Cargando…
Federated identity primer /
Identity authentication and authorization are integral tasks in today's digital world. As businesses become more technologically integrated and consumers use more web services, the questions of identity security and accessibility are becoming more prevalent. Federated identity links user creden...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
[Place of publication not identified] :
Syngress,
©2013.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Front Cover; Federated Identity Primer; Copyright Page; Contents; Preface; What to Expect from this Book; 1 Introduction to Identity; 1.1 Introduction; 1.2 What Is Identity?; 1.2.1 Physical Identity; 1.2.1.1 Components of Your Physical Identity; 1.2.1.2 Protecting Your Physical Identity; 1.2.1.3 Only One Physical Identity; 1.2.2 Digital Identity; 1.2.2.1 Components of Your Digital Identity; 1.2.2.2 Protecting Your Digital Identity; 1.2.2.3 Only One Digital Identity; 1.3 The Internet Identity Problem; 1.4 Summary; 2 What Is Federated Identity?; 2.1 Introduction
- 2.2 Authentication and Authorization2.2.1 Authentication; 2.2.1.1 Types of Authentication; 2.2.1.1.1 Username and Password; 2.2.1.1.2 Biometrics; 2.2.1.1.3 User Certificates; 2.2.1.1.4 Kerberos; 2.2.1.1.5 One-Time-Use Token; 2.2.1.1.6 Risk-Based Authentication; 2.2.1.1.7 Custom Authentication Tokens; 2.2.1.2 Other Authentication Concepts; 2.2.1.2.1 Mutual Authentication; 2.2.1.2.2 Multifactor Authentication; 2.2.2 Authorization; 2.3 Access Control; 2.3.1 Mandatory Access Control; 2.3.2 Discretionary Access Control; 2.3.3 Role-Based Access Control; 2.4 Federated Service Model
- 2.4.1 Identity Provider2.4.1.1 Credential Store; 2.4.2 Service Provider; 2.5 Federated Identity; 2.5.1 Authentication vs Authorization with Federated Identity; 2.5.2 Federated Identity Advantages and Disadvantages; 2.5.2.1 Advantages; 2.5.2.1.1 Security of User Credentials; 2.5.2.1.2 Seamless User Experience; 2.5.2.1.3 Applications only Make Authorization Decisions; 2.5.2.1.4 Reduce Account Management; 2.5.2.1.5 Reduce Number of Usernames and Passwords; 2.5.2.1.6 Ease Merger and Acquisition Activity; 2.5.2.1.7 Highly Extensible; 2.5.2.2 Disadvantages; 2.5.2.2.1 One Key to the Kingdom
- 2.5.2.2.2 Requires Specialized Infrastructure2.5.2.2.3 Need to Conform to Same Standards; 2.5.2.2.4 It's Really New; 2.6 Summary; 3 Federated Identity Technologies; 3.1 Introduction; 3.2 OpenID; 3.2.1 Using OpenID; 3.3 OAuth; 3.3.1 Evolution of OAuth; 3.3.1.1 OAuth 1.0 and 1.0a; 3.3.1.2 OAuth WRAP; 3.3.1.3 OAuth 2.0; 3.4 Security Tokens; 3.4.1 Simple Web Tokens; 3.4.1.1 SWT Attributes; 3.4.2 JSON Web Tokens; 3.4.2.1 JWT Components; 3.4.2.2 JWT Claims; 3.4.2.3 JWT Creation; 3.4.3 Security Assertion Markup Language; 3.4.3.1 SAML Components; 3.4.3.1.1 SAML Assertions; 3.4.3.1.2 SAML Protocols
- 3.4.3.1.3 SAML Bindings3.4.3.1.4 SAML Profiles; 3.4.3.2 The Evolution of SAML; 3.4.3.2.1 SAML v1.0; 3.4.3.2.2 SAML v1.1; 3.4.3.2.3 SAML 2.0; 3.4.3.2.3.1 SAML 2.0 Assertions; 3.5 Web Service Specifications; 3.5.1 WS-Security; 3.5.2 WS-SecurityPolicy; 3.5.3 WS-SecureConversation; 3.5.4 WS-Trust; 3.5.5 WS-Federation; 3.6 Windows Identity Foundation; 3.6.1 WIF Features; 3.6.1.1 Claims-Aware Applications; 3.6.1.2 Identity Delegation; 3.6.1.3 Custom Token Servers; 3.6.1.4 Step-Up Authentication; 3.7 Claims-Based Identity; 3.7.1 CBA Description and Overview; 3.7.1.1 Claims; 3.7.1.2 Token