Dashboard > Project: People Picker > ... > People Picker > Security Overview

View Info

Security Overview

Security is clearly a major concern for institutions involved in shibbolised federations. People Picker attacks this on four fronts:

  • ARPS are enforced. If an idp or a user blocks an attribute it will not leave the idp via people picker.
  • Released data is encrypted.
  • Only approved clients are able to connect to People Picker and they must be shibbolised. This ensures that only federation members can use the search in the first place.
  • Each idp has a per-search limit set that prevents harvesting (just in case someone with access to the federation is so inclined).

On top of this:

  • idp administrators can turn off people picker support
  • idp administrators can restrict the attributes released to people picker.
  • people picker appears as an sp, allowing idp administrators and users to create special people picker release policies.

It is not possible for sensitive data to leak out of an idp in any way, shape or form and data that is released (because the idp administrator and the user have allowed it) cannot be intercepted while traveling over the internet.

If you are interested in the full details of how we secure people picker, head over for technical details



Browse Space
- Pages
- Labels
- Attachments
- Mail
- News
- Advanced

Explore Confluence
- Popular Labels
- Notation Guide

Your Account
Log In

 

Other Features

View a printable version of the current page.

Add Content

Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.4.3 Build:#705 Mar 21, 2007)
Bug/feature request - Contact Administrators