![[ Back to EurekAlert! ]](http://www.eurekalert.org/images/back2e.gif){kind=small}
Public release date: 15-Aug-2012[ | E-mail |
Share ] Contact: Dr. Joerg Schwenk
joerg.schwenk@rub.de
49-234-322-6692
Ruhr-University Bochum
Single sign-on systems can be improved
Web shops, Cloud Computing, Online CRM systems: Each day many IT systems require the user to identify himself. Single Sign-On (SSO) systems were introduced to circumvent this problem, and to establish structured Identity Management (IDM) systems in industry: Here the user only has to identify once, all subsequent authentications are done automatically. However, SSO systems based on the industry standard SAML have huge vulnerabilities: Roughly 80 percent of these systems could be broken by the researchers from Ruhr-Universitt Bochum.
Protection through digital signatures
Single Sign-On (SSO) can be compared to a well guarded door, which protects sensitive company data: Once you have passed this door, you can access all data. Many industry SSO systems are built on the basis of the Security Assertion Markup Language (SAML). Identity information is stored in a SAML message, protected by a digital signature. Researchers from Bochum were able to circumvent this protection completely in 12 out of 14 SAML systems.
Security functions circumvented
"With novel XML Signature Wrapping techniques we were able to circumvent these digital signatures completely", says Prof. Jrg Schwenk from Ruhr-Universitt. "Thus we could impersonate any user, even system administrators." Amongst the 12 affected systems were the SaaS Cloud provider Salesforce, the IBM Datapower security gateway, Onelogin (could e.g. be used as an optional module in Joomla, Wordpress, SugarCRM, or Drupal) and OpenSAML (used e.g. in Shibboleth, and SuisseID, and OpenSAML).
Responsible Disclosure
"After we found the attacks, we immediately informed the affected companies, and proposed ways to mitigate the attacks", states security expert and external PhD student Andreas Mayer (Adolf Wrth GmbH & Co. KG). "Through the close cooperation with the responsible security teams, the vulnerabilities are now fixed", Juraj Somorovsky adds.
###
Publication
On August 10th, 2012 Juraj Somorovsky presented the results at the 21st USENIX Security Symposium in Bellevue, Washington. http://www.nds.rub.de/research/publications/BreakingSAML
Further Information
Prof. Dr. Jrg Schwenk, Ruhr-Universitt Bochum, Lehrstuhl fr Netz- und Datensicherheit, Tel. +49 234 32 26692, joerg.schwenk@rub.de
[ | E-mail | Share ] ?
AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert! system.
Public release date: 15-Aug-2012[ | E-mail |
Share ] Contact: Dr. Joerg Schwenk
joerg.schwenk@rub.de
49-234-322-6692
Ruhr-University Bochum
Single sign-on systems can be improved
Web shops, Cloud Computing, Online CRM systems: Each day many IT systems require the user to identify himself. Single Sign-On (SSO) systems were introduced to circumvent this problem, and to establish structured Identity Management (IDM) systems in industry: Here the user only has to identify once, all subsequent authentications are done automatically. However, SSO systems based on the industry standard SAML have huge vulnerabilities: Roughly 80 percent of these systems could be broken by the researchers from Ruhr-Universitt Bochum.
Protection through digital signatures
Single Sign-On (SSO) can be compared to a well guarded door, which protects sensitive company data: Once you have passed this door, you can access all data. Many industry SSO systems are built on the basis of the Security Assertion Markup Language (SAML). Identity information is stored in a SAML message, protected by a digital signature. Researchers from Bochum were able to circumvent this protection completely in 12 out of 14 SAML systems.
Security functions circumvented
"With novel XML Signature Wrapping techniques we were able to circumvent these digital signatures completely", says Prof. Jrg Schwenk from Ruhr-Universitt. "Thus we could impersonate any user, even system administrators." Amongst the 12 affected systems were the SaaS Cloud provider Salesforce, the IBM Datapower security gateway, Onelogin (could e.g. be used as an optional module in Joomla, Wordpress, SugarCRM, or Drupal) and OpenSAML (used e.g. in Shibboleth, and SuisseID, and OpenSAML).
Responsible Disclosure
"After we found the attacks, we immediately informed the affected companies, and proposed ways to mitigate the attacks", states security expert and external PhD student Andreas Mayer (Adolf Wrth GmbH & Co. KG). "Through the close cooperation with the responsible security teams, the vulnerabilities are now fixed", Juraj Somorovsky adds.
###
Publication
On August 10th, 2012 Juraj Somorovsky presented the results at the 21st USENIX Security Symposium in Bellevue, Washington. http://www.nds.rub.de/research/publications/BreakingSAML
Further Information
Prof. Dr. Jrg Schwenk, Ruhr-Universitt Bochum, Lehrstuhl fr Netz- und Datensicherheit, Tel. +49 234 32 26692, joerg.schwenk@rub.de
[ | E-mail | Share ] ?
AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert! system.
Source: http://www.eurekalert.org/pub_releases/2012-08/rb-bwy081512.php
whitney houston found dead i will always love you whitney houston 2012 grammy awards powerball results pebble beach golf beverly hilton roland martin
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.