Snapshot: SAML Vulnerabilities - 70723
Report Details
On August 10th, 2012, the University of Bochum (German Ruhr-Universität Bochum) published a research paper titled On breaking SAML: Be whoever you want to be . In that paper the authors provide an analysis of potential security weaknesses in SAML. They analyzed 11 out of 14 major SAML frameworks. Eleven of these frameworks showed XML Signature wrapping (XSW) vulnerabilities. The authors of the research paper claim that attackers thus can take “whatever identity they want”...
| Date | Title | Price | |
|---|---|---|---|
| Aug 15, 2012 |
Snapshot: SAML Vulnerabilities - 70723On August 10th, 2012, the University of Bochum (German Ruhr-Universität Bochum) published a research paper titled On breaking SAML: Be whoever you want to be . In that paper the authors provide an analysis of potential security weaknesses in SAML. They analyzed 11 out of 14 major SAML… |
€190.00
excl. VAT
|
Get Access
|
INVOICE
|
|||
Latest Related Reports
Discover KuppingerCole
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Blog
Future-Proofing Your Cybersecurity Strategy
It’s May 25 today, and the world hasn’t ended. Looking back at the last several weeks before the GDPR deadline, I have an oddly familiar feeling. It seems that many companies have treated it as another “Year 2000 disaster” - a largely imaginary but highly publicized issue [...]
Latest Insights
Hot Topics
Spotlight
Learn more
Compliance, Risk & Security
Whether public, private or hybrid clouds, whether SaaS, IaaS or PaaS: All these cloud computing approaches are differing in particular with respect to the question, whether the processing sites/parties can be determined or not, and whether the user has influence on the geographical, qualitative and infrastructural conditions of the services provided. Therefore, it is difficult to meet all compliance requirements, particularly within the fields of data protection and data security. The decisive factors are transparency, controllability and influenceability of the service provider and his [...]