The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Cisco report highlights security woes

Cisco has launched its 2010 mid-year security report, which has shown a sea change in how businesses use IT resources with borderless networks, while IT departments struggle to provide security while coping with users using their personal phones to access corporate IT resources and cloud computing, which processes data outside the corporate data centre...Cisco offers AnyConnect secure mobility, a combination of Cisco ASA firewall and Cisco Ironport. For instance, it provides gated, controlled access to Salesforce. Traditionally, when an employee leaves, his Active Directory entry is deleted and can no longer access email and other corporate assets. However, someone might forget to delete the employee's Salesforce account and he can still download customer data to take to his new employer.

With AnyConnect, all employees are required to log in to the corporate network via VPN (virtual private network) and the authentication gets passed to the Cisco web security appliance. This gets extended via SAML (Security Assertion Markup Language) to enable single sign-on across a variety of services, including Salesforce. In this scenario, if the employee leaves, the single sign-on will be broken. Nor would he will be able to log into Salesforce directly, as he would never have known his login credentials...

Read the complete article in the Bangkok Post. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I