Chapter 6. Implementing Security as a Service
8.1. Security as a service
8.1.1. Is a security service technically feasible?
8.1.2. Standards for implementing security as a service
8.2. Analyzing possible uses of a security service
8.2.1. Use case 1: Destination endpoint invokes security service out-of-band
8.2.2. Use case 2: Source endpoint invokes security service out-of-band
8.2.3. Use case 3: Both endpoints invoke security service out-of-band
8.2.4. Use case 4: Security service as an explicit intermediary
8.2.5. Use case 5: Security service as an implicit intermediary
8.3. Conveying the findings of a security service: SAML
8.3.1. SAML assertion basics
8.3.2. AuthenticationStatement: Asserting authentication results
8.3.3. AttributeStatement: Asserting user attributes
8.3.4. AuthorizationDecisionStatement: Asserting authorization decisions
8.4. Example implementation using OpenSAML
8.4.1. Client-side implementation
8.4.2. Security service implementation
8.4.3. Server-side implementation
8.5. Standards for security service interfaces
Suggestions for further reading