Authentication and authorization
Links
e-signatures for finserv - management and mechanismshttp://improving-nao.blogspot.com/2006/08/electronic-signatures-for-financial_03.html In an online world it is tough to ensure the security and integrity of electronic signatures. For different scenarios something stronger than username and password is required, since the agreements and transaction consents may high value and high risk to both institution and customer.- Digital Identity - Integrity and non-repudiation - Authentication and authorization - |
|
XACML policy integration algorithms: not to be confused with XACML policy combination algorithms!http://portal.acm.org/citation.cfm?id=1133058.1133089 Presented at ACM Symposium on Access Control Models and Technologies 2006, Lake Tahoe, California, USA, June 07 - 09, 2006. "XACML is the OASIS standard language for the specification of authorization and entitlement policies. However, while XACML well addresses security requirements of a single enterprise (even if large and composed by multiple departments), it does not address the requirements of virtual enterprises built through collaboration of several autonomous subjects sharing their resources. In this paper we highlight such limitations and we propose an XACML extension, the policy integration algorithm, to address them. In the paper we also discuss in which respect the process of comparing two XACML policies differs from the process used to compare other business rules."- Digital Identity - Authentication and authorization - Authorization policy representation and management - |
|
Java XML Digital Signatureshttp://java.sun.com/developer/technicalArticles/xml/dig_signatures/index.html Extensible Markup Language (XML) technology is now an integral part of web-based business applications. These applications require a fundamentally sound and secure infrastructure to meet the security requirements of confidentiality, endpoint authentication, message integrity, and nonrepudiation. XML signature, XML encryption, XML Key Management Specification (XKMS), Security Assertion Markup Language (SAML), and XML Access Control Markup Language (XACML) are the XML security standards that define XML vocabularies and processing rules to meet these security requirements.- Java - Digital Identity - Authentication and authorization - |
|
SAMLicioushttp://www.xmlgrrl.com/blog/archives/2005/03/16/samlicious/ Eve Maler: The elevator pitch might be that SAML is the universal solvent of security and identity information.- Authentication and authorization - SAML - |
|
OASIS Security Services TChttp://www.oasis-open.org/committees/security/ The Security Services TC is working to advance the Security Assertion Markup Language (SAML) as an OASIS standard.- Authentication and authorization - SAML - |
|
Security Assertion Markup Language (SAML)http://www.simc-inc.org/archive0002/February02/Speakers/SAML-SIMC-short/index.htm Marc Chanliau, SIMC General Meeting, February 2002.- Authentication and authorization - SAML - |
|
Understanding Kerberoshttp://www.windley.com/2003/09/29.html About Kerberos and Secure Authentication.- Authentication and authorization - |
|
