Relying parties use attributes to make access-control decisions. An authorization decision statement asserts that a subject is permitted to perform action A on resource R given evidence E. The expressiveness of authorization decision statements in SAML is intentionally limited. For the most part, a SAML protocol is a simple request-response protocol. The most important type of SAML protocol request is called a query.
A service provider makes a query directly to an identity provider over a secure back channel. Thus query messages are typically bound to SOAP. Of these, the attribute query is perhaps most important and still the object of much research [ citation needed ]. The result of an attribute query is a SAML response containing an assertion, which itself contains an attribute statement.
See the SAML 2. Most of these protocols are completely new in SAML 2. This reorganization provides tremendous flexibility: Proprietary extensions to the basic IdP-initiated flow have been proposed by Shibboleth , for example. Unlike previous versions, SAML 2. This provides greater flexibility, but SP-initiated flows naturally give rise to the so-called Identity Provider Discovery problem, the focus of much research today. Requirements are often phrased in terms of mutual authentication, integrity, and confidentiality, leaving the choice of security mechanism to implementers and deployers.
A user wielding a user agent usually a web browser requests a web resource protected by a SAML service provider. The service provider, wishing to know the identity of the requesting user, issues an authentication request to a SAML identity provider through the user agent. The resulting protocol flow is depicted in the following diagram. In the example flow above, all depicted exchanges are front-channel exchanges , that is, an HTTP user agent browser communicates with a SAML entity at each step.
In particular, there are no back-channel exchanges or direct communications between the service provider and the identity provider. Alternatively, for increased security or privacy, messages may be passed by reference. For example, an identity provider may supply a reference to a SAML assertion called an artifact instead of transmitting the assertion directly through the user agent. Subsequently, the service provider requests the actual assertion via a back channel. The use of SOAP as a binding mechanism is optional, however.
Any given SAML deployment will choose whatever bindings are appropriate. From Wikipedia, the free encyclopedia. This article needs additional citations for verification.
Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed.
March Learn how and when to remove this template message. The Secret to Centralized Identity Management". Retrieved 7 April Association for Computing Machinery.
A surprisingly large number of embedded systems are already security-critical, e. If the underlying ICs in an applications are maliciously manipulated through hardware Trojans, the security of the entire system can be compromised.
In recent years, hardware Trojans have drawn the attention of governments and the scientific community. Even though hardware Trojans have been studied over the last 10 years or so, little is known about how they might look, especially those that are particularly designed to avoid detection. In this talk we introduce several approaches with which a sophisticated attacker could insert Trojan into hardware platforms.
His research interests include efficient crypto implementations, hardware security, and security analysis of real-world systems. He also works on applications of embedded security, e. Christof has over peer-reviewed publications and he is co-author of the textbook Understanding Cryptography Springer, This talk presents a systematic analysis of symmetric encryption modes for SSH that are in use on the Internet, providing deployment statistics, new attacks, and security proofs for widely used modes.
We will also look at the on-going development of new encryption modes for SSH that offer superior security to the currently deployed modes at low additional cost. In , he joined Hewlett-Packard Laboratories Bristol, becoming a project manager in Bridging Theory and Practice".
In May , he reverted to being a Professor of Information Security. Kenny was program chair of Eurocrypt , invited speaker at Asiacrypt , and currently serves as Editor-in-Chief for the Journal of Cryptology.
He is a co-founder of the "Real World Cryptography" workshop series. His research over the last decade has mostly been in the area of Cryptography, with a strong emphasis being on the analysis of deployed cryptographic systems and the development of provably secure solutions to real-world cryptographic problems. The web has evolved from hypertext to a powerful application platform.
Powerful features like Geolocation, Push Notifications and Service Workers raise the stakes for application security. We will cover deployment best practices that to strike a practical balance between security and compatibility.
This includes a small digression into the inner guts of TLS to discuss cipher suites as well as certificate switching. This talk also covers major deficiencies of the certificate ecosystems and demonstrates how to thwart the risks of misbehaving or even compromised Certificate Authorities with techniques like HTTPS Public Key Pinning or Certificate Transparancy. Following this overview, common bypasses and shortcomings of these security mechanisms will also be discussed.
Besides enhancing the built-in security checks, he has also been involved in web and mobile security. When not working on computer security, Frederik spends time with his family in Berlin.
Phishing might seem like a simple attack vector relying on gullible users to happily give up their credentials. When digging deeper into the topic however, one will find many interesting aspects of phishing that have not been widely reported. This talk will dive into the analysis of so-called phishing kits: Leveraging the phishing detection capabilities of our team, we crawled known compromised servers and were able to download over five thousand phishing kits over the last couple of months.
Being able to analyze the server-side source code of phishing pages at large scale yields insights into the workings of phishing campaigns and opens new possibilities to the motivated security researcher: He has over 8 years of experience working in the security industry for companies with changing points of view ranging from the endpoint and malware sandboxes to network security and web gateways.
Android security and privacy research has boomed in recent years, far outstripping investigations of other "appified" platforms. In this talk, we present an overview of the different research areas that have emerged around the Android ecosystem, their current state and outlook, as well as the lessons learned we can draw from Android for other contemporary or future appified platforms.
In particular, in the last part of this talk, we will take a short look at ongoing investigations of third party code and tool-chain providers and their partly significant impact on the overall security state of the Android ecosystem. His research interests lie in the area of systems security and secure computing, where a particular focus is on mobile security, e. Typically, hackers focus on software bugs to find vulnerabilities in the trust model of computers.
In this talk, however, we'll focus on, how the micro architectural design of computers and how they enable an attacker to breach trust boundaries. Specifically, we'll focus on how an attacker with no special privileges can gain insights into the kernel and how these insights can enable further breaches of security.
We will focus on the x architecture. Unlike software bugs, micro architectural design issues have applications across operating systems and are independent of easily fixable software bugs. In modern operating systems the security model is enforced by the kernel. The kernel itself runs in a processor supported and protected state often called supervisor or kernel mode. Thus the kernel itself is protected from introspection and attack by hardware. We will present a method that'll allow for fast and reliable introspection into the memory hierarchy in the kernel based on undocumented CPU behavior and show how attackers could make use of this information to mount attacks on the kernel and consequently of the entire security model of modern computers.
Making a map of memory and breaking KASLR Modern operating systems use a number of methods to prevent an attacker from running unauthorized code in kernel mode. They range from requiring user-privileges to load drivers, over driver signing to hardware enabled features preventing execution in memory marked as data such as DEP Data Execution Prevention or more resonantly SMEP that prevents execution of user allocated code with kernel level privileges. Often used bypasses modify either page tables or use so called code reuse attacks.
Either way an attacker needs to know where the code or page tables are located. We'll present a fast and reliable method to map where the kernel has mapped pages in the kernel mode area.
Further, we'll present a method for locating specific kernel modules thus by passing KASLR and paving the way for classic privileged elevation attacks. Neither method requires any special privileges and they even run from a sandboxed environment. Also relevant is that our methods are more flexible than traditional software information leaks, since they leak information on the entire memory hierarchy.
The core idea of the work is that the prefetch instructions leaks information about the caches that are related to translating a virtual address into a physical address. Also significant is that the prefetch instruction is unprivileged and does not cause exceptions nor does it have any privilege verification. Thus it can be used on any address in the address space. Physical to virtual address conversion A number of micro-architectural attacks is possible on modern computers.
The Row hammer is probably the most famous of these attacks. But attacks methodologies such as cache side channel attacks have proven to be able to exfiltrate private data, such as private keys, across trust boundaries. These two attack methodologies have in common that they require information about how virtual memory is mapped to physical memory.
We will discuss a method where an unprivileged user is able to reconstruct this mapping. This goes a long way towards making the row hammer attack a practical attack vector and can be a valuable assistance in doing cache side channel attacks. Again we use the prefetch's instructions lack of privilege checking, but instead of using the timing that it leaks we now use the instructions ability to load CPU caches and that timing of memory access instructions depend heavily on the cache state.
Finally, we will shortly outline a possible defense. Anders Fogh has led numerous low level engineering efforts in the past 11 years. He holds a master's degree in economics from the University of Aarhus. He was the first to suggest a software solution to the row hammer bug and spoke at Black Hat with Nishat Herath on the topic of using performance counters for security out comes.
In the past 2 years the so-called Rowhammer bug has caught the attention of many academic and non-academic researchers. The scary aspect of the Rowhammer bug is that is entirely invalidates software security assumptions. Isolation mechanisms are ineffective to a degree where an attacker can run in a website and compromise the entire host system.
In this walkthrough guide I will walk you through all Rowhammer attacks that have been presented so far. We will start with the seminal work by Kim.
Subsequently we will discuss how to use their findings in exploits, as demonstrated by Google researchers in The results from the works of these two groups is still of vital interest for the discussion of countermeasures that now may find their way into the Linux kernel. Subsequently, we will discuss several attacks that are derived from these initial Rowhammer attacks.
We will discuss attacks that lower requirements: Another branch of attacks combine Rowhammer with other attack primitives. Furthermore, we will discuss the first Rowhammer attacks on cryptographic primitives that have been presented in Finally, we will discuss countermeasures, i. Rowhammer detection and Rowhammer mitigation. While several countermeasures have been discussed and some have even been deployed, the problem is widely unsolved. We will shed light on the ongoing discussion amongst Linux kernel developers and point out dead ends that should be avoided in the future.
He has done his master's thesis on identifying and minimizing architecture dependent code in operating system kernels. Daniel's research focuses on software-based side-channel attacks that exploit timing differences in hardware and operating system. In July , he and his colleagues demonstrated the first hardware fault attack performed through a remote website, known as Rowhammer.
Bitcoin has been hailed as a new payment mechanism, and is currently accepted by millions of users. One of the major drawbacks of Bitcoin is the resource intensive Proof-of-Work computation. Proof-of-Work is used to establish the blockchain, but otherwise it does not bring any benefits and arguably is a waste of energy. To address this problem, several alternative cryptocurrencies have been presented.
In our work we conducted the first security analysis of Gridcoin. We identified two critical security issues. The first issue allows an attacker to reveal all the e-mail addresses of the registered Gridcoin users. Even worse, the second issue gives an attacker the ability to steal the work performed by a BOINC user, and thus effectively steal his Gridcoins.
These attacks have severe consequences and completely break the Gridcoin cryptocurrency. We practically evaluated and confirmed both attacks, and responsibly disclosed them to the Gridcoin maintainers, together with the proposed countermeasures. Martin's research focuses on attacks against real-world protocols and security implementations.
Reducing latency overhead while maintaining critical security guar- antees like forward secrecy has become a major design goal for key exchange KE protocols, both in academia and industry.
Of particular interest in this re- gard are 0-RTT protocols, a class of KE protocols which allow a client to send cryptographically protected payload in zero round-trip time 0-RTT along with the very first KE protocol message, thereby minimizing latency.
Intrinsically, the main challenge in a 0-RTT key exchange is to achieve forward secrecy and security against replay attacks for the very first payload message sent in the protocol. According to cryptographic folklore, it is impossible to achieve forward secrecy for this message, because the session key used to protect it must depend on a non-ephemeral secret of the receiver. If this secret is later leaked to an attacker, it should intuitively be possible for the attacker to compute the session key by performing the same computations as the receiver in the actual session.
We show that this belief is actually false. We construct the first 0-RTT key exchange protocol which provides full forward secrecy for all trans- mitted payload messages and is automatically resilient to replay attacks. In our construction we leverage a puncturable key encapsulation scheme which permits each ciphertext to only be decrypted once. Fundamentally, this is achieved by evolving the secret key after each decryption operation, but without modifying the corresponding public key or relying on shared state.
We provide a new generic and standard- model construction of this tool that can be instantiated with any selectively secure hierarchical identity-based key encapsulation scheme. His research interests include applied and theoretical cryptography, with emphasis on the design and security analysis of digital signatures, public-key encryption schemes, and protocols, as well as practical attacks and countermeasures.
In Google VRP, we receive and process over vulnerability reports a month. While some of them were already described in the past at various security conferences or writeups, most of them remain unknown to the security community.
In this presentation, we'll highlight the most interesting bug reports submitted through Google VRP, with the root causes both in our products, open source libraries or common software stacks. We'll analyze the security patches to the libraries we helped create, and reveal the full story behind them. For example, you'll get to know what has the reason behind a couple of Angular security releases.
Additionally, we'll give insights on how we evaluate and deal with vulnerability reports internally. Special focus will be put on the remediation process - making sure that a given vulnerability is not only patched, but prevented from happening ever again.
Side-channel attacks on mobile devices have gained increasing attention since their introduction in While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical presence of the attacker as well as expensive equipment, an unprivileged application is all it takes to exploit the leaking information on modern mobile devices.
Given the vast amount of sensitive information that are stored on smartphones, the ramifications of side-channel attacks affect both the security and privacy of users and their devices.
In this talk, I will begin with an overview of existing side-channel attacks on mobile devices and argue for the need of a new categorization system as side-channel attacks have evolved significantly since their introduction during the smartcard era. I will explain how our proposed categorization system will help to facilitate the development of novel countermeasures and provide insights into possible future research directions.
In the second part of my talk, I will present our latest work on how an adversary can exploit side-channel information, in this case power from the phone battery, to maliciously control a public charging station in order to exfiltrate data from a smartphone via a USB charging cable i.
Her research interests revolves around security and privacy on mobile devices, in particular side- and covert-channel attacks, malware detection and mitigation of information leaks at application and hardware level. The idea of a paperless office has been dreamed for more than three decades. However, nowadays printers are still one of the most essential devices for daily work and private people.
Instead of getting rid of them, printers evolved from simple printing devices to complex network computer systems installed directly in company networks, and carrying lots of confidential data in their print jobs. This makes them to an attractive attack target. In this paper we conduct a large scale analysis of printer attacks and systematize our knowledge by providing a general methodology for security analyses of printers.
We used PRET to evaluate 20 printer models from different vendors and found all of them to be vulnerable to at least one of the tested attacks.
These attacks included, for example, simple Denial-of-Service DoS attacks or skilled attacks extracting print jobs and system files. On top of our systematic analysis we reveal novel insights that enable attacks from the Internet by using advanced cross-site printing techniques combined with printer CORS-Spoofing.
Finally, we show how to apply our attacks to systems beyond typical printers like Google Cloud Print or document processing websites. We hope that novel aspects from our work will become the foundation for future researches, for example, for the analysis of IoT security.