Sometimes it's better to be STUCK! SAML transportation unit for cryptographic keys

Authors:
Christopher Meyer;Florian Feldmann;Jörg Schwenk
Affiliations:
Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany
Venue:
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Year:
2012

Citing 2
Cited 0

A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
PGP: Pretty Good Privacy

PGP: Pretty Good Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Over the last decade the Security Assertion Markup Language (SAML) framework evolved to a versatile standard for exchanging security statements about subjects. Most notably, SAML facilitates the authentication of users, and is thus deployed in both Webservice (SOAP, WS-Security) and REST-based (SAML SSO webbrowser profile, SAML Bearer token in OAuth) services. This paper recommends an extension to the SAML framework which provides an easy way to transport cryptographic key material bound to assertions issued by particular subjects. The proposal fits into existing solutions and is fully compliant with the Security Assertion Markup Language, XML Digital Signature and XML Encryption standards.