See alsophishing
SQL injection, 26
SSIDs (site-speci?¬?c IDs), 195,
298-299
SSL (secure sockets layer)
client authentication, 62-65
EV (Extended Validation) SSL
certi?¬?cates, 209, 271,
276, 341
SSNs (Social Security Numbers),
28, 98, 317-318
SSO (single sign on), 77-78
STS (Security Token Service), 324
bene?¬?ts, 325-327
nonauditing STS, 340
style sheets, 281-282
subjects, 117-118
supported claim type list
(Managed Cards), 202
supported token type list
(Managed Cards), 202
symmetrical key cryptography,
38-39
synchronizing servers, 275
system requirements
(CardSpace), 176
T
tags, 174
TCP/IP, 113
TGS (ticket granting
service), 73-74
thumbprints, 43
ticket granting service
(TGS), 73-74
tickets (Kerberos), 72
time expires (Managed
Cards), 200
time issued (Managed
Cards), 200
TokenProcessor page
(CardSpace), 174-175
tokens
browser tokens, getting from
CardSpace, 267
CardSpace Token Processor
page, 174-175
decryption, 240
WCF (Windows
Communication
Foundation), 258-259
in websites, 238
display tokens, 338
hard tokens, 65-69
integrity check, 238, 241
issued token-based
authentication
de?¬?nition, 70
Kerberos, 72-76
overview, 69-71
SAML (Security
Assertion Markup
Language), 76-79
migration issues, 320
requesting in multiplayer
games, 264-267
retrieval of claim values,
238, 242-243
RST (Request for Security
Token), 150
token pro?¬?les, 148
validation
WCF (Windows
Communication
Foundation), 260
in websites, 238, 241-242
TokenType property (Information
Card browser extension),
230-231
training users to look
for Information Card
sign-in, 285
transporting credentials,
79-84
Trojan horses, 8
trust
brokered trust, 134-136, 161
overview, 38, 115-116
trust boundaries, crossing,
324-325
Trust Exchange errors, 236
trusted interactions, 181-184
WS-Trust, 149-153
U
unidirectional identity, 102
UniqueIDs, 277
unknown cards, handling,
286-287
Unsupported Error, 237
Untrusted Recipient errors, 236
user acceptance of online
services, 91
user authentication.
Pages:
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496