

Digital Identity. Rob Richards October 20, Digital Identity Rob Richards October 20, 2009 http://xri.net/=rob.richards Who Am I? =rob.richards Rob Richards jbobhick Jimbob Hick ab3544...@nyms.net Caribou,

More information

Implementing. David Recordon Brian Ellin

Implementing. David Recordon Brian Ellin Implementing David Recordon drecordon@verisign.com Brian Ellin brian@janrain.com Web 2.0 Expo April 15-18, 2007 More than just the two of us who are good resources, all about the community. brief intro...and

More information

Authentication in the Cloud. Stefan Seelmann

Authentication in the Cloud. Stefan Seelmann Authentication in the Cloud Stefan Seelmann Agenda Use Cases View Points Existing Solutions Upcoming Solutions Use Cases End user needs login to a site or service End user wants to share access to resources

More information

Qualys SAML 2.0 Single Sign-On (SSO) Technical Brief

Qualys SAML 2.0 Single Sign-On (SSO) Technical Brief Qualys SAML 2.0 Single Sign-On (SSO) Technical Brief Qualys provides its customers the option to use SAML 2.0 Single SignOn (SSO) authentication with their Qualys subscription. When implemented, Qualys

More information

Web Client Installation under Windows 7 and Windows Vista

Web Client Installation under Windows 7 and Windows Vista Web Client Installation under Windows 7 and Windows Vista Due to extended and enhanced security features of Windows 7, Windows Vista, and Internet Explorer, the installation of the Web client is different

More information

RHS EPCS Webinar 1 of 3

RHS EPCS Webinar 1 of 3 RHS EPCS Webinar 1 of 3 1 How to obtain a USB Token and a Token Passcode Who should attend? Doctors at your facility who prescribe controlled substances. 2 New York State Department of Health (DOH) Please

More information

Identity management. Tuomas Aura T Information security technology. Aalto University, autumn 2011

Identity management. Tuomas Aura T Information security technology. Aalto University, autumn 2011 Identity management Tuomas Aura T-110.4206 Information security technology Aalto University, autumn 2011 Outline 1. Single sign-on 2. OpenId 3. SAML and Shibboleth 4. Corporate IAM 5. Strong identity 2

More information

MyCalyx Getting Started User Guide

MyCalyx Getting Started User Guide Adding Point users MyCalyx Getting Started User Guide To add an end user to MyCalyx and assign them a Point license: 1. Click Manage Point Installations to access the Manage Point Installations page. 2.

More information

OneID An architectural overview

OneID An architectural overview OneID An architectural overview Jim Fenton November 1, 2012 Introduction OneID is an identity management technology that takes a fresh look at the way that users authenticate and manage their identities

More information

Deprecating the Password: A Progress Report. Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018

Deprecating the Password: A Progress Report. Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018 Deprecating the Password: A Progress Report Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018 The password problem Alpha-numeric passwords are hard for humans to remember and easy

More information

Identity management. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2014

Identity management. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2014 Identity management Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014 Outline 1. Single sign-on 2. SAML and Shibboleth 3. OpenId 4. OAuth 5. (Corporate IAM) 6. Strong identity 2

More information

LastPass Enterprise Recommended Policies Guide

LastPass Enterprise Recommended Policies Guide LastPass Enterprise Recommended Policies Guide This document will help guide you through common scenarios and selecting policies to enable on your LastPass Enterprise account. We will not cover all policies

More information

Microsoft ADFS Configuration

Microsoft ADFS Configuration Microsoft ADFS Configuration Side 1 af 12 1 Information 1.1 ADFS KMD Secure ISMS supports ADFS for integration with Microsoft Active Directory by implementing WS-Federation and SAML 2. The integration

More information

HTTP Mutual authentication protocol proposal. Yutaka OIWA RCIS, AIST

HTTP Mutual authentication protocol proposal. Yutaka OIWA RCIS, AIST HTTP Mutual authentication protocol proposal Yutaka OIWA RCIS, AIST Problem Current HTTP auth is weak In security: Basic: plain-text authentication Digest: off-line attack, not well implemented TLS Client

More information

Who am I? The Age of the Digital Identity

Who am I? The Age of the Digital Identity Who am I? The Age of the Digital Identity Rob Richards May 21, 2008 http://xri.net/=rob.richards I am whatever you say I am If I wasn't then why would I say I am Eminem, "The Way I Am", The Marshall Mathers

More information

Chapter 20 Web VPN/ SSL VPN

Chapter 20 Web VPN/ SSL VPN Chapter 20 Web VPN/ SSL VPN Since the Internet is in widespread use these days, the demand for secure remote connections is increasing. To meet this demand, using SSL VPN is the best solution. Using SSL

More information

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11 Attacks Against Websites Tom Chothia Computer Security, Lecture 11 A typical web set up TLS Server HTTP GET cookie Client HTML HTTP file HTML PHP process Display PHP SQL Typical Web Setup HTTP website:

More information

ISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University

ISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University Identity Management and Federated ID (Liberty Alliance) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Identity Identity is the fundamental concept of uniquely

More information

Instructions for connecting to the FDIBA Wireless Network. (Windows XP)

Instructions for connecting to the FDIBA Wireless Network. (Windows XP) Instructions for connecting to the FDIBA Wireless Network (Windows XP) In order to connect, you need your username and password, as well as the FDIBA Root Certificate which you need to install on your

More information

THE INTEROPERATION BETWEEN CASIDP AND INCOMMON ETC. JIWU JING

THE INTEROPERATION BETWEEN CASIDP AND INCOMMON ETC. JIWU JING THE INTEROPERATION BETWEEN IDP AND INCOMMON ETC. JIWU JING OUTLINE Introduction of IDP( s IDP) Concerns on the IDP s Interoperability An Approach of Interoperation Project IDP SYSTEM Identity Management

More information

Architecture Assessment Case Study. Single Sign on Approach Document PROBLEM: Technology for a Changing World

Architecture Assessment Case Study. Single Sign on Approach Document PROBLEM: Technology for a Changing World Technology for a Changing World Architecture Assessment Case Study Single Sign on Approach Document PROBLEM: Existing portal has Sign on Capabilities based on the SQL Server database and it s not having

More information

How to reset your password when given a PASSCODE from the IT Service Desk. Page 2-8. How to change a Forgotten Password by Yourself.

How to reset your password when given a PASSCODE from the IT Service Desk. Page 2-8. How to change a Forgotten Password by Yourself. 1 How to reset your password when given a PASSCODE from the IT Service Desk Page 2-8 How to change a Forgotten Password by Yourself Page 9-12 2 How to reset your password when given a PASSCODE from the

More information

Web Based Single Sign-On and Access Control

Web Based Single Sign-On and Access Control 0-- Web Based Single Sign-On and Access Control Different username and password for each website Typically, passwords will be reused will be weak will be written down Many websites to attack when looking

More information

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Pulse Connect Secure 8.x

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Pulse Connect Secure 8.x RSA SECURID ACCESS Implementation Guide Pulse Connect Secure 8.x Daniel R. Pintal, RSA Partner Engineering Last Modified: January 24 th, 2018 Solution Summary The Pulse

More information

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Actual4Test.   Actual4test - actual test exam dumps-pass for IT exams Actual4Test http://www.actual4test.com Actual4test - actual test exam dumps-pass for IT exams Exam : 1z1-349 Title : Oracle Eloqua Marketing Cloud Service 2017 Implementation Essentials Vendor : Oracle

More information

BIDMC Multi-Factor Authentication Enrollment Guide Table of Contents

BIDMC Multi-Factor Authentication Enrollment Guide Table of Contents BIDMC Multi-Factor Authentication Enrollment Guide Table of Contents Definitions... 2 Summary... 2 BIDMC Multi-Factor Authentication Enrollment... 3 Common Multi-Factor Authentication Enrollment Issues...

More information

API Gateway. Version 7.5.1

API Gateway. Version 7.5.1 O A U T H U S E R G U I D E API Gateway Version 7.5.1 15 September 2017 Copyright 2017 Axway All rights reserved. This documentation describes the following Axway software: Axway API Gateway 7.5.1 No part

More information

Stop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico

Stop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico 1 Stop sweating the password and learn to love public key cryptography Chris Streeks Solutions Engineer, Yubico Stop Sweating the Password! 2 Agenda Introduction The modern state of Phishing How to become

More information

Copyright

Copyright This video looks at Claim Based/Identity Based systems using Active Directory Federation Services as an example. An example of a claim based system is where the user logs into a system like a web page

More information

Configure Guest Flow with ISE 2.0 and Aruba WLC

Configure Guest Flow with ISE 2.0 and Aruba WLC Configure Guest Flow with ISE 2.0 and Aruba WLC Contents Introduction Prerequisites Requirements Components Used Background Information Guest Flow Configure Step 1. Add Aruba WLC as NAD in ISE. Step 2.

More information

One-Time PIN. User Guide

One-Time PIN. User Guide One-Time PIN User Guide Table of Contents Online Banking Setting up One-Time PIN Remember Computer, Phone or Tablet Logging in with One-Time PIN Changing One-Time PIN Delivery Method Mobile Banking Setting

More information

VIEVU Solution AD Sync and ADFS Guide

VIEVU Solution AD Sync and ADFS Guide VIEVU Solution AD Sync and ADFS Guide Introduction This guide describes how to operate the VIEVU Solution AD Sync utility and configure Active Directory Federation Services (ADFS). Additional support material

More information

Instructions for connecting to the FDIBA Wireless Network (Windows Vista)

Instructions for connecting to the FDIBA Wireless Network (Windows Vista) Instructions for connecting to the FDIBA Wireless Network (Windows Vista) In order to connect, you need your username and password, as well as the FDIBA Root Certificate which you need to install on your

More information

Energy Trading System (ETS) Training Environment User Access Enrolment Procedures

Energy Trading System (ETS) Training Environment User Access Enrolment Procedures Energy Trading System (ETS) Training Environment User Access Enrolment Procedures Participants that require access to the Energy Trading System (ETS) Training Environment will need to apply for a digital

More information

Sponsored Candidate Application Guide Voucher

Sponsored Candidate Application Guide Voucher Sponsored Candidate Application Guide Voucher This guide will assist you through the Pharmacy Technician Certification Exam (PTCE) application process. Sponsored Candidate Application Guide Table of Contents

More information

Morningstar ByAllAccounts SAML Connectivity Guide

Morningstar ByAllAccounts SAML Connectivity Guide Morningstar ByAllAccounts SAML Connectivity Guide 2018 Morningstar. All Rights Reserved. AccountView Version: 1.55 Document Version: 1 Document Issue Date: May 25, 2018 Technical Support: (866) 856-4951

More information

Text transcript of show # 50. February 7, OpenID

Text transcript of show # 50. February 7, OpenID Hanselminutes is a weekly audio talk show with noted web developer and technologist Scott Hanselman and hosted by Carl Franklin. Scott discusses utilities and tools, gives practical how-to advice, and

More information

OpenID Security Analysis and Evaluation

OpenID Security Analysis and Evaluation University of British Columbia OpenID Security Analysis and Evaluation San-Tsai Sun, Kirstie Hawkey, Konstantin Beznosov Laboratory for Education and Research in Secure Systems Engineering (LERSSE) University

More information

How do I sign up for a Canvas account as a parent?

How do I sign up for a Canvas account as a parent? How do I sign up for a Canvas account as a parent? Parents (Observers) can link their Canvas account to their student's account so they can see assignment dues dates, announcements, and other course content.

More information

COMMON WAYS IDENTITY THEFT CAN HAPPEN:

COMMON WAYS IDENTITY THEFT CAN HAPPEN: COMMON WAYS IDENTITY THEFT CAN HAPPEN: OLD FASHIONED STEALING / DUMPSTER DIVING Thieves typically steal wallets and purses. They also steal mail such as credit card and bank statements, pre-approved credit

More information

Securewireless Windows 7 Setup Guide

Securewireless Windows 7 Setup Guide Securewireless Windows 7 Setup Guide 1. Click on the wireless icon in the lower right-hand corner of the taskbar and then click on Open Network and Sharing Center. 2. From the Network and Sharing Center

More information

VMware Horizon 7 Administration Training

VMware Horizon 7 Administration Training VMware Horizon 7 Administration Training Course Course Duration : 20 Working Days Class Duration : 3 hours per day Fast Track: - Course duration 10days (Per day 8 hours) Get Fee Details Module 1: Introduction

More information

1 Installing OPI is Easy

1 Installing OPI is Easy Installing OPI is Easy 1 Installing OPI is Easy 1. Plug in the network cable to in Internet enabled port, either directly connected to the Internet or behind a router. 2. Plug connect the supplied USB

More information

Commercial Online. Banking: Corporate. First Mid Bank & Trust Commercial Online Banking. Secure Browser Installation Guide for Windows

Commercial Online. Banking: Corporate. First Mid Bank & Trust Commercial Online Banking. Secure Browser Installation Guide for Windows Banking: Corporate Commercial Online First Mid Bank & Trust Commercial Online Banking Secure Browser Installation Guide for Windows Commercial Online Banking Secure Browser Commercial Online Banking Secure

More information

Secure File Exchange End-User Web Access

Secure File Exchange End-User Web Access Secure File Exchange End-User Web Access The Secure File Exchange (SFE) End User Web Access interface enables end-users to exchange and share sensitive information. Using this interface, end-users can

More information

ALAP - AgiLe Authentication Provider

ALAP - AgiLe Authentication Provider Documentation ALAP - AgiLe Authentication Provider Description of the Agile Authentication Provider (ALAP) Version 0.1, 23.11.2015 Andreas Fitzek andreas.fitzek@egiz.gv.at Summary: This document describes

More information

Web Security Model and Applications

Web Security Model and Applications Web Security Model and Applications In this Tutorial Motivation: formal security analysis of web applications and standards Our Model of the Web Infrastructure Single Sign-On Case Studies Formal Security

More information

Amway Remote Access Blue Book By Blue Buschert help.amwayconnect.com

Amway Remote Access Blue Book By Blue Buschert help.amwayconnect.com Amway Remote Access By Blue Buschert help.amwayconnect.com Contents Amway Remote Access Help Portal... 3 General Information... 4 Disclaimer... 4 Requirements... 4 Two-Factor Authentication... 4 MobilePass

More information

Online Training Center User Guide Medicare Certification

Online Training Center User Guide Medicare Certification Online Training Center User Guide 2016 Medicare Certification Steps to Getting Certified 1 2 3 Register on the site as a new user OR Login as a returning user Upload certificate (AHIP s) to show you ve

More information

Grandstream Networks, Inc. Captive Portal Authentication via Twitter

Grandstream Networks, Inc. Captive Portal Authentication via Twitter Grandstream Networks, Inc. Table of Content SUPPORTED DEVICES... 4 INTRODUCTION... 5 CAPTIVE PORTAL SETTINGS... 6 Policy Configuration Page... 6 Landing Page Redirection... 8 Pre-Authentication Rules...

More information

django-openid Documentation

django-openid Documentation django-openid Documentation Release 2.0a Simon Willison September 27, 2017 Contents 1 Installation 3 2 Accepting OpenID 5 2.1 Redirecting somewhere else....................................... 6 2.2 Requesting

More information

Importing and Using your or Personal Authentication certificate with The Bat!

Importing and Using your  or Personal Authentication certificate with The Bat! Personal Authentication Certificates Importing and Using your Email or Personal Authentication certificate with The Bat! If you originally applied for the certificate on the same computer as your Bat!

More information

RNDC / NDC MicroStrategy Supplier Web Troubleshooting Guide

RNDC / NDC MicroStrategy Supplier Web Troubleshooting Guide RNDC / NDC MicroStrategy Supplier Web Troubleshooting Guide Where do I log into MicroStrategy for RNDC markets? 2 Where do I log into MicroStrategy for NDC markets? 3 Why can t I log in? Most common log

More information

IBM EXAM - C IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Buy Full Product.

IBM EXAM - C IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Buy Full Product. IBM EXAM - C2150-575 IBM Tivoli Federated Identity Manager V6.2.2 Implementation Buy Full Product http://www.examskey.com/c2150-575.html Examskey IBM C2150-575 exam demo product is here for you to test

More information

BEST PRACTICES FOR PERSONAL Security

BEST PRACTICES FOR PERSONAL  Security BEST PRACTICES FOR PERSONAL Email Security Sometimes it feels that the world of email and internet communication is fraught with dangers: malware, viruses, cyber attacks and so on. There are some simple

More information

S-231 Engine Boss was revised in 2012 to allow students the opportunity to access content at their own pace, online.

S-231 Engine Boss was revised in 2012 to allow students the opportunity to access content at their own pace, online. S-231 Engine Boss was revised in 2012 to allow students the opportunity to access content at their own pace, online. Online content takes 6-8 hours to complete, so plan ahead. The instructor-led section

More information

Robust Defenses for Cross-Site Request Forgery Review

Robust Defenses for Cross-Site Request Forgery Review Robust Defenses for Cross-Site Request Forgery Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka October 16, 2011 1 Introduction to the topic and the reason for the topic

More information

Docusnap X Docusnap Web Version 2.0. Installing and Customizing Docusnap Web

Docusnap X Docusnap Web Version 2.0. Installing and Customizing Docusnap Web Docusnap X Docusnap Web Version 2.0 Installing and Customizing Docusnap Web TITLE Docusnap X Docusnap Web Version 2.0 AUTHOR Docusnap Consulting DATE June 12, 2018 HOW-TO VERSION 2.0 valid as of June 12,

More information

The Journal of The Textile Institute

The Journal of The Textile Institute The Journal of The Textile Institute And Tutorial for Authors Table of Contents Registering 3 Logging In 4 Changing your password 5 Submitting a paper 6-9 Reviewing & approving your paper 10 Tracking the

More information

ADFS integration with Ibistic Commerce Platform A walkthrough of the feature and basic configuration

ADFS integration with Ibistic Commerce Platform A walkthrough of the feature and basic configuration IBISTIC TECHNOLOGIES ADFS integration with Ibistic Commerce Platform A walkthrough of the feature and basic configuration Magnus Akselvoll 19/02/2014 Change log 26/06/2012 Initial document 19/02/2014 Added

More information

Authentication Technology for a Smart eid Infrastructure.

Authentication Technology for a Smart eid Infrastructure. Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts

More information

Introduction to application management

Introduction to application management Introduction to application management To deploy web and mobile applications, add the application from the Centrify App Catalog, modify the application settings, and assign roles to the application to

More information

EU Login Version 1 7 March 2017

EU Login Version 1 7 March 2017 EU Login Version 1 7 March 2017 EUROPEAN COMMISSION EU Login Version 1 7 March 2017 Directorate-General for Education, Youth, Sport and Culture 2017 EN Table of Contents Table of Contents... 4 1. What

More information

QUICK SET-UP VERIFICATION...3

QUICK SET-UP VERIFICATION...3 TABLE OF CONTENTS 1 QUICK SET-UP VERIFICATION...3 2 INSTALLING CERTIFICATES...3 3 IF YOU USE MS INTERNET EXPLORER...3 3.1 INSTALLING THE CERTIFICATE...3 3.2 SSL3 ACTIVATION:...3 3.3 JAVASCRIPT ACTIVATION...3

More information

Outlook 2010 Exchange Setup Guide

Outlook 2010 Exchange Setup Guide Outlook 2010 Outlook Profile Configuration This section provides a quick overview of the settings needed to access Outlook client software and configure Outlook to connect to your hosted Exchange mailbox.

More information

Introducing Shibboleth. Sebastian Rieger

Introducing Shibboleth. Sebastian Rieger Introducing Shibboleth Sebastian Rieger sebastian.rieger@gwdg.de Gesellschaft für wissenschaftliche Datenverarbeitung mbh Göttingen, Germany CLARIN AAI Hands On Workshop, 25.02.2009, Oxford eresearch Center

More information

VAM. CAS Installer (for 2FA) Value- Added Module (VAM) Deployment Guide

VAM. CAS Installer (for 2FA) Value- Added Module (VAM) Deployment Guide VAM CAS Installer (for 2FA) Value- Added Module (VAM) Deployment Guide Copyright Information 2018. SecureAuth is a registered trademark of SecureAuth Corporation. SecureAuth s IdP software, appliances,

More information

The University of Toledo Intune End-User Enrollment Guide:

The University of Toledo Intune End-User Enrollment Guide: The University of Toledo Intune End-User Enrollment Guide: Contents Enroll your Android device in Intune... 2 Enroll your ios device in Intune... 15 Enroll your Mac OS X device in Intune... 25 Enroll your

More information

Web Security. Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le

Web Security. Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le Web Security Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le Topics Web Architecture Parameter Tampering Local File Inclusion SQL Injection XSS Web Architecture Web Request Structure Web Request Structure

More information

Training registration and user guide for the Alameda County Training & Education Center

Training registration and user guide for the Alameda County Training & Education Center Training registration and user guide for the Alameda County Training & Education Center Thank you for your interest in our learning offerings at the Alameda County Training & Education Center. Self-registration

More information

The LGI Pilot job portal. EGI Technical Forum 20 September 2011 Jan Just Keijser Willem van Engen Mark Somers

The LGI Pilot job portal. EGI Technical Forum 20 September 2011 Jan Just Keijser Willem van Engen Mark Somers The LGI Pilot job portal EGI Technical Forum 20 September 2011 Jan Just Keijser Willem van Engen Mark Somers Outline What? Why? How? Pro's and Cons What's next? Credits 2 What is LGI? LGI Project Server

More information

Connect-2-Everything SAML SSO (client documentation)

Connect-2-Everything SAML SSO (client documentation) Connect-2-Everything SAML SSO (client documentation) Table of Contents Summary Overview Refined tags Summary The Connect-2-Everything landing page by Refined Data allows Adobe Connect account holders to

More information

SafeNet Authentication Manager

SafeNet Authentication Manager SafeNet Authentication Manager Version 8.0 Rev A User s Guide Copyright 2010 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.

More information

Manual for configuring VPN in Windows 7

Manual for configuring VPN in Windows 7 Manual for configuring VPN in Windows 7 A. Installing the User Digital Signing Certificate (DSC) 1. Once your receive the DSC, please acknowledge it by replying it to the same email address to get the

More information

Securing APIs and Microservices with OAuth and OpenID Connect

Securing APIs and Microservices with OAuth and OpenID Connect Securing APIs and Microservices with OAuth and OpenID Connect By Travis Spencer, CEO @travisspencer, @curityio Organizers and founders ü All API Conferences ü API Community ü Active blogosphere 2018 Platform

More information

ClickToCall SkypeTest Documentation

ClickToCall SkypeTest Documentation ClickToCall SkypeTest Documentation Release 0.0.1 Andrea Mucci August 04, 2015 Contents 1 Requirements 3 2 Installation 5 3 Database Installation 7 4 Usage 9 5 Contents 11 5.1 REST API................................................

More information

Contents. Windows 7 Instructions Windows 10 Instructions Android Instructions Mac OS Instructions ios Instructions...

Contents. Windows 7 Instructions Windows 10 Instructions Android Instructions Mac OS Instructions ios Instructions... The following provides instructions on how to connect to the SJCD-Secure Wireless Network from a variety of operating systems and devices. If you experience any difficulty with these instructions, please

More information

Security and Privacy

Security and Privacy E-mail Security and Privacy Department of Computer Science Montclair State University Course : CMPT 320 Internet/Intranet Security Semester : Fall 2008 Student Instructor : Alex Chen : Dr. Stefan Robila

More information

Connect to Wireless, certificate install and setup Citrix Receiver

Connect to Wireless, certificate install and setup Citrix Receiver Connect to Wireless, certificate install and setup Citrix Receiver This document explains how to connect to the Wireless Network and access applications using Citrix Receiver on a Bring Your Own Device

More information

Click on a link below to navigate this document, or use bookmarks in Adobe.

Click on a link below to navigate this document, or use bookmarks in Adobe. Website Instructions Click on a link below to navigate this document, or use bookmarks in Adobe. Logging in and User Registration MyUSG Quoting Online with Westchester, A Chubb Company Quoting Online with

More information

Managed Access Gateway. User Guide

Managed Access Gateway. User Guide Managed Access Gateway User Guide Version 2.2 Exostar, LLC November 3, 2011 Table of Contents Table of Contents... ii Purpose... 1 Log-in to your MAG Account... 2 Additional MAG Login Options... 2 First

More information

Frequently Asked Questions

Frequently Asked Questions Frequently Asked Questions Frequently Asked Questions for Cisco Unified Personal Communicator 8.6 and Voice and Video Firmware 8.6 for Cisco Virtualization Experience Client 6215 FAQs 2 Basics 3 Setup

More information

Importing and Using your or Personal Authentication certificate with Windows Live Mail

Importing and Using your  or Personal Authentication certificate with Windows Live Mail Personal Authentication Certificates Importing and Using your Email or Personal Authentication certificate with Windows Live Mail If you originally applied for the certificate on the same computer as your

More information

Home Access Setup Instructions

Home Access Setup Instructions Home Access Setup Instructions Centricity will install a plug-in the first time you access it from your personal computer. Please follow the instructions below for your operating system and if you need

More information

Security of Web Level User Identity Management

Security of Web Level User Identity Management Security of Web Level User Identity Management Jakov Krolo, Marin Šilić, and Siniša Srbljić Faculty of Electrical Engineering and Computing, University of Zagreb Unska 3, 10000 Zagreb, Croatia Phone: +385

More information

A Mechanism for Federated Identification Services for Public Access Portals Using Access-Cards

A Mechanism for Federated Identification Services for Public Access Portals Using Access-Cards A Mechanism for Federated Identification Services for Public Access Portals Using Access-Cards Sylvia Encheva Stord/Haugesund University College Bjørnsonsg. 45 5528 Haugesund, Norway sbe@hsh.no Sharil

More information

Trusted identities for the cloud using open source technologies where Open ecard App meets SkIDentity

Trusted identities for the cloud using open source technologies where Open ecard App meets SkIDentity Trusted identities for the cloud using open source technologies where Open ecard App meets SkIDentity Tobias Wich Dr. Detlef Hühnlein Moritz Horsch Johannes Schmölz} Berlin, 23.5.2012 Agenda Introduction

More information

EPHP a tool for learning the basics of PHP development. Nick Whitelegg School of Media Arts and Technology Southampton Solent University

EPHP a tool for learning the basics of PHP development. Nick Whitelegg School of Media Arts and Technology Southampton Solent University EPHP a tool for learning the basics of PHP development Nick Whitelegg School of Media Arts and Technology Southampton Solent University My background Lecturer at Southampton Solent University since 2003

More information

Exploiting and Defending: Common Web Application Vulnerabilities

Exploiting and Defending: Common Web Application Vulnerabilities Exploiting and Defending: Common Web Application Vulnerabilities Introduction: Steve Kosten Principal Security Consultant SANS Instructor Denver OWASP Chapter Lead Certifications CISSP, GWAPT, GSSP-Java,

More information

Revised: 08/02/ Click the Start button at bottom left, enter Server Manager in the search box, and select it in the list to open it.

Revised: 08/02/ Click the Start button at bottom left, enter Server Manager in the search box, and select it in the list to open it. Mobile App Windows Authentication & SSL Config Revised: 08/02/2017 Job Aid This Job Aid is intended for agency IT staff and explains how to enable Windows Authentication and SSL for your mobile applications

More information

ActivIdentity 4TRESS AAA Web Tokens and F5 BIG-IP Access Policy Manager. Integration Handbook

ActivIdentity 4TRESS AAA Web Tokens and F5 BIG-IP Access Policy Manager. Integration Handbook ActivIdentity 4TRESS AAA Web Tokens and F5 BIG-IP Access Policy Manager Integration Handbook Document Version 1.1 Released July 11, 2012 ActivIdentity 4TRESS AAA Web Tokens and F5 APM Integration Handbook

More information

Configuring Microsoft Outlook to Connect to Hosted Exchange Service

Configuring Microsoft Outlook to Connect to Hosted Exchange Service Configuring Microsoft Outlook to Connect to Hosted Exchange Service Configuring Microsoft Outlook for Hosted Exchange Service Version: 1.0 Updated on: April 27, 2011 Page 1 of 7 TABLE OF CONTENTS Configuring

More information

Managed Access Gateway. User Guide

Managed Access Gateway. User Guide Managed Access Gateway User Guide Version 3.0 Exostar, LLC April 20, 2013 Table of Contents Table of Contents...ii Purpose... 1 Log-in to your MAG Account... 2 Additional MAG Login Options... 2 First Time

More information