CoSign at Penn - Jorj

CoSign at Penn

jorj@isc.upenn.edu August 2008

1

WebSec

? Developed at Penn ? Three ISC-provided components: ? SSL-protected web login page (Rosetta) ? Out-of-band C client (websec_client) ? Apache module (mod_websec)

2

How it works

KDC

Redirect

Rosetta

User Okay!

Redirect

Web App

3

How it doesn't work

? Timeout on login page grants no benefit ? Tokens easily hijacked in many apps ? Home-grown code bears a high burden for

Penn: security analysis and maintenance

? Application provisioning requires technical ISC staff time

? Injection attacks possible via custom login pages

4

CoSign

? Developed by University of Michigan ? ? Components: ? SSL-protected web login page ? Apache,Apache 2, IIS filter module ? Authenticators for Java, Drupal, Plone ? Has no standalone C-client like websec

5

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.