[HGI-News] HGI-Seminar am Montag, 02.02.2004, 13:00 ct
hgi-news at lists.ruhr-uni-bochum.de
hgi-news at lists.ruhr-uni-bochum.de
Do Jan 29 16:10:14 CET 2004
========================================================================
Thomas Groß
IBM Research Lab Zurich
"Emerging protocols in Federated Identity Management"
Montag, 02.02.2004, 13:00 c.t, IC 4/39
Abstract
Many influential industrial players are currently pursuing the development
of new protocols for federated identity management. The Security Assertion
Markup Language (SAML), Liberty, and WS Federation are the most important
examples of this new protocol class and will be widely used in
business-to-business scenarios to reduce user-management costs. All of them
utilize constraint-based specifications and techniques of modular design,
but do not include general security analyses. We analyze the security of
the SAML Single Sign-on Browser/Artifact profile, which is the most
important protocol of this class and already included in all major access
control products. We demonstrate flaws of SAML Single Sign-on by mounting
exemplary attacks on the protocol. Given this result, we also deduce the
need for a methodology of Research to model, analyze and prove the security
of this new protocol class.
========================================================================
EMAIL-VERTEILER: Wenn Sie Vortragsankündigungen auch in Zukunft per
Email erhalten wollen, können Sie hier
http://www.hgi.ruhr-uni-bochum.de/newsletter/
unseren Newsletter abonnieren.
ANFAHRT: Eine Wegbeschreibung zum IC Gebäude der RUB ist hier zu finden:
http://www.crypto.ruhr-uni-bochum.de/Kontakt/Kontakt.html
VORTRÄGE IM WS 2003/04:
(Abstracts sind hier:
www.crypto.ruhr-uni-bochum.de/Seminare/Krypt/Kryptowise0304.html)
10.11.2003 Yvo Desmedt, Florida State University, USA, 13.00 c.t. IC 4/39
Cryptanalysis of Several of the UCLA Watermarking Schemes for Intellectual
Property Protection of Digital Circuits/Designs
01.12.2003 Christof Paar, COSY Group - RUB, 13.00 c.t. IC 4/39
Eingebettete IT-Sicherheit im Automobil
08.12.2003, Ammar Alkassar, Uni Saarland, 13.00 c.t. IC 4/39,
"Secure Object Identification - Or: How To Solve The
Chess-Grandmaster-Problem"
15.12.2003, Philippe Rivard, COSY Group -RUB, 13.15 c.t. IC 4/39,
"Light-weight embedded SSL"
12.01.2004, Sandeep Kumar, COSY Group -RUB, 13.15 c.t. IC 4/39,
"Embedded End-to-End Wireless Security with ECDH Key Exchange"
19.01.2004, Stefan Lucks, Uni. Mannheim, 13.15 c.t.,IC 4/39
"Theorie und Praxis der Related-Key Angriffe"
26.01.2004, Johannes Ueberberg, SRC GmbH, 13.15 c.t.,IC 4/39
"Sichere Zahlungsverkehrsmodelle im Internet"
02.02.2004, Thomas Groß, IBM Research Lab Zurich, 13:15hrs. IC4/39
"Emerging protocols in Federated Identity Management"
09.02.2004, Roger Oyono, Uni. Essen, 13.15 c.t.,
"Fast Arithmetic on Jacobians of Picard Curves"
16.02.2004, Bernhard Loehlein, T-Systems, 13.00 c.t. IC 4/39,
"IP Multicast Security"
========================================================================
M.Tech. Sandeep Kumar
Chair for Communication Security
Dept. of Electr. Eng. & Information Sciences
Ruhr-University Bochum
44780 Bochum, Germany
URL: www.crypto.rub.de
Mehr Informationen über die Mailingliste Hgi-News-Deutschland