SlideShare a Scribd company logo

Single Sign-on Framework in Tizen

Ryo Jin
Ryo Jin

Single Sign-On (SSO) allows users to securely store credentials in a centralized database and access services using common authentication protocols. gSSO is an open source SSO framework written in C that provides a secure credential storage system and implements common authentication methods like OAuth, SASL, and HTTP Digest. It allows applications to initiate authentication operations without directly accessing credentials. The gSSO architecture separates components like the credential database, access control plugins, and authentication method plugins to provide a flexible yet secure SSO solution.

Technology
1 of 13
Download to read offline
Single Sign-On Framework in Tizen Contributors: Alexander Kanavin, Jussi Laako, Jaska Uimonen
2 Introduction Architecture Demonstration
What is the problem that Single Sign-on systems are aiming to solve? Source: xkcd.com/1200
What is gSSO? ● A system for storing sensitive user data (credentials is the term for it) securely* ● Provides implementations of common** operations and authentication protocols that use those credentials and the API to access it ● Written entirely in C using Glib and its class and object system (Gobject) ● License: LGPL 2.1+ * the word 'securely' will be explained in a moment ** what exactly is meant by 'common' operations will also be explained in a moment
What is 'security' as understood by gSSO? (1/2) Credentials are stored in a database, and the database must be stored on disk so that only gsso can access it – The details of such secure storage are handled by plugins – By default classic Unix permissions on the database file are used – The database can also be encrypted on disk using ecryptfs – Other platform security mechanisms can be utilized by writing additional plugins
What is 'security' as understood by gSSO? (2/2) Access to each credential must be allowed only to explicitly listed applications – Each credential has an access control list – Checks against this list are performed by an access control plugin – The default plugin is using filesystem paths to perform checks – There is also a plugin that is using SMACK labels – There is also support for access controlling applications, if they are not standalone binaries, but scripts that run in a runtime
What are the common operations that use credentials? ● Applications do not access credentials directly (again, this is good for security) ● Applications initiate an operation on a credential from a list of allowed operations (mechanisms) ● List of allowed methods/mechanisms is stored together with the credential in a database ● Method is a class implemented by a plugin ● Mechanisms are functions of a method With that said, the methods fall broadly into two categories: ● Offline (do not send anything over the network) ● Online (usually, authentication protocols to get access to some service)
Offline methods ● The simplest method: store and retrieve a username/password pair – Can be used for password management, or when the password is sent directly over the network (not a good idea!) – Implemented by 'password' plugin ● X.509 – Handles operations with X.509 certificates such as sign, verify, encrypt and decrypt, without exposing the related keys to applications ● Generic encryption/decryption engine – The key is never exposed to the applications ● Front-end to specialized security hardware (such as a trusted execution engine or a smart card) – Provides a common API to applications, so they don't have to implement a hardware specific API
Online methods ● OAuth version 1 and 2 – Very popular mechanism for authorizing applications to access online services. Used by Google, Facebook, Twitter, Microsoft, LinkedIn, Amazon, Yahoo,... pretty much everybody. – Typically involves showing the user a webpage which asks if the user trusts some application to access some data from a service, and if the user does, the application gets a magic access string (a 'token') – GSSO implements the client side of OAuth 1 and 2 RFC standards fully, even though they are rather large :) ● SASL – A set of mechanisms for challenge/response based authentication – Used in IMAP, SMTP, XMPP, LDAP, IRC,... – GSSO implements the most common mechanisms ● HTTP Digest authentication
Architecture – all the pieces together
Architecture – functional flow
Demo placeholder! (see notes)
Conclusion http://01.org/gsso LGPL 2.1+ Git repositories, mailing lists, bug tracker, IRC channel, documentation, tarball downloads, etc. All of that can be found at the above address

Recommended

Struts validation framework - Part1 [null Bangalore] [Dec 2013 meet]
Struts validation framework - Part1 [null Bangalore] [Dec 2013 meet]Struts validation framework - Part1 [null Bangalore] [Dec 2013 meet]
Struts validation framework - Part1 [null Bangalore] [Dec 2013 meet]
n|u - The Open Security Community
 
Ch18
Ch18Ch18
Ch18Joe Christensen
 
Ch20
Ch20Ch20
Ch20Joe Christensen
 
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Paula Januszkiewicz
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
Sameera Amjad
 
Apache struts vulnerabilities compromise corporate web servers 
Apache struts vulnerabilities compromise corporate web servers Apache struts vulnerabilities compromise corporate web servers 
Apache struts vulnerabilities compromise corporate web servers 
Jeff Suratt
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control أحلام انصارى
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitation
UTD Computer Security Group
 

Recommended

Struts validation framework - Part1 [null Bangalore] [Dec 2013 meet]
Struts validation framework - Part1 [null Bangalore] [Dec 2013 meet]Struts validation framework - Part1 [null Bangalore] [Dec 2013 meet]
Struts validation framework - Part1 [null Bangalore] [Dec 2013 meet]
n|u - The Open Security Community
 
Ch18
Ch18Ch18
Ch18Joe Christensen
 
Ch20
Ch20Ch20
Ch20Joe Christensen
 
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Paula Januszkiewicz
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
Sameera Amjad
 
Apache struts vulnerabilities compromise corporate web servers 
Apache struts vulnerabilities compromise corporate web servers Apache struts vulnerabilities compromise corporate web servers 
Apache struts vulnerabilities compromise corporate web servers 
Jeff Suratt
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control أحلام انصارى
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitation
UTD Computer Security Group
 
Web application security
Web application securityWeb application security
Web application security
Akhil Raj
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
AlienVault
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Ertugrul Akbas
 
Enterprise Network Design and Deployment
Enterprise Network Design and Deployment Enterprise Network Design and Deployment
Enterprise Network Design and Deployment
Sandeep Yadav
 
Bug Finding - K.K.Mookhey
Bug Finding - K.K.MookheyBug Finding - K.K.Mookhey
Bug Finding - K.K.Mookhey
amiable_indian
 
Malicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine LearningMalicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine Learning
securityxploded
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
Fahri Firdausillah
 
Web Proxy Log Analysis and Management 2007
Web Proxy Log Analysis and Management 2007Web Proxy Log Analysis and Management 2007
Web Proxy Log Analysis and Management 2007
Anton Chuvakin
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
BeyondTrust
 
A walk through Windows firewall and Netsh commands
A walk through Windows firewall and Netsh commandsA walk through Windows firewall and Netsh commands
A walk through Windows firewall and Netsh commands
Rhydham Joshi
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsAvoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
BeyondTrust
 
CNIT 126: Ch 2 & 3
CNIT 126: Ch 2 & 3CNIT 126: Ch 2 & 3
CNIT 126: Ch 2 & 3
Sam Bowne
 
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Toshiharu Harada, Ph.D
 
Gear Fit2 Watchface Design Guide
Gear Fit2 Watchface Design GuideGear Fit2 Watchface Design Guide
Gear Fit2 Watchface Design Guide
Ryo Jin
 
Thomas Speck: Biomimetic architecture
Thomas Speck: Biomimetic architectureThomas Speck: Biomimetic architecture
Thomas Speck: Biomimetic architecture
GBC Finland
 
Isabelle Bader Centre for the Performing Arts
Isabelle Bader Centre for the Performing ArtsIsabelle Bader Centre for the Performing Arts
Isabelle Bader Centre for the Performing Arts
artsking
 
Simple Energy Brand Book
Simple Energy Brand BookSimple Energy Brand Book
Simple Energy Brand Book
Brooke Webster
 
Performing art centre acoustics and anthropos sciences
Performing art centre acoustics and anthropos sciencesPerforming art centre acoustics and anthropos sciences
Performing art centre acoustics and anthropos sciences
Madhulika Sanyal
 
Scale & Proportion
Scale & ProportionScale & Proportion
Scale & ProportionKia Mosenthal
 
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & RhythmUnity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
tanyalangford
 
how to make architecture graduation project
how to make architecture graduation project how to make architecture graduation project
how to make architecture graduation project
Eman Ateek
 
Principles of design theory of design module 2 proportion,scale, hierarchy etc
Principles of design theory of design module 2 proportion,scale, hierarchy etcPrinciples of design theory of design module 2 proportion,scale, hierarchy etc
Principles of design theory of design module 2 proportion,scale, hierarchy etc
Stanly Sunny
 

More Related Content

What's hot

Web application security
Web application securityWeb application security
Web application security
Akhil Raj
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
AlienVault
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Ertugrul Akbas
 
Enterprise Network Design and Deployment
Enterprise Network Design and Deployment Enterprise Network Design and Deployment
Enterprise Network Design and Deployment
Sandeep Yadav
 
Bug Finding - K.K.Mookhey
Bug Finding - K.K.MookheyBug Finding - K.K.Mookhey
Bug Finding - K.K.Mookhey
amiable_indian
 
Malicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine LearningMalicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine Learning
securityxploded
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
Fahri Firdausillah
 
Web Proxy Log Analysis and Management 2007
Web Proxy Log Analysis and Management 2007Web Proxy Log Analysis and Management 2007
Web Proxy Log Analysis and Management 2007
Anton Chuvakin
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
BeyondTrust
 
A walk through Windows firewall and Netsh commands
A walk through Windows firewall and Netsh commandsA walk through Windows firewall and Netsh commands
A walk through Windows firewall and Netsh commands
Rhydham Joshi
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsAvoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
BeyondTrust
 
CNIT 126: Ch 2 & 3
CNIT 126: Ch 2 & 3CNIT 126: Ch 2 & 3
CNIT 126: Ch 2 & 3
Sam Bowne
 
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Toshiharu Harada, Ph.D
 

What's hot (13)

Web application security
Web application securityWeb application security
Web application security
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
 
Enterprise Network Design and Deployment
Enterprise Network Design and Deployment Enterprise Network Design and Deployment
Enterprise Network Design and Deployment
 
Bug Finding - K.K.Mookhey
Bug Finding - K.K.MookheyBug Finding - K.K.Mookhey
Bug Finding - K.K.Mookhey
 
Malicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine LearningMalicious Client Detection Using Machine Learning
Malicious Client Detection Using Machine Learning
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
 
Web Proxy Log Analysis and Management 2007
Web Proxy Log Analysis and Management 2007Web Proxy Log Analysis and Management 2007
Web Proxy Log Analysis and Management 2007
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
 
A walk through Windows firewall and Netsh commands
A walk through Windows firewall and Netsh commandsA walk through Windows firewall and Netsh commands
A walk through Windows firewall and Netsh commands
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsAvoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
 
CNIT 126: Ch 2 & 3
CNIT 126: Ch 2 & 3CNIT 126: Ch 2 & 3
CNIT 126: Ch 2 & 3
 
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
 

Viewers also liked

Gear Fit2 Watchface Design Guide
Gear Fit2 Watchface Design GuideGear Fit2 Watchface Design Guide
Gear Fit2 Watchface Design Guide
Ryo Jin
 
Thomas Speck: Biomimetic architecture
Thomas Speck: Biomimetic architectureThomas Speck: Biomimetic architecture
Thomas Speck: Biomimetic architecture
GBC Finland
 
Isabelle Bader Centre for the Performing Arts
Isabelle Bader Centre for the Performing ArtsIsabelle Bader Centre for the Performing Arts
Isabelle Bader Centre for the Performing Arts
artsking
 
Simple Energy Brand Book
Simple Energy Brand BookSimple Energy Brand Book
Simple Energy Brand Book
Brooke Webster
 
Performing art centre acoustics and anthropos sciences
Performing art centre acoustics and anthropos sciencesPerforming art centre acoustics and anthropos sciences
Performing art centre acoustics and anthropos sciences
Madhulika Sanyal
 
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & RhythmUnity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
tanyalangford
 
how to make architecture graduation project
how to make architecture graduation project how to make architecture graduation project
how to make architecture graduation project
Eman Ateek
 
Principles of design theory of design module 2 proportion,scale, hierarchy etc
Principles of design theory of design module 2 proportion,scale, hierarchy etcPrinciples of design theory of design module 2 proportion,scale, hierarchy etc
Principles of design theory of design module 2 proportion,scale, hierarchy etc
Stanly Sunny
 
JT Performing Arts Center
JT Performing Arts Center JT Performing Arts Center
JT Performing Arts Center
Paul Abraham (deepaul)
 
Zaha hadid heydar aliyev cultural centre
Zaha hadid heydar aliyev cultural centreZaha hadid heydar aliyev cultural centre
Zaha hadid heydar aliyev cultural centre
Kumar Snehansu
 
Thesis Report
Thesis ReportThesis Report
Thesis Report
garima_c
 
Jawahar kala kendra Case study
Jawahar kala kendra Case studyJawahar kala kendra Case study
Jawahar kala kendra Case study
michellesahay
 
JAWAHAR KALA KENDRA
JAWAHAR KALA KENDRAJAWAHAR KALA KENDRA
JAWAHAR KALA KENDRASumit Raina
 
Principle of architecture
Principle of architecturePrinciple of architecture
Principle of architecture
Manish Jain Luhadia
 
Theory of architecture
Theory of architectureTheory of architecture
Theory of architectureKrishna Jhawar
 
Design Thinking Process
Design Thinking ProcessDesign Thinking Process
Design Thinking ProcessHeyy Gus
 
5 Type Of Architecture Design Process
5 Type Of Architecture Design Process 5 Type Of Architecture Design Process
5 Type Of Architecture Design Process
Wan Muhammad / Asas-Khu™
 
2010 Thesis Project
2010 Thesis Project2010 Thesis Project
2010 Thesis Project
Charissa.Williams
 

Viewers also liked (20)

Gear Fit2 Watchface Design Guide
Gear Fit2 Watchface Design GuideGear Fit2 Watchface Design Guide
Gear Fit2 Watchface Design Guide
 
Thomas Speck: Biomimetic architecture
Thomas Speck: Biomimetic architectureThomas Speck: Biomimetic architecture
Thomas Speck: Biomimetic architecture
 
Isabelle Bader Centre for the Performing Arts
Isabelle Bader Centre for the Performing ArtsIsabelle Bader Centre for the Performing Arts
Isabelle Bader Centre for the Performing Arts
 
Simple Energy Brand Book
Simple Energy Brand BookSimple Energy Brand Book
Simple Energy Brand Book
 
Performing art centre acoustics and anthropos sciences
Performing art centre acoustics and anthropos sciencesPerforming art centre acoustics and anthropos sciences
Performing art centre acoustics and anthropos sciences
 
Scale & Proportion
Scale & ProportionScale & Proportion
Scale & Proportion
 
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & RhythmUnity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
Unity, Balance, Scale & Proportion, Contrast, Emphasis & Repetition & Rhythm
 
how to make architecture graduation project
how to make architecture graduation project how to make architecture graduation project
how to make architecture graduation project
 
Principles of design theory of design module 2 proportion,scale, hierarchy etc
Principles of design theory of design module 2 proportion,scale, hierarchy etcPrinciples of design theory of design module 2 proportion,scale, hierarchy etc
Principles of design theory of design module 2 proportion,scale, hierarchy etc
 
JT Performing Arts Center
JT Performing Arts Center JT Performing Arts Center
JT Performing Arts Center
 
Zaha hadid heydar aliyev cultural centre
Zaha hadid heydar aliyev cultural centreZaha hadid heydar aliyev cultural centre
Zaha hadid heydar aliyev cultural centre
 
Thesis Report
Thesis ReportThesis Report
Thesis Report
 
Jawahar kala kendra Case study
Jawahar kala kendra Case studyJawahar kala kendra Case study
Jawahar kala kendra Case study
 
JAWAHAR KALA KENDRA
JAWAHAR KALA KENDRAJAWAHAR KALA KENDRA
JAWAHAR KALA KENDRA
 
Principle of architecture
Principle of architecturePrinciple of architecture
Principle of architecture
 
Theory of architecture
Theory of architectureTheory of architecture
Theory of architecture
 
Design Thinking Process
Design Thinking ProcessDesign Thinking Process
Design Thinking Process
 
Concept sheet - Thesis
Concept sheet - ThesisConcept sheet - Thesis
Concept sheet - Thesis
 
5 Type Of Architecture Design Process
5 Type Of Architecture Design Process 5 Type Of Architecture Design Process
5 Type Of Architecture Design Process
 
2010 Thesis Project
2010 Thesis Project2010 Thesis Project
2010 Thesis Project
 

Similar to Single Sign-on Framework in Tizen

Remote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxRemote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxGiuseppe Paterno'
 
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
Overview of NSA Security Enhanced Linux - FOSS.IN/2005Overview of NSA Security Enhanced Linux - FOSS.IN/2005
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
James Morris
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14jemtallon
 
[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
OWASP
 
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara
 
Kernel security of Systems
Kernel security of SystemsKernel security of Systems
Kernel security of Systems
Jamal Jamali
 
Internship msc cs
Internship msc csInternship msc cs
Internship msc cs
Pooja Bhojwani
 
Application Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs SecurityApplication Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs Security
Lumension
 
Cryptography and system security
Cryptography and system securityCryptography and system security
Cryptography and system security
Gary Mendonca
 
CISSP Week 22
CISSP Week 22CISSP Week 22
CISSP Week 22jemtallon
 
Chapter 09
Chapter 09Chapter 09
Chapter 09
cclay3
 
Process behaviour modelling using lsm
Process behaviour modelling using lsmProcess behaviour modelling using lsm
Process behaviour modelling using lsmiaemedu
 
Avanan Platform.pdf
Avanan Platform.pdfAvanan Platform.pdf
Avanan Platform.pdf
praveen830370
 
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Codemotion
 
DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019
NotSoSecure Global Services
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models7wounders
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 

Similar to Single Sign-on Framework in Tizen (20)

Remote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxRemote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise Linux
 
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
Overview of NSA Security Enhanced Linux - FOSS.IN/2005Overview of NSA Security Enhanced Linux - FOSS.IN/2005
Overview of NSA Security Enhanced Linux - FOSS.IN/2005
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14
 
[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
 
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
 
Kernel security of Systems
Kernel security of SystemsKernel security of Systems
Kernel security of Systems
 
Internship msc cs
Internship msc csInternship msc cs
Internship msc cs
 
Application Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs SecurityApplication Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs Security
 
Cryptography and system security
Cryptography and system securityCryptography and system security
Cryptography and system security
 
CISSP Week 22
CISSP Week 22CISSP Week 22
CISSP Week 22
 
Ch11 system administration
Ch11 system administration Ch11 system administration
Ch11 system administration
 
Ch11
Ch11Ch11
Ch11
 
Chapter 09
Chapter 09Chapter 09
Chapter 09
 
Process behaviour modelling using lsm
Process behaviour modelling using lsmProcess behaviour modelling using lsm
Process behaviour modelling using lsm
 
Avanan Platform.pdf
Avanan Platform.pdfAvanan Platform.pdf
Avanan Platform.pdf
 
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
 
DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models
 
Operating system security
Operating system securityOperating system security
Operating system security
 
SECURITY SYSTEM INTEGRATION
SECURITY SYSTEM INTEGRATIONSECURITY SYSTEM INTEGRATION
SECURITY SYSTEM INTEGRATION
 

More from Ryo Jin

Why is EFL used on Tizen?
Why is EFL used on Tizen?Why is EFL used on Tizen?
Why is EFL used on Tizen?
Ryo Jin
 
Samsung Z4 User Manual
Samsung Z4 User ManualSamsung Z4 User Manual
Samsung Z4 User Manual
Ryo Jin
 
Samsung ARTIK 050 (ARTIK ZERO) Modules Data Sheet
Samsung ARTIK 050 (ARTIK ZERO) Modules Data SheetSamsung ARTIK 050 (ARTIK ZERO) Modules Data Sheet
Samsung ARTIK 050 (ARTIK ZERO) Modules Data Sheet
Ryo Jin
 
Introduction to Watch Face Development with Tizen Studio
Introduction to Watch Face Development with Tizen StudioIntroduction to Watch Face Development with Tizen Studio
Introduction to Watch Face Development with Tizen Studio
Ryo Jin
 
Tizen 3.0's Window System Integration Layer of OpenGLES/EGL & Vulkan Driver
Tizen 3.0's Window System Integration Layer of OpenGLES/EGL & Vulkan DriverTizen 3.0's Window System Integration Layer of OpenGLES/EGL & Vulkan Driver
Tizen 3.0's Window System Integration Layer of OpenGLES/EGL & Vulkan Driver
Ryo Jin
 
Panduan Penggunaan Perangkat Wearable Tizen
Panduan Penggunaan Perangkat Wearable TizenPanduan Penggunaan Perangkat Wearable Tizen
Panduan Penggunaan Perangkat Wearable Tizen
Ryo Jin
 
Cara Menggunakan Smartphone Tizen
Cara Menggunakan Smartphone TizenCara Menggunakan Smartphone Tizen
Cara Menggunakan Smartphone Tizen
Ryo Jin
 
Samsung Indonesia: Tizen Store
Samsung Indonesia: Tizen StoreSamsung Indonesia: Tizen Store
Samsung Indonesia: Tizen Store
Ryo Jin
 
Samsung Indonesia: Tizen Wearables
Samsung Indonesia: Tizen WearablesSamsung Indonesia: Tizen Wearables
Samsung Indonesia: Tizen Wearables
Ryo Jin
 
Samsung Indonesia: Tizen Web Apps
Samsung Indonesia: Tizen Web AppsSamsung Indonesia: Tizen Web Apps
Samsung Indonesia: Tizen Web Apps
Ryo Jin
 
Samsung Indonesia: Tizen Native App
Samsung Indonesia: Tizen Native AppSamsung Indonesia: Tizen Native App
Samsung Indonesia: Tizen Native App
Ryo Jin
 
Samsung Indonesia: Tizen Platform Overview and IoT
Samsung Indonesia: Tizen Platform Overview and IoTSamsung Indonesia: Tizen Platform Overview and IoT
Samsung Indonesia: Tizen Platform Overview and IoT
Ryo Jin
 
Russian Tizen Project
Russian Tizen ProjectRussian Tizen Project
Russian Tizen Project
Ryo Jin
 
Samsung SM-R360 Tizen User Manual
Samsung SM-R360 Tizen User ManualSamsung SM-R360 Tizen User Manual
Samsung SM-R360 Tizen User Manual
Ryo Jin
 
Tizen Micro Profile for IoT device
Tizen Micro Profile for IoT deviceTizen Micro Profile for IoT device
Tizen Micro Profile for IoT device
Ryo Jin
 
Panduan Dasar Pemrograman Tizen
Panduan Dasar Pemrograman TizenPanduan Dasar Pemrograman Tizen
Panduan Dasar Pemrograman Tizen
Ryo Jin
 
The Story of Enlightenment, EFL, Tizen and Wayland
The Story of Enlightenment, EFL, Tizen and WaylandThe Story of Enlightenment, EFL, Tizen and Wayland
The Story of Enlightenment, EFL, Tizen and Wayland
Ryo Jin
 
Tizen PASS
Tizen PASSTizen PASS
Tizen PASS
Ryo Jin
 
Tizen PASS
Tizen PASSTizen PASS
Tizen PASS
Ryo Jin
 
Samsung Gear UI Design Guidelines
Samsung Gear UI Design GuidelinesSamsung Gear UI Design Guidelines
Samsung Gear UI Design Guidelines
Ryo Jin
 

More from Ryo Jin (20)

Why is EFL used on Tizen?
Why is EFL used on Tizen?Why is EFL used on Tizen?
Why is EFL used on Tizen?
 
Samsung Z4 User Manual
Samsung Z4 User ManualSamsung Z4 User Manual
Samsung Z4 User Manual
 
Samsung ARTIK 050 (ARTIK ZERO) Modules Data Sheet
Samsung ARTIK 050 (ARTIK ZERO) Modules Data SheetSamsung ARTIK 050 (ARTIK ZERO) Modules Data Sheet
Samsung ARTIK 050 (ARTIK ZERO) Modules Data Sheet
 
Introduction to Watch Face Development with Tizen Studio
Introduction to Watch Face Development with Tizen StudioIntroduction to Watch Face Development with Tizen Studio
Introduction to Watch Face Development with Tizen Studio
 
Tizen 3.0's Window System Integration Layer of OpenGLES/EGL & Vulkan Driver
Tizen 3.0's Window System Integration Layer of OpenGLES/EGL & Vulkan DriverTizen 3.0's Window System Integration Layer of OpenGLES/EGL & Vulkan Driver
Tizen 3.0's Window System Integration Layer of OpenGLES/EGL & Vulkan Driver
 
Panduan Penggunaan Perangkat Wearable Tizen
Panduan Penggunaan Perangkat Wearable TizenPanduan Penggunaan Perangkat Wearable Tizen
Panduan Penggunaan Perangkat Wearable Tizen
 
Cara Menggunakan Smartphone Tizen
Cara Menggunakan Smartphone TizenCara Menggunakan Smartphone Tizen
Cara Menggunakan Smartphone Tizen
 
Samsung Indonesia: Tizen Store
Samsung Indonesia: Tizen StoreSamsung Indonesia: Tizen Store
Samsung Indonesia: Tizen Store
 
Samsung Indonesia: Tizen Wearables
Samsung Indonesia: Tizen WearablesSamsung Indonesia: Tizen Wearables
Samsung Indonesia: Tizen Wearables
 
Samsung Indonesia: Tizen Web Apps
Samsung Indonesia: Tizen Web AppsSamsung Indonesia: Tizen Web Apps
Samsung Indonesia: Tizen Web Apps
 
Samsung Indonesia: Tizen Native App
Samsung Indonesia: Tizen Native AppSamsung Indonesia: Tizen Native App
Samsung Indonesia: Tizen Native App
 
Samsung Indonesia: Tizen Platform Overview and IoT
Samsung Indonesia: Tizen Platform Overview and IoTSamsung Indonesia: Tizen Platform Overview and IoT
Samsung Indonesia: Tizen Platform Overview and IoT
 
Russian Tizen Project
Russian Tizen ProjectRussian Tizen Project
Russian Tizen Project
 
Samsung SM-R360 Tizen User Manual
Samsung SM-R360 Tizen User ManualSamsung SM-R360 Tizen User Manual
Samsung SM-R360 Tizen User Manual
 
Tizen Micro Profile for IoT device
Tizen Micro Profile for IoT deviceTizen Micro Profile for IoT device
Tizen Micro Profile for IoT device
 
Panduan Dasar Pemrograman Tizen
Panduan Dasar Pemrograman TizenPanduan Dasar Pemrograman Tizen
Panduan Dasar Pemrograman Tizen
 
The Story of Enlightenment, EFL, Tizen and Wayland
The Story of Enlightenment, EFL, Tizen and WaylandThe Story of Enlightenment, EFL, Tizen and Wayland
The Story of Enlightenment, EFL, Tizen and Wayland
 
Tizen PASS
Tizen PASSTizen PASS
Tizen PASS
 
Tizen PASS
Tizen PASSTizen PASS
Tizen PASS
 
Samsung Gear UI Design Guidelines
Samsung Gear UI Design GuidelinesSamsung Gear UI Design Guidelines
Samsung Gear UI Design Guidelines
 

Recently uploaded

How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 

Recently uploaded (20)

How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 

Single Sign-on Framework in Tizen

  • 1. Single Sign-On Framework in Tizen Contributors: Alexander Kanavin, Jussi Laako, Jaska Uimonen
  • 3. What is the problem that Single Sign-on systems are aiming to solve? Source: xkcd.com/1200
  • 4. What is gSSO? ● A system for storing sensitive user data (credentials is the term for it) securely* ● Provides implementations of common** operations and authentication protocols that use those credentials and the API to access it ● Written entirely in C using Glib and its class and object system (Gobject) ● License: LGPL 2.1+ * the word 'securely' will be explained in a moment ** what exactly is meant by 'common' operations will also be explained in a moment
  • 5. What is 'security' as understood by gSSO? (1/2) Credentials are stored in a database, and the database must be stored on disk so that only gsso can access it – The details of such secure storage are handled by plugins – By default classic Unix permissions on the database file are used – The database can also be encrypted on disk using ecryptfs – Other platform security mechanisms can be utilized by writing additional plugins
  • 6. What is 'security' as understood by gSSO? (2/2) Access to each credential must be allowed only to explicitly listed applications – Each credential has an access control list – Checks against this list are performed by an access control plugin – The default plugin is using filesystem paths to perform checks – There is also a plugin that is using SMACK labels – There is also support for access controlling applications, if they are not standalone binaries, but scripts that run in a runtime
  • 7. What are the common operations that use credentials? ● Applications do not access credentials directly (again, this is good for security) ● Applications initiate an operation on a credential from a list of allowed operations (mechanisms) ● List of allowed methods/mechanisms is stored together with the credential in a database ● Method is a class implemented by a plugin ● Mechanisms are functions of a method With that said, the methods fall broadly into two categories: ● Offline (do not send anything over the network) ● Online (usually, authentication protocols to get access to some service)
  • 8. Offline methods ● The simplest method: store and retrieve a username/password pair – Can be used for password management, or when the password is sent directly over the network (not a good idea!) – Implemented by 'password' plugin ● X.509 – Handles operations with X.509 certificates such as sign, verify, encrypt and decrypt, without exposing the related keys to applications ● Generic encryption/decryption engine – The key is never exposed to the applications ● Front-end to specialized security hardware (such as a trusted execution engine or a smart card) – Provides a common API to applications, so they don't have to implement a hardware specific API
  • 9. Online methods ● OAuth version 1 and 2 – Very popular mechanism for authorizing applications to access online services. Used by Google, Facebook, Twitter, Microsoft, LinkedIn, Amazon, Yahoo,... pretty much everybody. – Typically involves showing the user a webpage which asks if the user trusts some application to access some data from a service, and if the user does, the application gets a magic access string (a 'token') – GSSO implements the client side of OAuth 1 and 2 RFC standards fully, even though they are rather large :) ● SASL – A set of mechanisms for challenge/response based authentication – Used in IMAP, SMTP, XMPP, LDAP, IRC,... – GSSO implements the most common mechanisms ● HTTP Digest authentication
  • 10. Architecture – all the pieces together
  • 13. Conclusion http://01.org/gsso LGPL 2.1+ Git repositories, mailing lists, bug tracker, IRC channel, documentation, tarball downloads, etc. All of that can be found at the above address