1
00:00:07,090 --> 00:00:15,220
For a claim based authentication to work organisations must agree on the format for exchanging claims,

2
00:00:15,760 --> 00:00:24,850
rather than have each business define this format as set of specifications broadly identified as Web

3
00:00:24,850 --> 00:00:27,430
services has been developed.

4
00:00:28,000 --> 00:00:37,180
Any organizations that want to implement a federated identity solution can use this set of specifications.

5
00:00:37,810 --> 00:00:46,870
Web services comprise a set of specifications that are used for building connected applications and

6
00:00:46,870 --> 00:00:54,310
services and whose functionalities and interfaces are exposed to potential users.

7
00:00:54,610 --> 00:01:03,190
Through web technologies standards such as example, simple object, access, protocol, Web Services,

8
00:01:03,190 --> 00:01:07,360
description, language is to be and should be.

9
00:01:07,360 --> 00:01:17,470
Has the goal of creating web applications by using Web services is to simplify interoperability for

10
00:01:17,470 --> 00:01:23,250
applications across multiple deployment platforms, technologies and networks.

11
00:01:24,130 --> 00:01:26,570
To enhance interoperability.

12
00:01:26,980 --> 00:01:31,870
Web services are defined by a set of industry standards.

13
00:01:33,280 --> 00:01:41,410
Now most web services use example to transmit data through H2 to be attached to the base.

14
00:01:41,800 --> 00:01:51,040
With example, developers can create their own customized tags, thereby facilitating the definition,

15
00:01:51,040 --> 00:01:59,230
transmission, validation and interpretation of data between applications and organizations.

16
00:02:00,360 --> 00:02:08,070
Web services expose useful functionality to Web users through a standard protocol.

17
00:02:08,460 --> 00:02:10,800
In most cases, Web services use.

18
00:02:11,830 --> 00:02:15,460
So which is the communication protocol?

19
00:02:15,460 --> 00:02:17,380
For example, Web services.

20
00:02:17,800 --> 00:02:28,840
So is a specification that defines the SML format for messages, and it essentially describes what a

21
00:02:28,840 --> 00:02:31,540
relatively simple document looks like.

22
00:02:33,100 --> 00:02:42,640
Web services provide a way to describe their interface in enough detail to allow a user to built a client

23
00:02:42,640 --> 00:02:45,760
application to communicate with a service.

24
00:02:46,180 --> 00:02:54,610
This description is usually provided in an Excel document called a W SDL document.

25
00:02:55,030 --> 00:03:04,540
In other words, a W SDL file is an SML document that describes a set of social messages and how those

26
00:03:04,540 --> 00:03:06,340
messages are exchanged.

27
00:03:07,600 --> 00:03:14,950
Web services are registered so that potential users can easily find them.

28
00:03:15,310 --> 00:03:20,670
This is done with universal and description, discovery and integration.

29
00:03:20,680 --> 00:03:22,750
Or you did.

30
00:03:24,250 --> 00:03:24,660
You did.

31
00:03:24,880 --> 00:03:32,980
I Directorate Andrew is an example file that describes a business and the services it offers.

32
00:03:34,140 --> 00:03:37,530
Also worries about Web services, security applications.

33
00:03:38,190 --> 00:03:48,450
Web services specifications include several components that are commonly known as W as their specifications.

34
00:03:49,430 --> 00:03:57,110
However, the most relevant specifications for them in the first environment are the Web Services,

35
00:03:57,110 --> 00:04:01,340
Security or WAC, the security specifications.

36
00:04:02,280 --> 00:04:03,210
WAC.

37
00:04:03,630 --> 00:04:07,500
The security includes the following specifications.

38
00:04:08,690 --> 00:04:18,860
W is this security so massive security and x509 cert token profile.

39
00:04:20,130 --> 00:04:28,560
WAC security describes enhancements to a sold message and that provide quality of protection through

40
00:04:28,560 --> 00:04:35,220
message integrity, message confidentiality and single message authentication.

41
00:04:35,870 --> 00:04:45,480
WAC Security also provides a general purpose yet extensible mechanism for associated and security tokens

42
00:04:45,480 --> 00:04:46,590
with messages.

43
00:04:47,190 --> 00:04:52,740
Additionally, it provides a mechanism to ensure binary security tokens.

44
00:04:53,100 --> 00:05:02,730
Specifically x DOD 509 certificates and Kerberos tickets in sold messages.

45
00:05:03,790 --> 00:05:05,950
Another specification of this.

46
00:05:07,150 --> 00:05:20,020
WS Security is web services trust or w us distrust w ers distrust defiance extensions are built on w

47
00:05:20,050 --> 00:05:27,460
are security to request and to ensure security tokens and to manage trust relationships.

48
00:05:28,820 --> 00:05:34,340
Verb services for duration or W.S. does for duration.

49
00:05:34,490 --> 00:05:36,530
Double use for duration.

50
00:05:36,770 --> 00:05:48,650
Defines mechanisms that WAC security can use to allow attribute based identity authentication and authorization

51
00:05:48,650 --> 00:05:52,340
for duration across different trust realms.

52
00:05:53,630 --> 00:05:58,940
Another specification is w used for duration, passive request or profile.

53
00:05:59,480 --> 00:06:08,540
This WS security extension describes how passive clients such as web browsers can acquire tokens from

54
00:06:08,540 --> 00:06:15,080
a for duration server and how the client can submit tokens for duration server.

55
00:06:15,710 --> 00:06:23,810
The passive requester of this profile are limited to the H2 to B or S to base protocol.

56
00:06:24,530 --> 00:06:29,810
And lastly, double use for duration, active request or profile.

57
00:06:30,230 --> 00:06:39,830
This WS security extension describes how active clients such as so based mobile device apps can be authenticated

58
00:06:39,830 --> 00:06:45,740
and authorized and how the client can submit claims in a for durations.

59
00:06:45,740 --> 00:06:52,250
Tamura also notes about security assertion markup language.

60
00:06:52,580 --> 00:07:00,860
Security Assertion Markup Language or symbol is an example by standard for exchanging a claims between

61
00:07:01,130 --> 00:07:05,840
an identity provider and a service or application provider.

62
00:07:07,220 --> 00:07:16,760
Thermal assumes that an identity provider has authenticated a user and populated the appropriate claim

63
00:07:16,760 --> 00:07:19,280
information in the security token.

64
00:07:19,790 --> 00:07:28,340
Whether the identity provider authenticates the user, it passes a thermal assertion to the service

65
00:07:28,340 --> 00:07:29,030
provider.

66
00:07:29,510 --> 00:07:38,240
Based on this assertion, the service provider can make authentication and personalization decisions

67
00:07:38,630 --> 00:07:40,190
within an obligation.

68
00:07:40,610 --> 00:07:51,920
The communication between Federation servers is based on an example document that stores the x .5009

69
00:07:51,920 --> 00:08:01,130
certificate for token signing and the thermal 1.1 or a thermal 2.0 token.

70
00:08:02,160 --> 00:08:05,670
Next up, we'll be talking about what is a DFS.

71
00:08:06,030 --> 00:08:06,960
I'll see you then.