Security Concepts: Difference between revisions
(→LDAP) |
|||
| Line 30: | Line 30: | ||
<font color=red>TODO https://home.feodorov.com:9443/wiki/Wiki.jsp?page=LDAP</font> | <font color=red>TODO https://home.feodorov.com:9443/wiki/Wiki.jsp?page=LDAP</font> | ||
=Security Protocols= | |||
* [[WS-*]] | |||
* [[SAML]] | |||
* [[OAuth 2.0]] | |||
* [[Kerberos]] | |||
Revision as of 01:13, 7 November 2017
Authentication
Authentication is the process of identifying a subject and verifying the authenticity of the identification information.
The most common authentication mechanism is username/password. Other mechanisms are available: public key, shared key, smart cards, etc.
In the context of JEE declarative security, the result of a successful authentication is called a principal.
Related subjects: Basic and Digest HTTP Authentication.
Authorization
Authorization is the mechanism for granting or denying access to a resource based on identity.
In JEE, this is usually implemented by matching a principal with a set of actions they are or are not allowed to perform. This mapping is referred as a role.
Encryption
TODO https://home.feodorov.com:9443/wiki/Wiki.jsp?page=CryptographicAlgorithms#EncryptionAndDecryption
SSL/TLS
SSO
TODO https://home.feodorov.com:9443/wiki/Wiki.jsp?page=SingleSign-On
LDAP
TODO https://home.feodorov.com:9443/wiki/Wiki.jsp?page=LDAP