Category:Attack Categorisation By Attacker Model and Category:Attack Categorisation By Attacker Model: Message generation attacks: Difference between pages

From Single Sign-On Attacks
(Difference between pages)
Jump to navigation Jump to search
No edit summary
 
No edit summary
 
Line 1: Line 1:
This page lists three different attacker models. Each attacker type has different capabilities.
The messages can contain no secret information and any publicly avialable data. To carry them out, one uses only publicly available information as well as SAML elements ''Identity (I)'', ''Freshness (F)'' and ''Destination (D)''. The attacker uses  his own key material for generation of tokens.
All of attacker models do not require the attacker to control the network communication.
 
*Message Generation
[[File:MA1.jpg]]
*Access to Valid Token
 
*Web attacker
==Part of main category:==
<br>
*[[:Category:Attack_Categorisation_By_Attacker_Model]]
[[Category:Attack_Categorisation_By_Attacker_Model]]

Revision as of 19:23, 24 November 2015

The messages can contain no secret information and any publicly avialable data. To carry them out, one uses only publicly available information as well as SAML elements Identity (I), Freshness (F) and Destination (D). The attacker uses his own key material for generation of tokens.

File:MA1.jpg

Part of main category: