Security Alert: SAML Single Sign-On is Vulnerable to Any SAML Implementation Method
Security Alert: SAML Single Sign-On Is Vulnerable to any SAML implementation method. In the world of SAML it is possible to implement a traditional Single Sign-On solution but, in reality, there is nothing that could stop the authenticated users from doing so. This means that anyone could sign on as any other user but nothing would stop the authenticated user from logging on. The same was true in the old days, at least in terms of the authentication protocol that was used.
To fix this problem, you have to change the SAML account model. This will ensure that the authenticated user is not actually the one that does the authentication because once they log on, they will be able to operate within the network as though they were a non-authenticated user.
The solution to this problem would be to move the user log-on from the physical server, the database or the web-interface, to the SAML interface, which is outside the network. This means that the users, who previously had to have physical access to the physical server or database, will now be able to log on, have access to the network and could use any of the SAML methods that they prefer to use.
So why do we have the same problem on the web in physical servers and in the internet as well? This is because there is no certification or identity management for network transactions. You would have to trust the underlying network vendor to have a secure environment and they usually do not.
The problem is that these networks cannot verify, by means of a credential, whether the user is legitimate or not and they cannot check, by means of a password, that the user is the one who would do a certain action or would have the authorization to do a certain action. It would also be a hassle to go through each of the users in order to determine whether they really are the one who would be authorized to do what they are supposed to do.
This is what makes the old models of Single Sign-On vulnerable to attack and inauthentic because any network administrator could still log on from the physical servers as anyone else and have all the rights that they are allowed to have. As long as the network administrator has a physical computer and a network token, he or she will be able to log on and operate as many services as he or she wanted and without any identification required to do so. The only thing that can stop him or her is a good security posture, so that the administrator is not capable of compromising the security of the network or the infrastructure.
So what would the real world scenario be? The only answer would be that the network would be encrypted, as it was in the old days, which would mean that there would not be a way to enter the network without the consent of the administrator, otherwise the network would be vulnerable to a lot of attacks.