CISSP - SSO, Kerberos, SAML, OAuth, and OpenID Connect
Watch on YouTube CISSP Domain 5 single sign-on and federation deep dive: Kerberos architecture (KDC, AS, TGS, TGT), step-by-step Kerberos authentication flow, SAML 2.0 assertions and federation flows, OAuth 2.0 authorization framework, OpenID Connect authentication layer, and the SolarWinds Golden SAML attack. Part of the complete CISSP study playlist.
▶ Watch next: CISSP - Access Control Implementation: ACLs, PAM, and JIT [5.5] https://www.youtube.com/watch?v=SD3Iy0MEIqE
Chapters
- 0:00 SSO Architectures -- The Single Sign-On Landscape
- 3:00 Kerberos -- Tickets, Realms, and the KDC
- 5:32 Kerberos Authentication Flow Step by Step
- 7:49 SAML 2.0 -- XML-Based Federation
- 10:19 OAuth 2.0 -- Authorization Not Authentication
- 12:53 OpenID Connect -- Authentication on Top of OAuth
- 15:42 Golden SAML -- The SolarWinds SAML Attack
- 18:21 SSO and Federation Exam Anchor
- 20:51 Quiz Time
CISSP Domain 5 single sign-on and federation deep dive: Kerberos architecture (KDC, AS, TGS, TGT), step-by-step Kerberos authentication flow, SAML 2.
Key Topics
- SSO Architectures -- The Single Sign-On Landscape
- Kerberos -- Tickets, Realms, and the KDC
- Kerberos Authentication Flow Step by Step
- SAML 2.0 -- XML-Based Federation
- OAuth 2.0 -- Authorization Not Authentication
- OpenID Connect -- Authentication on Top of OAuth
- Golden SAML -- The SolarWinds SAML Attack
- SSO and Federation Exam Anchor