Join Mike Chapple for an in-depth discussion in this video SAML, part of CompTIA Security+ Exam Prep (SY0-401): Access Control and Identity Management.
- Modern authentication often takes place…over the web…and the security assertion markup language, SAML,…allows browser-based single sign-on…across a variety of web systems.…There are three actors in a SAML request.…First, there is the end user…who wants to use web-based services.…In SAML terms, the end user is known as the principle.…Second, there's the organization providing…the proof of identity,…usually the end user's employer, school,…or other account provider.…
This organization is known as the identity provider.…Finally, there is the web-based service…that the end user wishes to access.…This organization is known as the service provider.…Here's how web-based single sign-on works…using SAML.…First, the end user, principle,…requests access to a resource…from the service provider.…The service provider checks to see if the user…already has a logged in session and if so,…just skips ahead and grants access.…
Let's follow the case where the user…is not already logged in, however.…In this case, the service provider redirects…
Author Mike Chapple, an IT leader with over 15 years experience, introduces identification methods such as usernames and biometrics, as well as authentication methods to verify users, including multifactor authentication, password authentication, and single sign-on. He also discusses authorization concepts such as mandatory and discretionary access controls, which can help you restrict access to sensitive parts of your network. The course also covers best practices for ongoing account management, such as establishing a good password policy, managing user roles, and monitoring accounts, and what to do when you need to suspend or terminate access.
NOTE: We are now a CompTIA Content Publishing Partner. Our training prepares members to pass CompTIA certification exams and become qualified IT professionals. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Setting policies for usernames and access cards
- Implementing biometrics
- Combining authentication factors for multifactor authentication
- Using a Kerberos access control system
- Using access control lists such as Windows NTFS file permissions
- Role-based authorization
- Implementing account and password policies