What is federation?

Federation Networks

We have quite a few articles that discuss different aspects of federation. We’ve provided you with the basic information, talked about the differences between an older protocol (SAML) and the new(er) kid on the block (OAuth), and introduced you to … Read More

Ubisecure New Employee: Sami Lindgren

We are growing and as a result we have many new employees who have started working here at Ubisecure. This is a blog series that will showcase our new superstars and get u a change to know them. They have … Read More

IAM and Industrial Internet – Strong device identities

When it comes to IoT, it is paramount to distinguish between authentication and authorisation. Typically, there are long discussions centred around device identities – authentication – while managing their access rights waved by one sentence such as “the portal will … Read More

Cyber Security Month 2017

October was the global cyber security month 2017. Looking back, it seems that it should’ve been named cyber insecurity month. For some reason it felt like October provided bad infosec news on a daily basis. On one particular Monday I … Read More

Ubisecure SSO is not affected by Tomcat vulnerability CVE-2017-12617.

CVE-2017-12617, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617, the vulnerability affects only if: Tomcat is configured in readonly=false mode. This requires a specific setting in conf/web.xml to be set, which Ubisecure SSO does not do. WebDAV servlet is used and is configured in readonly=false mode. Ubisecure … Read More