[HGI-News] HGI-Seminar am Montag, 02.02.2004, 13:00 ct

hgi-news at lists.ruhr-uni-bochum.de hgi-news at lists.ruhr-uni-bochum.de
Do Jan 29 16:10:14 CET 2004 


========================================================================

                       Thomas Groß
            	 IBM Research Lab Zurich

     	"Emerging protocols in Federated Identity Management"


         Montag, 02.02.2004, 13:00 c.t, IC 4/39

Abstract

Many influential industrial players are currently pursuing the  development
of new protocols for federated identity management. The  Security Assertion
Markup Language (SAML), Liberty, and WS Federation  are the most important
examples of this new protocol class and will be  widely used in
business-to-business scenarios to reduce user-management  costs. All of them
utilize constraint-based specifications and  techniques of modular design,
but do not include general security  analyses. We analyze the security of
the SAML Single Sign-on  Browser/Artifact profile, which is the most
important protocol of this  class and already included in all major access
control products. We  demonstrate flaws of SAML Single Sign-on by mounting
exemplary attacks  on the protocol. Given this result, we also deduce the
need for a  methodology of Research to model, analyze and prove the security
of this  new protocol class.





========================================================================

EMAIL-VERTEILER: Wenn Sie Vortragsankündigungen auch in Zukunft per
Email erhalten wollen, können Sie hier
http://www.hgi.ruhr-uni-bochum.de/newsletter/
unseren Newsletter abonnieren.

ANFAHRT: Eine Wegbeschreibung zum IC Gebäude der RUB ist hier zu finden:
http://www.crypto.ruhr-uni-bochum.de/Kontakt/Kontakt.html

VORTRÄGE IM WS 2003/04:
(Abstracts sind hier:
 www.crypto.ruhr-uni-bochum.de/Seminare/Krypt/Kryptowise0304.html)

 10.11.2003 Yvo Desmedt, Florida State University, USA, 13.00 c.t. IC  4/39
 Cryptanalysis of Several of the UCLA Watermarking Schemes for  Intellectual
Property Protection of Digital Circuits/Designs

 01.12.2003 Christof Paar, COSY Group - RUB, 13.00 c.t. IC 4/39
 Eingebettete IT-Sicherheit im Automobil

 08.12.2003, Ammar Alkassar, Uni Saarland, 13.00 c.t. IC 4/39,
 "Secure Object Identification - Or: How To Solve The
Chess-Grandmaster-Problem"

 15.12.2003, Philippe Rivard, COSY Group -RUB, 13.15 c.t. IC 4/39,
 "Light-weight embedded SSL"

 12.01.2004, Sandeep Kumar, COSY Group -RUB, 13.15 c.t. IC 4/39,
 "Embedded End-to-End Wireless Security with ECDH Key Exchange"

 19.01.2004, Stefan Lucks, Uni. Mannheim, 13.15 c.t.,IC 4/39
 "Theorie und Praxis der Related-Key Angriffe"

 26.01.2004, Johannes Ueberberg, SRC GmbH, 13.15 c.t.,IC 4/39
 "Sichere Zahlungsverkehrsmodelle im Internet"

 02.02.2004, Thomas Groß, IBM Research Lab Zurich, 13:15hrs. IC4/39
"Emerging protocols in Federated Identity Management"

 09.02.2004, Roger Oyono, Uni. Essen, 13.15 c.t.,
 "Fast Arithmetic on Jacobians of Picard Curves"

 16.02.2004, Bernhard Loehlein, T-Systems, 13.00 c.t. IC 4/39,
"IP Multicast Security"


========================================================================

M.Tech. Sandeep Kumar
Chair for Communication Security
Dept. of Electr. Eng. & Information Sciences
Ruhr-University Bochum
44780 Bochum, Germany

URL: www.crypto.rub.de

Mehr Informationen über die Mailingliste Hgi-News-Deutschland