Why is it important to sign SAML Assertions? Why is it not important to sign OAuth Access Tokens?

What will be an ideal response?


SAML
Assertions
contain
information
about
a
user
or
system,
with
an
access
control
decision
being
made
based
on
that
information.
A
modified
SAML
Assertion
can
therefore
result
in
a
change
in
access;
requiring
a
valid
signature
mitigates
this
possibility.
OAuth
Access
Tokens
are
essentially
keys
that
need
to
be
protected
from
disclosure.
Modifying
OAuth
Access
Tokens
accomplishes
nothing,
so
signatures
are
unnecessary.

Computer Science & Information Technology

You might also like to view...

What must a developer establish in order to support long-term configuration management?

Fill in the blank(s) with the appropriate word(s).

Computer Science & Information Technology

The DBMS works directly with the data and sends the results of operations back to the ____________.

a. application b. data c. DBMS d. CPU

Computer Science & Information Technology

What are the unique characteristics of cleanroom software engineering techniques?

What will be an ideal response?

Computer Science & Information Technology

When using an insertion sort, each list element is examined one at a time and moved down if the tested element should be inserted before them.

Answer the following statement true (T) or false (F)

Computer Science & Information Technology