Archive for English

Enable Key Generation in Chrome

English on June 6th, 2016 No Comments

The following article refers to the process of generating client certificates at the SSOCircle Public IDP. In the PKI functionality of SSOCircle IDP we allow the automatic generation of keys and the enrollment of X.509 certificates. Client certificates are used for strong authentication. These certificates are not related to the certificates used with SAML single […]

Tags: , , , ,

Impressions from European Identity & Cloud Conference 2016

English on May 19th, 2016 No Comments

This year the European Identity and Cloud Conference celebrated its 10th anniversary and it is impressing how the event and the company KuppingerCole itself evolved. The conference turned to one of the leading events in the IAM industry with over 700 participants and KuppingerCole is now a global player with operations and partnerships in the […]

Tags: , ,

Microsoft Office365 SAML Vulnerability: Authentication Bypass

English on April 30th, 2016 No Comments

The vulnerability in the Microsoft Office 365 SAML implementation, published last week, dramatically underlines how important it is to handle account federations with due diligence. In the light that such a drastic authentication bypass can happen, not only at a small SaaS and cloud player, but at a provider of the size and importance of […]

Tags: , , , , ,

Test your SAML Service Provider from the Command Line

English on March 14th, 2016 No Comments

cURL and wget – these tools tend to be of great value when a developer starts programming against a new API. With OAuth, you need to get an access token from one API and query another API for the actual data. Seeing the requests at the command line helps understanding the protocols and errors that […]

Tags: , , , ,

New Premium Feature: Debugging IDP Integration

English on February 29th, 2016 No Comments

SAML Integration is easy? If you start to get your hands dirty and undertake the first steps in implementing the standard, you will most likely get an error when running your initial tests. You simply might have missed to import your service provider metadata into the SSOCircle of Trust or have something wrong with the […]

Tags: , , ,

Banks ignore crypto checks in credit card transactions. Standards are not enough!

English on January 23rd, 2016 No Comments

The newspapers “Zeit” and “c’t” revealed that credit cards with new chip-and-pin based security (EMV) can be cloned and used for payments. At first glance very surprising as EMV credit cards are smartcards with crypto graphic measures, which allow a bank to recognize modifications to cards or transaction data. These cards are per se more […]

Tags: , , ,

Session Timeout – another useless Security Brainchild?

English on January 7th, 2016 No Comments

A synonym for “timeout” is “break” or “pause”. Sounds like a good thing – in principle. When it comes to “session timeout” perception might be different. What exactly do we mean with “session timeout”? At OWASP you might find explanations similar to: Session timeout defines an action window which represents the time span in which […]

Tags: , , , ,

Impressions from European Identity & Cloud Conference 2015

English on May 17th, 2015 No Comments

It is always around May when KuppingerCole Analysts call together the Who’s Who of identity management. From 5th – 8th May over 600 participants and 45 exhibitors gathered at the 9th European Identity & Cloud Conference in Munich to present and discuss the risks and newest trends of the “Digital Transformation”. As every year the […]

Tags: , ,

Termination of Google Apps SSOCircle Accounts

English on March 10th, 2015 No Comments

Google Apps integration into the SSOCircle of Trust was started in 2007 and has been one of the first active Google SAML integration in that time. Our intention was to showcase a working demo for SAML single sign on. We have now received an email from Google which states that the Google Apps ISP Partner […]

Tags: , ,

Enterprise Identity Bus Part 1

English on February 19th, 2015 No Comments

With the latest Identity Server 5.0.0 release WSO2 promotes the product as an “Enterprise Identity Bus” hinting at its flag ship product the “Enterprise Service Bus” (WSO2 ESB). The Identity Server (WSO2 IS), whose strength has always been the entitlement engine with decent XACML support and the availability of thrift interfaces together with WSO2′s 100% […]

Tags: , , , ,