SlideShare una empresa de Scribd logo

Srs sso-version-1.2-stable version-0

Descargar como DOC, PDF
Shahzad
Shahzad
1 de 8
Single Sign On/Federation via AD FS/WIF/SAML Software Requirements Specification Group Id: F1202FBFA8 (MC110403218) Supervisor Name: Sarfraz Ahmad Awan (sawan@vu.edu.pk)
Revision History Date Version Description Author 11/2/1012 1.0 Initial Draft for all the basic elements MC110403218 of SRS document 11/5/2012 1.1 Added scope for project and MC110403218 Refined use cases. 11/5/2012 1.2 Labeled as version 1.2 send to MC110403218 Sarfraz Ahmad Awan as assignment no 1
Contents Overview....................................................................................................................................3 Scope..........................................................................................................................................4 Software Requirement................................................................................................................5 User Case Diagram.....................................................................................................................6 Use case Explanation..................................................................................................................7 ..........................................................................................................................................9 Overview 1.1 Introduction Single Sign On (SSO) (also known as Enterprise Single Sign On or "ESSO") is the ability for a user to enter the same id and password to logon to multiple applications within an enterprise. As passwords are the least secure authentication mechanism, single sign on has now become known as reduced sign on (RSO) since more than one type of authentication mechanism is used according to enterprise risk models.
1.2 Competitor solution For details, please visit: http://en.wikipedia.org/wiki/List_of_single_sign-on_implementations 1.3 Implementation technologies Microsoft .Net Framework / C# WIF http://en.wikipedia.org/wiki/Windows_Identity_Foundation SAML http://en.wikipedia.org/wiki/SAML_2.0 WS-Trust http://en.wikipedia.org/wiki/WS-Trust WS-Security http://en.wikipedia.org/wiki/WS-Security Scope 1.4 Architecture Scope Options 1.4.1 Implementation via Federation Server for SSO Federation server can be implemented to handle federation mechanism for SSO. It would be best laid architecture. But can be out of scope for current course. A POC will be done to make sure that the current scope is properly under stood. Scope can be dependent on design phase of the project.
1.4.2 Development of STS Service for SSO AD FS will act as STS Service. Scope for AD FS can be dependent on design phase of the project. 1.4.3 Identity Providers to cover for SSO Currently Active directory is primary scope as Identity provider. 1.4.4 Service Providers to cover for SSO ASP .Net business applications like HR application will act as service provider for current implementation. 1.4.5 OS scope for SSO Current project will only cover Windows Server 2012 as testing and development environment for Server operating system. Current project will only cover Windows 8 as testing and development environment for client operation system. 1.4.6 SAML Implementation Scope Windows Identity Foundation have SAML 2.0 implementation as extension as explained in http://connect.microsoft.com/site1168/Downloads/DownloadDetails.aspx? DownloadID=36088 This will be current scope of SAML 2.0 implementation. Software Requirement 1.5 Functional Software Requirement 1.5.1 Transparent SSO For end user there should not be any visual indicator that user is moving from one application to another. Means for end user it should be transparent SSO. 1.5.2 Source and destination Source and destination Provider should be configurable. 1.5.3 Administrator Console • There should not be any hard coding for entities evolved in solution like Identity provider or Service Provider. • STS Service should not be hard coded; there must an interface to change URL for STS Service. • Service accounts for solution must be configurable via UI interface.
1.6 Non-Functional Software Requirement 1.6.1 Performance Requirements SSO must be performed with no delays. Robust redirection should be provided from source to destination. 1.6.2 Security Requirements The security requirements to be met by an implementation of SSO are: • SSO shall not adversely affect the resilience of the system within which it is deployed. • SSO shall not adversely impact the availability of any individual system service. • An SSO implementation shall audit all security relevant events which occur within the context of the XSSO. • An SSO implementation shall protect all security relevant information supplied to or generated by the XSSO implementation such that other services may adequately trust the integrity and origin of all security information provided to them as part of a secondary sign-on operation. • The SSO shall provide protection to security relevant information when exchanged between its own constituent components and between those components and other services. User Case Diagram
Use case Explanation Explanation for only primary use cases (Those mainly used by actors) is written below. 1.7 Use Case Id 00001 Use Case Title Configure SSO Provider Abbreviated Title C_SSO_Provider Use Case Id 00001 Requirement Id 3.1.2 , 3.1.3 Description: It is administrative task and will be performed by SSO Admin Pre Conditions: Solution is properly installed. STS Service is already installed. Task Sequence Exceptions 1. Open MMC for SSO 2. Identify the Source or destination - type of provider to configure. 3. Provide configuration like URL or other related info. Some provider might not have URL 4. Provide Service account info for configuration like user name and Some provider might password give anonymous access. . Post Conditions: Provider is tested and returns positive response to SSO admin. Unresolved issues: Authority: Shahzad Sarwar Modification history: Initial Draft Author: Shahzad Sarwar Description: Needs review by Course Supervisor : Sarfraz Ahmad Awan 1.8 Use Case Id 00002 Use Case Title Configure Identity Privder Abbreviated Title C_I_Privder Use Case Id 00002 Requirement Id 3.1.2 , 3.1.3 Description: It is administrative task and will be performed by SSO Admin Pre Conditions: Solution is properly installed. STS Service is already installed. Identify Provider is reachable. Task Sequence Exceptions
1.6 Non-Functional Software Requirement 1.6.1 Performance Requirements SSO must be performed with no delays. Robust redirection should be provided from source to destination. 1.6.2 Security Requirements The security requirements to be met by an implementation of SSO are: • SSO shall not adversely affect the resilience of the system within which it is deployed. • SSO shall not adversely impact the availability of any individual system service. • An SSO implementation shall audit all security relevant events which occur within the context of the XSSO. • An SSO implementation shall protect all security relevant information supplied to or generated by the XSSO implementation such that other services may adequately trust the integrity and origin of all security information provided to them as part of a secondary sign-on operation. • The SSO shall provide protection to security relevant information when exchanged between its own constituent components and between those components and other services. User Case Diagram

Recomendados

Whitepaper on Installation and configuration if IBM RTC 3.0.1.2 on Windows Se...
Whitepaper on Installation and configuration if IBM RTC 3.0.1.2 on Windows Se...Whitepaper on Installation and configuration if IBM RTC 3.0.1.2 on Windows Se...
Whitepaper on Installation and configuration if IBM RTC 3.0.1.2 on Windows Se...Navneet Kumar
 
Flows in mule
Flows in muleFlows in mule
Flows in muleSon Nguyen
 
Hacking Zy Xel Gateways
Hacking Zy Xel GatewaysHacking Zy Xel Gateways
Hacking Zy Xel Gatewaysphanleson
 
PCI-DSS Compliance Using the Hitachi ID Management Suite
PCI-DSS Compliance Using the Hitachi ID Management SuitePCI-DSS Compliance Using the Hitachi ID Management Suite
PCI-DSS Compliance Using the Hitachi ID Management SuiteHitachi ID Systems, Inc.
 
Whats New in OSSIM v2.3?
Whats New in OSSIM v2.3? Whats New in OSSIM v2.3?
Whats New in OSSIM v2.3? AlienVault
 
Os Command Injection Attack
Os Command Injection AttackOs Command Injection Attack
Os Command Injection AttackRaghav Bisht
 
Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...IBM222
 
Spring security4.x
Spring security4.xSpring security4.x
Spring security4.xZeeshan Khan
 

Recomendados

Whitepaper on Installation and configuration if IBM RTC 3.0.1.2 on Windows Se...
Whitepaper on Installation and configuration if IBM RTC 3.0.1.2 on Windows Se...Whitepaper on Installation and configuration if IBM RTC 3.0.1.2 on Windows Se...
Whitepaper on Installation and configuration if IBM RTC 3.0.1.2 on Windows Se...Navneet Kumar
 
Flows in mule
Flows in muleFlows in mule
Flows in muleSon Nguyen
 
Hacking Zy Xel Gateways
Hacking Zy Xel GatewaysHacking Zy Xel Gateways
Hacking Zy Xel Gatewaysphanleson
 
PCI-DSS Compliance Using the Hitachi ID Management Suite
PCI-DSS Compliance Using the Hitachi ID Management SuitePCI-DSS Compliance Using the Hitachi ID Management Suite
PCI-DSS Compliance Using the Hitachi ID Management SuiteHitachi ID Systems, Inc.
 
Whats New in OSSIM v2.3?
Whats New in OSSIM v2.3? Whats New in OSSIM v2.3?
Whats New in OSSIM v2.3? AlienVault
 
Os Command Injection Attack
Os Command Injection AttackOs Command Injection Attack
Os Command Injection AttackRaghav Bisht
 
Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...IBM222
 
Spring security4.x
Spring security4.xSpring security4.x
Spring security4.xZeeshan Khan
 
What is future of web with reference to html5 will it devalue current present...
What is future of web with reference to html5 will it devalue current present...What is future of web with reference to html5 will it devalue current present...
What is future of web with reference to html5 will it devalue current present...Shahzad
 
White Paper On ConCurrency For PCMS Application Architecture
White Paper On ConCurrency For PCMS Application ArchitectureWhite Paper On ConCurrency For PCMS Application Architecture
White Paper On ConCurrency For PCMS Application ArchitectureShahzad
 
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...Shahzad
 
Whitepaper To Study Filestream Option In Sql Server
Whitepaper To Study Filestream Option In Sql ServerWhitepaper To Study Filestream Option In Sql Server
Whitepaper To Study Filestream Option In Sql ServerShahzad
 
To Analyze Cargo Loading Optimization Algorithm
To Analyze Cargo Loading Optimization AlgorithmTo Analyze Cargo Loading Optimization Algorithm
To Analyze Cargo Loading Optimization AlgorithmShahzad
 
Cargo load planning & freight optimization
Cargo load planning & freight optimizationCargo load planning & freight optimization
Cargo load planning & freight optimizationPuneet Mishra
 
Srs sso-version-1.2-stable version
Srs sso-version-1.2-stable versionSrs sso-version-1.2-stable version
Srs sso-version-1.2-stable versionShahzad
 
802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for SeacoastSithideth Banavong
 
Software Requirement Specification For Smart Internet Cafe
Software Requirement Specification For Smart Internet CafeSoftware Requirement Specification For Smart Internet Cafe
Software Requirement Specification For Smart Internet CafeHari
 
W4502140150
W4502140150W4502140150
W4502140150IJERA Editor
 
Active directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfActive directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfsandeep updahayay
 
Active directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfActive directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfBilguun Ganbat
 
Saas security
Saas securitySaas security
Saas securitySandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Microservices
MicroservicesMicroservices
MicroservicesRamesh (@Mavuluri)
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srssushilprajapati
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srssushilprajapati
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srssushilprajapati
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srssushilprajapati
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srssushilprajapati
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srssushilprajapati
 
Group 4 STS final version
Group 4 STS final versionGroup 4 STS final version
Group 4 STS final versionzenchi0
 
Oracle ADF Case Study
Oracle ADF Case StudyOracle ADF Case Study
Oracle ADF Case StudyJean-Marc Desvaux
 

Más contenido relacionado

Destacado

What is future of web with reference to html5 will it devalue current present...
What is future of web with reference to html5 will it devalue current present...What is future of web with reference to html5 will it devalue current present...
What is future of web with reference to html5 will it devalue current present...Shahzad
 
White Paper On ConCurrency For PCMS Application Architecture
White Paper On ConCurrency For PCMS Application ArchitectureWhite Paper On ConCurrency For PCMS Application Architecture
White Paper On ConCurrency For PCMS Application ArchitectureShahzad
 
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...Shahzad
 
Whitepaper To Study Filestream Option In Sql Server
Whitepaper To Study Filestream Option In Sql ServerWhitepaper To Study Filestream Option In Sql Server
Whitepaper To Study Filestream Option In Sql ServerShahzad
 
To Analyze Cargo Loading Optimization Algorithm
To Analyze Cargo Loading Optimization AlgorithmTo Analyze Cargo Loading Optimization Algorithm
To Analyze Cargo Loading Optimization AlgorithmShahzad
 
Cargo load planning & freight optimization
Cargo load planning & freight optimizationCargo load planning & freight optimization
Cargo load planning & freight optimizationPuneet Mishra
 

Destacado (6)

What is future of web with reference to html5 will it devalue current present...
What is future of web with reference to html5 will it devalue current present...What is future of web with reference to html5 will it devalue current present...
What is future of web with reference to html5 will it devalue current present...
 
White Paper On ConCurrency For PCMS Application Architecture
White Paper On ConCurrency For PCMS Application ArchitectureWhite Paper On ConCurrency For PCMS Application Architecture
White Paper On ConCurrency For PCMS Application Architecture
 
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
 
Whitepaper To Study Filestream Option In Sql Server
Whitepaper To Study Filestream Option In Sql ServerWhitepaper To Study Filestream Option In Sql Server
Whitepaper To Study Filestream Option In Sql Server
 
To Analyze Cargo Loading Optimization Algorithm
To Analyze Cargo Loading Optimization AlgorithmTo Analyze Cargo Loading Optimization Algorithm
To Analyze Cargo Loading Optimization Algorithm
 
Cargo load planning & freight optimization
Cargo load planning & freight optimizationCargo load planning & freight optimization
Cargo load planning & freight optimization
 

Similar a Srs sso-version-1.2-stable version-0

Srs sso-version-1.2-stable version
Srs sso-version-1.2-stable versionSrs sso-version-1.2-stable version
Srs sso-version-1.2-stable versionShahzad
 
802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for SeacoastSithideth Banavong
 
Software Requirement Specification For Smart Internet Cafe
Software Requirement Specification For Smart Internet CafeSoftware Requirement Specification For Smart Internet Cafe
Software Requirement Specification For Smart Internet CafeHari
 
Active directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfActive directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfsandeep updahayay
 
Active directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfActive directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfBilguun Ganbat
 
Group 4 STS final version
Group 4 STS final versionGroup 4 STS final version
Group 4 STS final versionzenchi0
 
Microsoft OCSP LUNA SA PCI Integration Guide
Microsoft OCSP LUNA SA PCI Integration GuideMicrosoft OCSP LUNA SA PCI Integration Guide
Microsoft OCSP LUNA SA PCI Integration GuideChris x-MS
 
SoftwareRequirements (1).doc
SoftwareRequirements (1).docSoftwareRequirements (1).doc
SoftwareRequirements (1).docMadihaKhalid43
 
Final Year Project (ISP),Project Demo
Final Year Project (ISP),Project DemoFinal Year Project (ISP),Project Demo
Final Year Project (ISP),Project DemoAbdul Aslam
 
In this assignment, you will propose a quality improvement initiat.docx
In this assignment, you will propose a quality improvement initiat.docxIn this assignment, you will propose a quality improvement initiat.docx
In this assignment, you will propose a quality improvement initiat.docxpauline234567
 

Similar a Srs sso-version-1.2-stable version-0 (20)

Srs sso-version-1.2-stable version
Srs sso-version-1.2-stable versionSrs sso-version-1.2-stable version
Srs sso-version-1.2-stable version
 
802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast
 
Software Requirement Specification For Smart Internet Cafe
Software Requirement Specification For Smart Internet CafeSoftware Requirement Specification For Smart Internet Cafe
Software Requirement Specification For Smart Internet Cafe
 
W4502140150
W4502140150W4502140150
W4502140150
 
Active directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfActive directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revf
 
Active directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revfActive directory rights_management_services_luna_sa_revf
Active directory rights_management_services_luna_sa_revf
 
Saas security
Saas securitySaas security
Saas security
 
Microservices
MicroservicesMicroservices
Microservices
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srs
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srs
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srs
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srs
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srs
 
Tc Management Srs
Tc Management SrsTc Management Srs
Tc Management Srs
 
Group 4 STS final version
Group 4 STS final versionGroup 4 STS final version
Group 4 STS final version
 
Oracle ADF Case Study
Oracle ADF Case StudyOracle ADF Case Study
Oracle ADF Case Study
 
Microsoft OCSP LUNA SA PCI Integration Guide
Microsoft OCSP LUNA SA PCI Integration GuideMicrosoft OCSP LUNA SA PCI Integration Guide
Microsoft OCSP LUNA SA PCI Integration Guide
 
SoftwareRequirements (1).doc
SoftwareRequirements (1).docSoftwareRequirements (1).doc
SoftwareRequirements (1).doc
 
Final Year Project (ISP),Project Demo
Final Year Project (ISP),Project DemoFinal Year Project (ISP),Project Demo
Final Year Project (ISP),Project Demo
 
In this assignment, you will propose a quality improvement initiat.docx
In this assignment, you will propose a quality improvement initiat.docxIn this assignment, you will propose a quality improvement initiat.docx
In this assignment, you will propose a quality improvement initiat.docx
 

Más de Shahzad

Exploration note - none windows based authentication for WCF
Exploration note - none windows based authentication for WCFExploration note - none windows based authentication for WCF
Exploration note - none windows based authentication for WCFShahzad
 
To study pcms pegasus erp cargo management system-release-7 from architectu...
To study pcms pegasus erp cargo management system-release-7 from architectu...To study pcms pegasus erp cargo management system-release-7 from architectu...
To study pcms pegasus erp cargo management system-release-7 from architectu...Shahzad
 
To study pcms pegasus erp cargo management system-release-6 from architectu...
To study pcms pegasus erp cargo management system-release-6 from architectu...To study pcms pegasus erp cargo management system-release-6 from architectu...
To study pcms pegasus erp cargo management system-release-6 from architectu...Shahzad
 
Pakistan management
Pakistan managementPakistan management
Pakistan managementShahzad
 
Corporate lessons
Corporate lessonsCorporate lessons
Corporate lessonsShahzad
 
Software architecture to analyze licensing needs for pcms- pegasus cargo ma...
Software architecture to analyze licensing needs for pcms- pegasus cargo ma...Software architecture to analyze licensing needs for pcms- pegasus cargo ma...
Software architecture to analyze licensing needs for pcms- pegasus cargo ma...Shahzad
 
A cross referenced whitepaper on cloud computing
A cross referenced whitepaper on cloud computingA cross referenced whitepaper on cloud computing
A cross referenced whitepaper on cloud computingShahzad
 
Software architecture case study - why and why not sql server replication
Software architecture case study - why and why not sql server replicationSoftware architecture case study - why and why not sql server replication
Software architecture case study - why and why not sql server replicationShahzad
 
Software Architecture New Features of Visual Studio 2010 / .Net 4.0 - Part 1...
Software Architecture New Features of Visual Studio 2010 / .Net 4.0 - Part 1...Software Architecture New Features of Visual Studio 2010 / .Net 4.0 - Part 1...
Software Architecture New Features of Visual Studio 2010 / .Net 4.0 - Part 1...Shahzad
 
From Windows Presentation Foundation To Silverlight
From Windows Presentation Foundation To SilverlightFrom Windows Presentation Foundation To Silverlight
From Windows Presentation Foundation To SilverlightShahzad
 
To Study The Tips Tricks Guidelines Related To Performance Tuning For N Hib...
To Study The Tips Tricks Guidelines Related To Performance Tuning For N Hib...To Study The Tips Tricks Guidelines Related To Performance Tuning For N Hib...
To Study The Tips Tricks Guidelines Related To Performance Tuning For N Hib...Shahzad
 
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...Shahzad
 
Case Study For Replication For PCMS
Case Study For Replication For PCMSCase Study For Replication For PCMS
Case Study For Replication For PCMSShahzad
 
Data Structure In C#
Data Structure In C#Data Structure In C#
Data Structure In C#Shahzad
 
Software Bugs A Software Architect Point Of View
Software Bugs A Software Architect Point Of ViewSoftware Bugs A Software Architect Point Of View
Software Bugs A Software Architect Point Of ViewShahzad
 
Design Pattern For C# Part 1
Design Pattern For C# Part 1Design Pattern For C# Part 1
Design Pattern For C# Part 1Shahzad
 
UML- Unified Modeling Language
UML- Unified Modeling LanguageUML- Unified Modeling Language
UML- Unified Modeling LanguageShahzad
 
Software Development The Agile Way
Software Development The Agile WaySoftware Development The Agile Way
Software Development The Agile WayShahzad
 
OR Mapping- nhibernate Presentation
OR Mapping- nhibernate PresentationOR Mapping- nhibernate Presentation
OR Mapping- nhibernate PresentationShahzad
 

Más de Shahzad (20)

Exploration note - none windows based authentication for WCF
Exploration note - none windows based authentication for WCFExploration note - none windows based authentication for WCF
Exploration note - none windows based authentication for WCF
 
To study pcms pegasus erp cargo management system-release-7 from architectu...
To study pcms pegasus erp cargo management system-release-7 from architectu...To study pcms pegasus erp cargo management system-release-7 from architectu...
To study pcms pegasus erp cargo management system-release-7 from architectu...
 
To study pcms pegasus erp cargo management system-release-6 from architectu...
To study pcms pegasus erp cargo management system-release-6 from architectu...To study pcms pegasus erp cargo management system-release-6 from architectu...
To study pcms pegasus erp cargo management system-release-6 from architectu...
 
Pakistan management
Pakistan managementPakistan management
Pakistan management
 
Corporate lessons
Corporate lessonsCorporate lessons
Corporate lessons
 
Software architecture to analyze licensing needs for pcms- pegasus cargo ma...
Software architecture to analyze licensing needs for pcms- pegasus cargo ma...Software architecture to analyze licensing needs for pcms- pegasus cargo ma...
Software architecture to analyze licensing needs for pcms- pegasus cargo ma...
 
A cross referenced whitepaper on cloud computing
A cross referenced whitepaper on cloud computingA cross referenced whitepaper on cloud computing
A cross referenced whitepaper on cloud computing
 
Software architecture case study - why and why not sql server replication
Software architecture case study - why and why not sql server replicationSoftware architecture case study - why and why not sql server replication
Software architecture case study - why and why not sql server replication
 
Software Architecture New Features of Visual Studio 2010 / .Net 4.0 - Part 1...
Software Architecture New Features of Visual Studio 2010 / .Net 4.0 - Part 1...Software Architecture New Features of Visual Studio 2010 / .Net 4.0 - Part 1...
Software Architecture New Features of Visual Studio 2010 / .Net 4.0 - Part 1...
 
From Windows Presentation Foundation To Silverlight
From Windows Presentation Foundation To SilverlightFrom Windows Presentation Foundation To Silverlight
From Windows Presentation Foundation To Silverlight
 
To Study The Tips Tricks Guidelines Related To Performance Tuning For N Hib...
To Study The Tips Tricks Guidelines Related To Performance Tuning For N Hib...To Study The Tips Tricks Guidelines Related To Performance Tuning For N Hib...
To Study The Tips Tricks Guidelines Related To Performance Tuning For N Hib...
 
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
To Study E T L ( Extract, Transform, Load) Tools Specially S Q L Server I...
 
Asp
AspAsp
Asp
 
Case Study For Replication For PCMS
Case Study For Replication For PCMSCase Study For Replication For PCMS
Case Study For Replication For PCMS
 
Data Structure In C#
Data Structure In C#Data Structure In C#
Data Structure In C#
 
Software Bugs A Software Architect Point Of View
Software Bugs A Software Architect Point Of ViewSoftware Bugs A Software Architect Point Of View
Software Bugs A Software Architect Point Of View
 
Design Pattern For C# Part 1
Design Pattern For C# Part 1Design Pattern For C# Part 1
Design Pattern For C# Part 1
 
UML- Unified Modeling Language
UML- Unified Modeling LanguageUML- Unified Modeling Language
UML- Unified Modeling Language
 
Software Development The Agile Way
Software Development The Agile WaySoftware Development The Agile Way
Software Development The Agile Way
 
OR Mapping- nhibernate Presentation
OR Mapping- nhibernate PresentationOR Mapping- nhibernate Presentation
OR Mapping- nhibernate Presentation
 

Srs sso-version-1.2-stable version-0

  • 1. Single Sign On/Federation via AD FS/WIF/SAML Software Requirements Specification Group Id: F1202FBFA8 (MC110403218) Supervisor Name: Sarfraz Ahmad Awan (sawan@vu.edu.pk)
  • 2. Revision History Date Version Description Author 11/2/1012 1.0 Initial Draft for all the basic elements MC110403218 of SRS document 11/5/2012 1.1 Added scope for project and MC110403218 Refined use cases. 11/5/2012 1.2 Labeled as version 1.2 send to MC110403218 Sarfraz Ahmad Awan as assignment no 1
  • 3. Contents Overview....................................................................................................................................3 Scope..........................................................................................................................................4 Software Requirement................................................................................................................5 User Case Diagram.....................................................................................................................6 Use case Explanation..................................................................................................................7 ..........................................................................................................................................9 Overview 1.1 Introduction Single Sign On (SSO) (also known as Enterprise Single Sign On or "ESSO") is the ability for a user to enter the same id and password to logon to multiple applications within an enterprise. As passwords are the least secure authentication mechanism, single sign on has now become known as reduced sign on (RSO) since more than one type of authentication mechanism is used according to enterprise risk models.
  • 4. 1.2 Competitor solution For details, please visit: http://en.wikipedia.org/wiki/List_of_single_sign-on_implementations 1.3 Implementation technologies Microsoft .Net Framework / C# WIF http://en.wikipedia.org/wiki/Windows_Identity_Foundation SAML http://en.wikipedia.org/wiki/SAML_2.0 WS-Trust http://en.wikipedia.org/wiki/WS-Trust WS-Security http://en.wikipedia.org/wiki/WS-Security Scope 1.4 Architecture Scope Options 1.4.1 Implementation via Federation Server for SSO Federation server can be implemented to handle federation mechanism for SSO. It would be best laid architecture. But can be out of scope for current course. A POC will be done to make sure that the current scope is properly under stood. Scope can be dependent on design phase of the project.
  • 5. 1.4.2 Development of STS Service for SSO AD FS will act as STS Service. Scope for AD FS can be dependent on design phase of the project. 1.4.3 Identity Providers to cover for SSO Currently Active directory is primary scope as Identity provider. 1.4.4 Service Providers to cover for SSO ASP .Net business applications like HR application will act as service provider for current implementation. 1.4.5 OS scope for SSO Current project will only cover Windows Server 2012 as testing and development environment for Server operating system. Current project will only cover Windows 8 as testing and development environment for client operation system. 1.4.6 SAML Implementation Scope Windows Identity Foundation have SAML 2.0 implementation as extension as explained in http://connect.microsoft.com/site1168/Downloads/DownloadDetails.aspx? DownloadID=36088 This will be current scope of SAML 2.0 implementation. Software Requirement 1.5 Functional Software Requirement 1.5.1 Transparent SSO For end user there should not be any visual indicator that user is moving from one application to another. Means for end user it should be transparent SSO. 1.5.2 Source and destination Source and destination Provider should be configurable. 1.5.3 Administrator Console • There should not be any hard coding for entities evolved in solution like Identity provider or Service Provider. • STS Service should not be hard coded; there must an interface to change URL for STS Service. • Service accounts for solution must be configurable via UI interface.
  • 6. 1.6 Non-Functional Software Requirement 1.6.1 Performance Requirements SSO must be performed with no delays. Robust redirection should be provided from source to destination. 1.6.2 Security Requirements The security requirements to be met by an implementation of SSO are: • SSO shall not adversely affect the resilience of the system within which it is deployed. • SSO shall not adversely impact the availability of any individual system service. • An SSO implementation shall audit all security relevant events which occur within the context of the XSSO. • An SSO implementation shall protect all security relevant information supplied to or generated by the XSSO implementation such that other services may adequately trust the integrity and origin of all security information provided to them as part of a secondary sign-on operation. • The SSO shall provide protection to security relevant information when exchanged between its own constituent components and between those components and other services. User Case Diagram
  • 7. Use case Explanation Explanation for only primary use cases (Those mainly used by actors) is written below. 1.7 Use Case Id 00001 Use Case Title Configure SSO Provider Abbreviated Title C_SSO_Provider Use Case Id 00001 Requirement Id 3.1.2 , 3.1.3 Description: It is administrative task and will be performed by SSO Admin Pre Conditions: Solution is properly installed. STS Service is already installed. Task Sequence Exceptions 1. Open MMC for SSO 2. Identify the Source or destination - type of provider to configure. 3. Provide configuration like URL or other related info. Some provider might not have URL 4. Provide Service account info for configuration like user name and Some provider might password give anonymous access. . Post Conditions: Provider is tested and returns positive response to SSO admin. Unresolved issues: Authority: Shahzad Sarwar Modification history: Initial Draft Author: Shahzad Sarwar Description: Needs review by Course Supervisor : Sarfraz Ahmad Awan 1.8 Use Case Id 00002 Use Case Title Configure Identity Privder Abbreviated Title C_I_Privder Use Case Id 00002 Requirement Id 3.1.2 , 3.1.3 Description: It is administrative task and will be performed by SSO Admin Pre Conditions: Solution is properly installed. STS Service is already installed. Identify Provider is reachable. Task Sequence Exceptions
  • 8. 1.6 Non-Functional Software Requirement 1.6.1 Performance Requirements SSO must be performed with no delays. Robust redirection should be provided from source to destination. 1.6.2 Security Requirements The security requirements to be met by an implementation of SSO are: • SSO shall not adversely affect the resilience of the system within which it is deployed. • SSO shall not adversely impact the availability of any individual system service. • An SSO implementation shall audit all security relevant events which occur within the context of the XSSO. • An SSO implementation shall protect all security relevant information supplied to or generated by the XSSO implementation such that other services may adequately trust the integrity and origin of all security information provided to them as part of a secondary sign-on operation. • The SSO shall provide protection to security relevant information when exchanged between its own constituent components and between those components and other services. User Case Diagram