extending a legacy platform providing a
play

Extending a Legacy Platform Providing a Minimalistic, Secure - PowerPoint PPT Presentation

Nov 04, 2023 •284 likes •488 views

Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library 20/11/2015 Gschlberger/Gttfert 1 Introduction Research Studios Austria FG MicroLearning and Information Environments Bernhard Gschlberger

  1. Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library 20/11/2015 Göschlberger/Göttfert 1

  2. Introduction • Research Studios Austria FG – MicroLearning and Information Environments • Bernhard Göschlberger – Research field: Technology Enhanced Learning • Sebastian Göttfert – Computer Science @JKU • Research Project: KnowledgeMgmt-Plattform – Extend existing plattform seamlessly 20/11/2015 Göschlberger/Göttfert 2

  3. Problem • Legacy system – 12.000 existing accounts – Continuous changes – Closed registration • Single Sign on – Use existing accounts – Authenticate users to third party apps 20/11/2015 Göschlberger/Göttfert 3

  4. Existing standards/solutions • Authorization: – OAuth 2.0 • Authentication: – SAML – OpenID Connect – JWT 20/11/2015 Göschlberger/Göttfert 4

  5. SAML – Security Assertion Markup Language • Identity Provider (IdP) – Issues Assertion • Digital Signature – Authentication and Message Integrity • Service Provider (SP) – Trusts IdP – Validates signature – Grants authorization based on Assertions 20/11/2015 Göschlberger/Göttfert 5

  6. JWT – JSON Web Tokens • Compact URL-save representation for claims • Self-contained – Header – Claim set – Signature • Less flexible but much simpler than SAML • Used by – OAuth 2.0 – OpenId Connect 20/11/2015 Göschlberger/Göttfert 6

  7. Standards Implementation • Service Provider: – Easy, cheap – Many frameworks and libraries • Identity Providers – Heavy weight – Complex – Full software solutions available • In general: – Standards try to cover (almost) every usecase – Tend to get complex and bulky 20/11/2015 Göschlberger/Göttfert 7

  8. Previous Approach • No single sign on • Authorization via Backend-Webservice: – Is this a valid user? • Problems: – Weak WS protection (static API key) – Password is sent in cleartext – Phishing (third party gets the password) 20/11/2015 Göschlberger/Göttfert 8

  9. Chosen Approach • Claim based – Authorisation – Authentication • Simple issuence by legacy system • Signed and encrypted • POST binding • Additional security on top of TLS 20/11/2015 Göschlberger/Göttfert 9

  10. Authentication flow 20/11/2015 Göschlberger/Göttfert 10

  11. First step – Service Provider I • Generate a random one-time secret for symmetric encryption (=nonce) – Nonce has to be attached to user session to detect replay attacks • Encrypt nonce and return-URL with Public Key of IDP – Only IDP should be able to decrypt this! • Outside library: Send nonce and return-URL to IDP 20/11/2015 Göschlberger/Göttfert 11

  12. First step – Service Provider II 20/11/2015 Göschlberger/Göttfert 12

  13. Second step – Identity Provider I • (Precondition: User has successfully logged in) • Decrypt nonce & return URL • Calculate signature of user info • Encrypt user info with nonce • Encrypt nonce with public key of SP • Outside library: Send signature, encrypted nonce and encrypted user info to the return URL 20/11/2015 Göschlberger/Göttfert 13

  14. Second step – Identity Provider II 20/11/2015 Göschlberger/Göttfert 14

  15. Third step – Service Provider I • Decrypt nonce – Equal to initial nonce? • Decrypt user info with nonce – Does user info meet the signature? 20/11/2015 Göschlberger/Göttfert 15

  16. Third step – Service Provider II 20/11/2015 Göschlberger/Göttfert 16

  17. Live demo http://localhost/deepsec/legacy 20/11/2015 Göschlberger/Göttfert 17

  18. Result & Conclusion • minSSO Library – IdP: 114 loc (92 sloc) – SP: 156 loc (129 sloc) – https://github.com/bgoeschi/minSSO • Conclusions – SSO doesn‘t need to be a hassle – Legacy system as IdP feasable 20/11/2015 Göschlberger/Göttfert 18

  19. Questions & Answers Any questions? 20/11/2015 Göschlberger/Göttfert 19

Recommend

Day 1 Summary 1 Extending the Web Platform to Automotive What considerations need to be

Day 1 Summary 1 Extending the Web Platform to Automotive What considerations need to be

Day 1 Summary 1 Extending the Web Platform to Automotive What considerations need to be addressed? Safety, liability, legislation, and technical considerations Situational awareness and safer driving Privacy of user data (and

153 views • 4 slides
MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in Children v. 13-16 Legacy in Eternity v. 17-31 LEGACY IN MARRIAGE 2 Schools of thought 1. Rabbi Sammai- Strict interpretation. Divorce only

775 views • 9 slides
Computational plasma physics extending legacy codes, computing functionals and other ideas

Computational plasma physics extending legacy codes, computing functionals and other ideas

Computational plasma physics extending legacy codes, computing functionals and other ideas Monash Workshop on and Applications 2020 Markus Hegland, ANU February 2020 computational plasma physics 1 / 40 Introduction Introduction

429 views • 40 slides
RE NET RE Agenda Extending OMNeT++ Towards a Platform for the Design of Future In-Vehicle

RE NET RE Agenda Extending OMNeT++ Towards a Platform for the Design of Future In-Vehicle

Extending OMNeT++ Towards a Platform for the Design of Future In-Vehicle Network Architectures Till Steinbach Philipp Meyer Stefan Buschmann Franz Korf Hamburg University of Applied Sciences philipp.meyer@haw-hamburg.de OMNeT++ Community

729 views • 27 slides
Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy

Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy

Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy and the spirit of Truc Lam Yen Zen Buddhism, the Legacy Yen Tu is an inspiring journey into the past. It offers travelers a stay filled with storied

688 views • 32 slides
Extending ns Extending ns In OTcl In C++ Debugging Padma Haldar USC/ISI 1 2 ns

Extending ns Extending ns In OTcl In C++ Debugging Padma Haldar USC/ISI 1 2 ns

Outline Extending ns Extending ns In OTcl In C++ Debugging Padma Haldar USC/ISI 1 2 ns Directory Structure Extending ns in OTcl ns-allinone If you dont want to compile source your changes in your sim Tcl8.3 TK8.3

303 views • 9 slides
EXTENDING SPLUNK WITH GPUS Joshua Patterson @datametrician Keith Kraus @keithjkraus SPLUNK

EXTENDING SPLUNK WITH GPUS Joshua Patterson @datametrician Keith Kraus @keithjkraus SPLUNK

EXTENDING SPLUNK WITH GPUS Joshua Patterson @datametrician Keith Kraus @keithjkraus SPLUNK Industry leading machine data platform Splunk is a software platform to search, analyze, and visualize the machine-generated data gathered from the

705 views • 41 slides
Associated Lighting Representatives The Opticom Value GTT builds on a 40 year legacy of

Associated Lighting Representatives The Opticom Value GTT builds on a 40 year legacy of

Associated Lighting Representatives The Opticom Value GTT builds on a 40 year legacy of leadership in the priority control market, providing: Highly reliable, scalable, and proven designs Solid integration and interoperability track

831 views • 39 slides
L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The Legacy Residents Association was created for the homeowners of Legacy, with the intent of augmenting the lifestyle in Legacy. The goal is to create

1.18k views • 56 slides
L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G WELCOME The Legacy Residents Association was created for the homeowners of Legacy, with the intent of augmenting the lifestyle in Legacy. The goal

412 views • 40 slides
LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM

LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM

LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM Qubec , is comprised of 163 charitable organizations that support its mission which is to encourage the population of Quebec to make a planned

312 views • 18 slides
Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com Case Study Migrating Legacy.com Jordan Ryan Product Owner Ankur Gupta Lead Developer Bassam Ismail Front-end Lakshmi Narasimhan RESTful

458 views • 45 slides
Extending the GC hardware Rob Reilink Extending the GC hardware Why? GC can be an embedded

Extending the GC hardware Rob Reilink Extending the GC hardware Why? GC can be an embedded

Extending the GC hardware Rob Reilink Extending the GC hardware Why? GC can be an embedded computer Home automation Cinema set Car Infotainment system ... But: Essential hardware lacks: Data storage (harddisk and/or flash)

221 views • 9 slides
Extending ns Padma Haldar USC/ISI 1 Outline Extending ns In OTcl In C++

Extending ns Padma Haldar USC/ISI 1 Outline Extending ns In OTcl In C++

Extending ns Padma Haldar USC/ISI 1 Outline Extending ns In OTcl In C++ Debugging 2 ns Directory Structure ns-allinone Tcl8.3 TK8.3 OTcl tclcl ns-2 nam-1 ... tcl C+ + code ex test mcast ... lib examples

965 views • 52 slides
EXTENDING ODF-FIELDS FOR SMART DOCUMENT PROCESSING WHAT ARE WE DOING? For over 25 years CIB has

EXTENDING ODF-FIELDS FOR SMART DOCUMENT PROCESSING WHAT ARE WE DOING? For over 25 years CIB has

EXTENDING ODF-FIELDS FOR SMART DOCUMENT PROCESSING WHAT ARE WE DOING? For over 25 years CIB has been successfully providing Document Lifecycle Management solutions. CIB software aids in all phases of the document lifecycle Consulting,

348 views • 15 slides
LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems

LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems

LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems I. Legacy Outline I. Legacy a) Mission and History b) People, Services, and Locations c) Financial Strength II. Partnership a)

603 views • 26 slides
EXTENDING THE REACH OF PARALLEL COMPUTING WITH CUDA Mark Harris, NVIDIA @harrism #NVSC14

EXTENDING THE REACH OF PARALLEL COMPUTING WITH CUDA Mark Harris, NVIDIA @harrism #NVSC14

EXTENDING THE REACH OF PARALLEL COMPUTING WITH CUDA Mark Harris, NVIDIA @harrism #NVSC14 EXTENDING THE REACH OF CUDA 1 Machine Learning 2 Higher Performance 3 New Platforms 4 New Languages 2 GPUS: THE HOT MACHINE LEARNING PLATFORM GPU

399 views • 22 slides
Extending CSP with tests for availability Gavin Lowe Extending CSP with tests for availability

Extending CSP with tests for availability Gavin Lowe Extending CSP with tests for availability

Extending CSP with tests for availability 01 Extending CSP with tests for availability Gavin Lowe Extending CSP with tests for availability 02 Testing for availability Many languages for message-passing concurrency allow programs to test

541 views • 19 slides
Legacy Costs and City and Special District Reorganizations CALAFCO University January 13, 2020

Legacy Costs and City and Special District Reorganizations CALAFCO University January 13, 2020

Legacy Costs and City and Special District Reorganizations CALAFCO University January 13, 2020 Michael G. Colantuono, Esq. The Legislature also recognizes that providing housing for persons and families of all incomes is an important factor in

283 views • 25 slides
6/18/2018 Legacy Something handed down from one generation to the next! Are you leaving a

6/18/2018 Legacy Something handed down from one generation to the next! Are you leaving a

6/18/2018 Legacy Something handed down from one generation to the next! Are you leaving a GODLY legacy to the children in your family? Pass The Torch! (not the buck) Godly legacy-leavers do their homework, not relying on the church to

140 views • 3 slides
YOUR LEGACY ROTARYS PROMISE How will your legacy change the world? He believed he would

YOUR LEGACY ROTARYS PROMISE How will your legacy change the world? He believed he would

YOUR LEGACY ROTARYS PROMISE How will your legacy change the world? He believed he would get better, but As People of Action, we come the medical clinic didnt have the together to secure a future where resources to help him Rotary

549 views • 7 slides
COLLABORATION SERVICE PLATFORM Table of Content 1. International Market Entry Problems and

COLLABORATION SERVICE PLATFORM Table of Content 1. International Market Entry Problems and

Technology and Collaborat ion S cale Y our Business Like Never Bef ore The VEnterface intelligent platform aiming at providing Australian innovative entrepreneurs with digital entry to the S ingaporean market through technology and

630 views • 14 slides
5/24/2018 Legacy Health Legacy is a 7-hospital health system with locations throughout

5/24/2018 Legacy Health Legacy is a 7-hospital health system with locations throughout

5/24/2018 Legacy Health Legacy is a 7-hospital health system with locations throughout Portland-Vancouver metro area to the Mid-Willamette Valley Two tertiary, teaching medical centers Emanuel Level 1 Trauma Center Good

173 views • 3 slides
Material legacy an amount of money or property left to someone in a will Non-material legacy a

Material legacy an amount of money or property left to someone in a will Non-material legacy a

Material legacy an amount of money or property left to someone in a will Non-material legacy a thing handed down by a predecessor Mark Meckler, Citizens for Self- Governance President Dr. Tom Coburn, former Oklahoma Senator Today if

915 views • 35 slides

More recommend