By Prabath Siriwardena, WSO2
|
|
- Beverly Briggs
- 6 years ago
- Views:
Transcription
1 By Prabath Siriwardena, WSO2
2 Why OpenID???
3 Too many passwords
4 Duplicated profiles everywhere
5 Oops..!!! My favorite user name GONE!!!
6 Why OpenID???
7 OpenID solves them all!!!
8 Single user name/password
9 Single user profile
10 Claim your URL as your user name
11 What is OpenID???
12 OpenID is a URL or an XRI
13
14
15 =prabath
16 Who gives me an OpenID???
17 OpenID Providers [OP] issue OpenIDs and maintain user profiles
18
19
20
21 Who accepts my OpenID???
22 Any web site can accept OpenIDs for sign in
23 13,196 unique web sites seen by myopenid.com to accept OpenID, by May 2008
24
25
26
27 With OpenID we simply maintain a single user name/password pair..
28
29
30
31
32
33
34
35 With OpenID we authenticate once at the OP and sign in to rest of the OpenID relying party web sites.
36 That is Single Sign On
37 OpenID facilitates decentralized single sign on
38 What is decentralized???
39 NOT - centralized
40 No central server or authority
41 Remember Microsoft Passport : That is centralized there is a central server
42 With OpenID any body can be an OpenID Provider
43 Once again What is OpenID???
44 OpenID is a URL or an XRI which facilitates decentralized single sign on
45 I enter my OpenID at the RP how come the RP knows who is my OpenID Provider???
46 The process of getting to know about the corresponding OpenID Provider from a given OpenID is known as Discovery.
47 Just type your OpenID on the browser
48
49 BUT that is not what we wanted just view source
50 <link rel="openid.server" href=" /> <link rel="openid2.provider" href=" />
51 Why there are two tags pointing to the same OpenID Provider URL???
52 openid.server OpenID 1.1 openid2.provider OpenID 2.0
53 This form of discovery is know as HTML Based Discovery
54 What is HTML Based Discovery???
55 Under HTML-Based discovery, an HTML document MUST be available at the URL of the Claimed Identifier and RP retrieves the document with an HTTP GET
56 Within the HEAD element of the document a LINK element MUST be included with attributes "rel" set to "openid2.provider" and "href" set to an OP Endpoint URL
57 That is what we noticed earlier.
58 Any other forms of Discovery other than HTML- Based???
59 XRDS-Based discovery [will be covered later ]
60 My OpenID is BUT I do NOT own that URL it s under the control of myopenid not mine
61 This type of Identifiers are known as OP-Local Identifiers
62 What is an OP-Local Identifier???
63 An alternate Identifier for an end user that is local to a particular OP and thus not necessarily under the end user's control.
64 Can I use my own URL as my OpenID???
65 Of course you can and that is known as the Claimed Identifier
66 What is a Claimed Identifier???
67 An Identifier that the end user claims to own
68 I own a URL but I am not an OpenID Provider can I still use my URL as my OpenID???
69 YES you can
70 Say, the URL I own or my claimed identifier is
71 I also have an account with myopenid and my OP Local identifier is
72 I can use my claimed identifier as my OpenID by delegating the OpenID Provider functionality to myopenid
73 <link href=' rel='openid2.provider openid.server'/> <link href='" rel='openid2.local_id openid.delegate'/>
74 With this approach we never limited to a single OpenID Provider.
75 If we lost faith on the OpenID Provider we can move to another but, still keeping the original OpenID
76 I have maintain a single user name/password pair for all my relying party web sites will OpenID make a difference for me???
77 Of course in two ways.
78 Even you have the same user name/password for all the relying party web sites still you need to maintain your profile data in different places.
79 Also, what if you lose your password? You will lose access to all your relying party web sites.
80 But, isn t it the case under OpenID as well. If you lose your password to the OpenID Provider you lose access to all relying party web sites depend on the OpenID.
81 No it s not.
82 With OpenID if it is a claimed identifier - you never lose your password.
83 I own a URL and I use it as my OpenID Claimed Identifier. What if I could not renew my domain name???? Now somebody else owns it..
84 You own an OpenID until you can claim the ownership of the URL behind it
85 You lose the ownership of the URL you lose your OpenID as well
86 BUT
87 XRI based OpenIDs solve this issue
88 You never lose the ownership of the i- number behind an XRI so, you never lose your XRI based OpenID
89 What is an XRI??? What is an i-number???
90 extensible Resource Identifier
91 A Global Unique Identifier [just as Domain Names]
92 URL, Phone Number, are concrete identifiers
93 XRI is an abstract identifier
94 Concrete identifiers represent actual resources in a network
95 Abstract identifiers are used to find concrete identifiers
96 XRI is an abstract identifier which can be mapped to concrete identifiers [e.g.: URL, ]
97 XRI syntax defines two forms of XRIs
98 i-names and i-numbers
99 i-names are human-friendly identifiers
100 =prabath
101 i-numbers are typically machinefriendly identifiers
102 =!BFC9.75B7.9B2.11C4
103 i-names, are intended to be reassignable identifiers just like domain names
104 i-numbers are intended to be persistent
105 If your OpenID is your i-number you never lose it
106 How an OpenID RP discovers an XRI based OpenID???
107 XRDS based discovery [which we did not cover earlier]
108 HTML based discovery returns an HTML page [discussed earlier]
109 XRDS based discovery returns an XRDS document
110 extensible Resource Descriptor Sequence
111 <?xml version="1.0" encoding="utf-8"?> <xrds:xrds xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0) xmlns:openid=" <XRD ref="xri://=example"> <!-- service section --> <!-- XRI resolution service --> <Service> </Service> <!-- OpenID 2.0 login service --> <Service priority="10"> </Service> <!-- OpenID 1.1 login service --> <Service priority="20"> </Service> </XRD>
112 XRDS based discovery NOT just for XRI based OpenIDs
113 XRDS based discovery can also be used for URL based OpenID discovery
114 If an URL XRDS based discovery will use Yadis protocol for discovery
115 If an XRI XRDS based discovery will use XRI resolution
116 A given XRDS document can define multiple services
117 <!-- XRI resolution service --> <Service> <ProviderID>xri://=! F83.62B1.44F.2813</ProviderID> <Type>xri://$res*auth*($v*2.0)</Type> <MediaType>application/xrds+xml</MediaType > <URI priority= 10 > > <URI priority= 15 > >
118 <!-- OpenID 2.0 login service --> <Service priority="10"> <Type> on</type> <URI> server</uri> <LocalID> ocalid> </Service>
119 <!-- OpenID 1.0 login service --> <Service priority="20"> <Type> <URI> ml</uri> <openid:delegate> </openid:delegate> </Service>
120 What attributes can my RP get from the OpenID Provider???
121 Under OpenID; attribute flow is defined under two main extensions
122 OpenID Simple Attribute Registration [SReg]
123 OpenID Attribute Exchange [Ax]
124 OpenID Simple Registration allows for very light-weight profile exchange
125 It is designed to pass nine commonly requested pieces of information when an End User goes to register a new account with a web service
126 RP can request the required/optional attributes from the OP with the Authentication request
127 nickname, , fullname, dob, gender, postcode, country, language, timezone
128 OpenID Attribute Exchange is for exchanging identity information between endpoints
129 Not limited for a predefined set of attributes
130 With AX : not just fetch attributes from the OP but also can store attributes at the OP
131 Ax defines messages for retrieval [fetch] and storage [store] of identity information
132 fetch : retrieves attribute information from an OpenID Provider
133 store : saves or updates attribute information on the OpenID Provider
134 Both messages are originated from the RP as an indirect message
135 Under Ax each attribute is identified by an URI
136 There are two popular schemas which define subject identifiers to attributes
137 &
138 Under the attribute is identified as mail
139 Under the attribute is identified as
140 myopenid.com supports
141 RP can request the required/optional attributes from the OP with the Authentication request
142 [Demo]: Attribute flow with WSO2 OpenID Demo RP
143 Why Yahoo does NOT trust my RP while all the other OpenID Providers???
144 This web site has not confirmed it s identity with Yahoo! and might be fraudulent. Do not share any personal information with this website unless you certain it is legitimate.
145 Yahoo supports OpenID 2 and it does OpenID Relying Party Discovery
146 With OpenID RP Discovery, RPs should publish their valid return_to URLs in an XRDS document.
147 To get rid of Yahoo! warning the RP needs to publish this XRDS at the return_to URL.
148 RP discovery also allows any software agent to discover sites that support OpenID
149 Am I correct to say that OpenID is a phishing heaven???
150 Not really!!!
151 OpenID does NOT address the problem of phishing
152 To the same extent any of the web sites are exposed to phishing OpenID too exposed to phishing.
153 There are many approaches taken individually by OpenID Providers to protect their users against phishing.
154 Yahoo Sign In Seal
155
156 SeatBelt plugin for Firefox
157
158
159 Information Card based login
160
161
162 Login to OpenID Provider with a bookmark
163
164 Can OpenID RPs request OpenID Providers to authenticate users in a phishing resistant manner???
165 YES they can
166 OpenID Provider Authentication Policy Extension [PAPE]
167 [Demo]: PAPE demo with WSO2 OpenID Demo RP
168 How strong OpenID against Man-inthe-Middle attacks???
169 This requires explaining what OpenID Association is
170 A given OpenID relying party can be either Dumb or Smart
171 Smart relying parties maintain a shared secret key with the OpenID Provider while Dumb relying parties maintain no state
172 We talk about OpenID Associations only for Smart RPs
173 OpenID Association takes place just after Discovery and establishes Shared Secret Key between OpenID Relying Party and the OpenID Provider
174 OpenID uses Diffie-Hellman keyexchange to establish the shared secret
175 Diffie-Hellman key-exchange allows two parties to jointly establish a shared secret key over an insecure communications channel
176 Shared Secret Key is used to sign subsequent messages exchanged in between OpenID Relying Party and the OpenID Provider
177 OpenID Association is a direct communication between OpenID Provider and the RP
178 Under OpenID, HTTP POST is used for all Direct Communications
179 Still we have NOT answered the original question
180 How strong OpenID against Man-inthe-Middle attacks???
181 Associations prevent tampering of signed fields by a man in the middle except during discovery, association sessions
182 BUT if DNS resolution or the transport layer is compromised; signatures on messages are not adequate
183 How do we handle Man-in-the-Middle attacks for discovery and association sessions???
184 One solution is to build a white-list of OpenID Providers and maintain their public key certificates at the RP end
185 RP performs an XRDS-based discovery and OP returns a digitally signed XRDS document
186 RP verifies the signature
187 ALSO
188 During an Association OP can sign the field assoc_handle by it s private key and RP verifies it once received
189 How good OpenID at handling DoS attacks???
190 Within the protocol there are places where a rogue RP could launch a denial of service attack against an OP
191 This can be done by the RP repeatedly requesting associations, authentication, or verification of a signature
192 There is nothing in OpenID protocol messages that allows the OP to quickly check that it is a genuine request
193 White-listing RPs is not a good solution
194 OpenID Providers can easily use generic IP based rate-limiting and banning techniques to help combat these sorts of attacks and black list RPs
195 It s hard to remember a whole URL as an OpenID???
196 [ Source : l ]
197
198
199 Finally.
200 The complete OpenID Protocol flow
201 The end user initiates authentication (Initiation) by presenting a User- Supplied Identifier to the Relying Party via their User-Agent
202 The Relying Party performs discovery (Discovery) on the identifier and establishes the OP Endpoint URL that the end user uses for authentication
203 Association request Association response (optional) The Relying Party and the OP establish an association (Establishing Associations)
204 The OP uses an association to sign subsequent messages and the Relying Party to verify those messages
205 The Relying Party redirects the end user's User-Agent to the OP with an OpenID Authentication request (Requesting Authentication)
206 authenticate End user authenticates to the OP
207 The OP redirects the end user's User- Agent back to the Relying Party with either an assertion that authentication is approved (Positive Assertions) or a message that authentication failed (Negative Assertions).
208 The Relying Party verifies (Verifying Assertions) the information received from the OP
209 Useful Links OpenID mailing list : 7. AxShema mail group: 8. Blogs: 9. My blog: 10.WSO2 Identity Solution download page: 11.WSO2 OpenID Demo OP : 12.WSO2 OpenID Demo RP :
210 Next Webinar. On 17 th June Introducing WSO2 ESB 1.7 Now open for registration
211 Questions you! Thank
Implementing OpenID for Your Social Networking Web Site
Implementing OpenID for Your Social Networking Web Site By David Keener http://www.keenertech.com Introduction Social networking sites are communities Communities consist of people Getting people to join
More informationOpenID. Mark Heiges Center for Tropical and Emerging Global Diseases
OpenID Mark Heiges Center for Tropical and Emerging Global Diseases mheiges@uga.edu Agenda what is an OpenID how OpenID works demos developer perspeccve the dark side TradiConal Sign Up, Sign On Register
More informationThe implications of. Simon Willison Google Tech Talk, 25th June 2007
The implications of Simon Willison Google Tech Talk, 25th June 2007 Who here has used OpenID? Who uses it regularly? What is OpenID? OpenID is a decentralised mechanism for Single Sign On What problems
More informationRECENT ADVANCES in E-ACTIVITIES, INFORMATION SECURITY and PRIVACY. Hierarchy OpenID
Hierarchy OpenID DONGHWI SHIN, INKYUN JEON, HYUNCHEOL JEONG Security Technology Team Korea Internet and Security Agency IT Venture Tower, Jungdaero 135, Songpa, Seoul Korea shindh@kisa.or.kr, ikjeun@kisa.or.kr,
More informationConfiguring a Secure Access etrust SiteMinder Server Instance (NSM Procedure)
Configuring a Secure Access etrust SiteMinder Server Instance (NSM Procedure) Within the Secure Access device, a SiteMinder instance is a set of configuration settings that defines how the Secure Access
More informationHow to Integrate CA SiteMinder with the Barracuda Web Application Firewall
How to Integrate CA SiteMinder with the Barracuda Web Application Firewall Overview CA/Netegrity SiteMinder provides an infrastructure for centralized and secure policy management of websites. It uniquely
More informationRelying Party User Interface Recommendations
1 OpenID Provider Action Buttons 1 of 6 1.3 OpenID Provider Login Popup You re logging into EXAMPL with your 1.1 Standard Register/Login call to action in navigation 1.2 Login form with button array 1.4
More informationDell EMC Unisphere 360
Dell EMC Unisphere 360 Version 9.0.1 Installation Guide REV 02 Copyright 2014-2018 Dell Inc. or its subsidiaries. All rights reserved. Published October 2018 Dell believes the information in this publication
More informationELOQUA INTEGRATION GUIDE
ELOQUA INTEGRATION GUIDE VERSION 2.2 APRIL 2016 DOCUMENT PURPOSE This purpose of this document is to guide clients through the process of integrating Eloqua and the WorkCast Platform and to explain the
More informationNew Distribution Capability (NDC)
Together Let s Build Airline Retailing Accountable Document Validated official document (such as any type of an airline ticket, or a Standard Traffic Document (STD) or payment voucher) that has a value
More informationMARKETO INTEGRATION GUIDE
MARKETO INTEGRATION GUIDE VERSION 1.2 JANUARY 2016 DOCUMENT PURPOSE This purpose of this document is to guide clients through the process of integrating Marketo and the WorkCast Platform. DOCUMENT CONTROL
More informationOTP SERVER NETEGRITY SITEMINDER 6. Rev 1.0 INTEGRATION MODULE. Copyright, NordicEdge, 2005 O T P S E R V E R I N T E G R A T I O N M O D U L E
OTP SERVER INTEGRATION MODULE NETEGRITY SITEMINDER 6 Copyright, NordicEdge, 2005 www.nordicedge.se Copyright, 2005, NordicEdge AB Page 1 of 11 1 Introduction 1.1 OTP Server Overview Nordic Edge OTP Server
More informationIntroduction to OpenID Connect. October 23, 2018 Michael B. Jones Identity Standards Architect Microsoft
Introduction to OpenID Connect October 23, 2018 Michael B. Jones Identity Standards Architect Microsoft Working Together OpenID Connect What is OpenID Connect? Simple identity layer on top of OAuth 2.0
More informationSecurity Analysis of OpenID
Security Analysis of OpenID Pavol Sovis, Florian Kohlar, Joerg Schwenk {vorname.nachname}@rub.de Ruhr-University Bochum Bochum, Germany Abstract: OpenID is a user-centric and decentralized Single Sign-On
More informationInstallation Guide. Unisphere Central. Installation. Release number REV 07. October, 2015
Unisphere Central Release number 4.0 Installation 300-013-602 REV 07 October, 2015 Introduction... 2 Environment and system requirements... 2 Network planning...4 Download Unisphere Central...6 Deploy
More informationEMC Unisphere 360 for VMAX
EMC Unisphere 360 for VMAX Version 8.4.0 Installation Guide REV 01 Copyright 2014-2017 EMC Corporation All rights reserved. Published May 2017 Dell believes the information in this publication is accurate
More informationEMC Unisphere 360 for VMAX
EMC Unisphere 360 for VMAX Version 8.4.0 Online Help (PDF version) Copyright 2016-2017 EMC Corporation All rights reserved. Published May 2017 Dell believes the information in this publication is accurate
More informationUSER GUIDE Cruises Section
USER GUIDE Cruises Section CONTENTS 1. WELCOME.... CRUISE RESERVATION SYSTEM... 4.1 Quotes and availability searches... 4.1.1 Search Page... 5.1. Search Results Page and Cruise Selection... 6.1. Modifying
More informationmyldtravel USER GUIDE
myldtravel USER GUIDE Rev #2 Page 2 of 37 Table of Contents 1. First-Time Login... 4 2. Introduction to the myldtravel Application... 7 3. Creating a Listing... 8 3.1 Traveller Selection... 9 3.2 Flight
More informationEMC Unisphere 360 for VMAX
EMC Unisphere 360 for VMAX Version 8.3.0 Installation Guide REV 01 Copyright 2014-2016 EMC Corporation. All rights reserved. Published in the USA. Published September 2016 EMC believes the information
More informationIntegrating CA (formerly Netegrity) SiteMinder 6.0 with IBM Lotus Connections 2.0
Integrating CA (formerly Netegrity) SiteMinder 6.0 with IBM Lotus Connections 2.0 Xin BJ Xu IBM Software Group, WPLC Beijing, China Xiao Feng Yu IBM Software Group, WPLC Staff Software Engineer Shanghai,
More informationAPI Gateway Version September Authentication and Authorization Integration Guide
API Gateway Version 7.5.2 15 September 2017 Authentication and Authorization Integration Guide Copyright 2017 Axway All rights reserved. This documentation describes the following Axway software: Axway
More informationWishlist Auto Registration Manual
Wishlist Auto Registration Manual Table of Contents Use the quick navigation links below to navigate through the manual: Introduction to Wishlist Auto Registration Complete Activation Process Summary in
More informationARINC Project Initiation/Modification (APIM)
Project Initiation/Modification proposal for the AEEC Date Proposed: June 14, 2016 ARINC Project Initiation/Modification (APIM) 1.0 Name of Proposed Project APIM 16-015 eenabled Aircraft Ground Systems
More informationSupports full integration with Apollo, Galileo and Worldspan GDS.
FEATURES GENERAL Web-based Solution ALL TRAVELPORT GDS Supports full integration with Apollo, Galileo and Worldspan GDS. GRAPHICAL INTUITIVE WEB EXPERIENCE Intuitive web experience for both GDS expert
More informationFederated Shibboleth, OpenID, oauth, and Multifactor
Federated Shibboleth, OpenID, oauth, and Multifactor Russell Beall Senior Programmer/Analyst University of Southern California beall@usc.edu Federated Shibboleth, OpenID, oauth, and Multifactor 1 University
More informationBaggage Reconciliation System
Product Description PD-TS-105 Issue 1.0 Date January 2015 The purpose of this product description is to enable the customer to satisfy himself as to whether or not the product or service would be suitable
More informationVideo Media Center - VMC 1000 Getting Started Guide
Video Media Center - VMC 1000 Getting Started Guide Video Media Center - VMC 1000 Getting Started Guide Trademark Information Polycom, the Polycom logo design, Video Media Center, and RSS 2000 are registered
More informationINTERNATIONAL CIVIL AVIATION ORGANIZATION AFI REGION AIM IMPLEMENTATION TASK FORCE. (Dakar, Senegal, 20 22nd July 2011)
IP-5 INTERNATIONAL CIVIL AVIATION ORGANIZATION AFI REGION AIM IMPLEMENTATION TASK FORCE (Dakar, Senegal, 20 22nd July 2011) Agenda item: Presented by: Implementation of a African Regional Centralised Aeronautical
More informationFACILITATION PANEL (FALP)
International Civil Aviation Organization WORKING PAPER 23/3/16 English only FACILITATION PANEL (FALP) NINTH MEETING Montréal, 4-7 April 2016 Agenda Item 3: Amendments to Annex 9 ELECTRONIC TRAVEL SYSTEMS
More informationNDC is a response to 3 challenges that exist in today s airline distribution eco-system:
1 NDC is a response to 3 challenges that exist in today s airline distribution eco-system: Airlines don t have the ability to distribute their products across the travel agent channel without being,owing
More informationEmployment Authorization Document (EAD) Application Guide for J-2 Dependents
Employment Authorization Document (EAD) Application Guide for J-2 Dependents Preparing the application to the U.S. Citizenship and Immigration Service (USCIS) What is the EAD? The Employment Authorization
More informationStudent Visa Process. CTY Summer Programs
Student Visa Process CTY Summer Programs 2018 Presentation Content 1. Visa requirements 2. Starting the process and deadlines 3. Obtaining the I-20 form 4. Applying for the F-1 visa 5. Traveling to the
More information2018 PSO Profile Highlights and Tips. December 18, :00 3:00 PM
2018 PSO Profile Highlights and Tips December 18, 2018 2:00 3:00 PM Call Logistics The PSOPPC will be presenting the 2018 PSO Profile Highlights and Tips. Please use the chat (Ask a Question) to submit
More informationCA SiteMinder. Agent for JBoss Guide. r12.1 SP3. Third Edition
CA SiteMinder Agent for JBoss Guide r12.1 SP3 Third Edition This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationWhat if I just want to obtain flight schedules without making a reservation?
http://www.omanair.com/en/faqs/booking Booking Home > Printer-friendly PDF > Booking If you have any unanswered questions about Oman Air and our services and need help, please select the appropriate category
More informationKB 2449 CA Wily APM security example: CA SiteMinder for authentication with CA EEM for authorization
This article describes how you can perform a CA SiteMinder basic set up and configuration to provide CA Wily APM authentication before deploying CA EEM for. This example describes these tasks: Configure
More informationRevalidation of RE Projects. Accreditation and Registration
Revalidation of RE Projects Accreditation and Registration and Registration Revalidation: Accreditation and Registration Accreditation and registration are valid till 5 years from date of registration.
More informationTravel Procedures for CYSS Contract. Travel Request/Order Form (Pre-approval Process)
Travel expenses on temporary duty (TDY) should be at the best value to the Government. The JFTR/JTR provides a guide for contractors, but should be considered as the maximum allowable claim without special
More informationSENIOR CERTIFICATE EXAMINATIONS
SENIOR CERTIFICATE EXAMINATIONS INFORMATION TECHNOLOGY P1 2017 MARKS: 150 TIME: 3 hours This question paper consists of 21 pages. Information Technology/P1 2 DBE/2017 INSTRUCTIONS AND INFORMATION 1. This
More informationetrust SiteMinder Agent r5.5 for BEA WebLogic 9.0 etrust SiteMinder Agent for BEA WebLogic Guide
etrust SiteMinder Agent r5.5 for BEA WebLogic 9.0 etrust SiteMinder Agent for BEA WebLogic Guide This documentation (the Documentation ) and related computer software program (the Software ) (hereinafter
More informationCA SiteMinder. Agent for JBoss Guide SP1
CA SiteMinder Agent for JBoss Guide 12.52 SP1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your
More informationHelp Document for utsonmobile - Windows Phone
Help Document for utsonmobile - Windows Phone Indian Railway is introducing the facility of booking unreserved suburban tickets on smartphones. The application has been developed in-house by Centre for
More informationScott Silveira, District 5 Supervisor SOCIAL MEDIA POLICIES AND PROCEDURES
Scott Silveira, District 5 Supervisor SOCIAL MEDIA POLICIES AND PROCEDURES PURPOSE Scott Silveira, District 5 Supervisor,recognizes a need to augment his traditional communication methods with the use
More informationMyFBO Help. Contents TRAINING ONLY
MyFBO Help Updated: July 25,2011 The online help menu works well to find most answers and explanations how to use the system. Simply click on the blue question mark symbol on the top right corner of MyFBO.com.
More informationVirginia Medicaid Web Portal Provider Maintenance Frequently Asked Questions Revised 02/20/2015. FAQ Contents. General Questions
Virginia Medicaid Web Portal Provider Maintenance Frequently Asked Questions Revised 02/20/2015 FAQ Contents General Questions.......................................... Page 1 Provider Maintenance Menu...................................
More informationLS-Data. Manual. Altenrhein Luftfahrt GmbH Office Park 3 Top 312 / Postfach 90 A-1300 Wien Flughafen
LS-Data Manual Altenrhein Luftfahrt GmbH Office Park 3 Top 312 / Postfach 90 A-1300 Wien Flughafen Contents: 1. General... 2 2. Requirements... 2 3. Log In... 3 4. Cockpit crew... 4 4.1. New flight...
More informationPRIVACY POLICY KEY DEFINITIONS. Aquapark Wrocław Wrocławski Park Wodny S.A. with the registered office in Wrocław, ul. Borowska 99, Wrocław.
Shall enter into force on the 25th May 2018, PRIVACY POLICY Aquapark Wrocław shall endeavour to protect privacy of persons who use our services. This document has been implemented to comply with rules
More informationWHAT S NEW in 7.9 RELEASE NOTES
7.9 RELEASE NOTES January 2015 Table of Contents Session Usability...3 Smarter Bookmarks... 3 Multi-Tabbed Browsing... 3 Session Time Out Pop Up... 4 Batch No Show Processing...5 Selecting a Guarantee
More informationCA SITEMINDER OVERVIEW
info@tutionbooks.com CA SITEMINDER OVERVIEW www.tutionbooks.com Session Overview 1 2 3 4 Concept of application Security Requirement of Siteminder Features of siteminder Basic of request to access an application
More informationIntroduction of FAR 117 and Q Software Enhancements
December 2, 2013 13-04 Introduction of FAR 117 and Q4 2013 Software Enhancements Table of Contents Introduction... 2 PBS Buffers... 2 Software Enhancements... 2 Max Reserve Above... 2 History and Explanation...2
More informationBook Upto 12 tickets in a month by linking Aadhaar
Book Upto 12 tickets in a month by linking Aadhaar Now users are allowed to book upto 12 tickets in a month, if users get themselves verified through their Aadhaar number along with at least one passenger
More informationCA SiteMinder. Agent for JBoss Guide 12.51
CA SiteMinder Agent for JBoss Guide 12.51 This Documentation, which includes embedded help systems and electronically distributed materials (hereinafter referred to as the Documentation ), is for your
More informationIRCTCC RAIL CONNECT ANDROID APP
IRCTCC RAIL CONNECT ANDROID APP USER GUIDE NOTE: Document is subject to change. Detailed terms and conditions available on IRCTC website www.irctc.co.in 1 P a g e INDEX Sino Content 1 Launch Screen 2 Login
More informationAmadeus Selling Platform Timatic User Guide
Amadeus Selling Platform Timatic User Guide amadeus.com YOUR USE OF THIS DOCUMENTATION IS SUBJECT TO THESE TERMS Use of this documentation You are authorised to view, copy, or print the documentation for
More informationAngel Flight Information Database System AFIDS
Pilot s Getting Started Guide Angel Flight Information Database System AFIDS Contents Login Instructions... 3 If you already have a username and password... 3 If you do not yet have a username and password...
More informationPolicies and Procedures
Mass HIway Massachusetts Health Information Highway Statewide Health Information Exchange Policies and Procedures Version 2 December 1, 2014 The Mass HIway is operated by the Commonwealth of Massachusetts'
More informationCOMPETITION SPECIFIC RULES
COMPETITION SPECIFIC RULES 28 th January 4 th February 2018 Organised on Behalf of: The New Zealand Hang Gliding and Paragliding Association Inc. These Competition Specific Rules are to be used in conjunction
More informationThe Improvement of Airline Tickets Selling Process
The Improvement of Airline Tickets Selling Process Duran Li (103034466) Department of Industrial Engineering and Engineering Management, National Tsing Hua University, Taiwan Abstract. The process of a
More information1. MICE Offer Log In page MICE605-_-CXHP-_-XX
MICE IBE BOOKING STEPS 1. MICE Offer Log In page http://www.cathaypacific.com/cpa/en_intl/offerspromotions/micelogin?cm_mmc=mice-hk-_- MICE605-_-CXHP-_-XX 1.1 Log in with your Marco Polo Club or Asia Miles
More informationQ. Can I book personal travel on the site? - The Concur site is to be used exclusively for business related travel.
Concur Travel FAQ Q. What will I use Concur Travel for? - Concur Travel is Hill-Rom s online booking tool for all of your business travel needs. It works with Travel and Transport and allows you to see
More informationFREQUENTLY ASKED QUESTION November 2014
FREQUENTLY ASKED QUESTION November 2014 This document is intended to answer common questions in regards to KT Online, our online booking tool for Flights, Hotels and Eurostar, powered by Atriis. We want
More informationEmployment Authorization Document (EAD) Application Guide for J-2 Dependents
Employment Authorization Document (EAD) Application Guide for J-2 Dependents Preparing the application to the U.S. Citizenship and Immigration Service (USCIS) What is the EAD? The Employment Authorization
More informationPASSENGER JOURNEY. Our vision: a seamless, secure and efficient walking pace journey that is highly personalized throughout.
NEXTT JOURNEY Our vision: a seamless, secure and efficient walking pace journey that is highly personalized throughout. 00 THROUGHOUT THE JOURNEY IDENTITY MANAGEMENT Biometrics are used to confirm identity
More informationOperations Manual. FS Airlines Client User Guide Supplement A. Flight Operations Department
Restricted Circulation Edition 1.0 For use by KORYO Air & KORYO Connect Pi Operations Manual FS Airlines Client User Guide Supplement 1. 1022 14A This manual has been approved by and issued on behalf of:
More informationIATA AIRPORT HANDLING PRODUCTS MANUAL
06 March, 2018 IATA AIRPORT HANDLING PRODUCTS MANUAL Document Filetype: PDF 508.63 KB 0 IATA AIRPORT HANDLING PRODUCTS MANUAL The latest version of IATA Airport Handling Manual 31st is currently unknown.
More informationUser Guide and Reference Information
User Guide and Reference Information Table of Contents Welcome to Hyatt Privé...3 Access the Hyatt Privé website...5 Explore our properties...8 Book with our Hyatt Privé rate...12 View your reservations...19
More informationConcur Travel-Frequently Asked Questions
Concur Travel-Frequently Asked Questions Click Links to Navigate User & Profile Assistance First Time Logging into Concur Travel & Expense Forgot Password System is slow Smartphone Access Air Car Hotel-Navigational
More informationCONTRACT OF TRANSPORTATION
CONTRACT OF TRANSPORTATION 1. DEFINITIONS For the purpose of the present conditions, it is understood what follows for each of the terms listed below: 1.1 Ticket or Transportation Ticket is the document
More informationWest Virginia Provider Enrollment and Revalidation General FAQ. Date of Publication: 01/19/2016 Document Version: 1.0
West Virginia Provider Enrollment and Revalidation General FAQ Date of Publication: 01/19/2016 Document Version: 1.0 General Topics: In this document, please find a number of Frequently Asked Questions
More informationetrust SiteMinder Agent r6.0 for IBM WebSphere
etrust SiteMinder Agent r6.0 for IBM WebSphere SiteMinder Agent for IBM WebSphere Guide r6.0 This documentation (the Documentation ) and related computer software program (the Software ) (hereinafter collectively
More informationFrequently asked questions (FAQ)
Frequently asked questions (FAQ) Content 1. Subscription 2. Connectivity 3. Data (General) 4. Air carrier traffic 5. Traffic by Flight Stage (TFS) 6. Air carrier finances 7. Airport traffic 8. On-Flight
More informationConcur Travel - Frequently Asked Questions
Concur Travel - Frequently Asked Questions Click on the question to navigate to the answer. What should I do the first time I log into Concur Travel & Expense? What do I do if I forgot my password? Why
More informationNew Distribution Capability
New Distribution Capability Commercial User Guide Last updated: May 17 May 2017 Page 1 Contents Disclaimer... 3 Executive Summary... 4 What s new in this version?... 5 Definitions... 6 1. Introduction...
More informationPRAJWAL KHADGI Department of Industrial and Systems Engineering Northern Illinois University DeKalb, Illinois, USA
SIMULATION ANALYSIS OF PASSENGER CHECK IN AND BAGGAGE SCREENING AREA AT CHICAGO-ROCKFORD INTERNATIONAL AIRPORT PRAJWAL KHADGI Department of Industrial and Systems Engineering Northern Illinois University
More informationFAA Update. Dakota-Minnesota (DMA) Airports District Office. Federal Aviation Administration. Presented to: By: Date: Minnesota Council of Airports
FAA Update Dakota-Minnesota (DMA) Airports District Office Presented to: By: Date: Minnesota Council of Airports Chris Hugunin April 15, 2015 FY 2014 DMA ADO Total AIP Funding $107.2 Million / 136 Grants
More informationUser Guide for E-Rez
User Guide for E-Rez Table of Contents Section 1 Using E-Rez... 3 Security & Technical Requirements... 3 Logging on to E-Rez... 4 Verify Your Profile... 4 Section 2 Travel Center... 5 Familiarize yourself
More informationHomeland Security Investigations. IMAGE Form I-9 Training
Homeland Security Investigations IMAGE Form I-9 Training 1 The Employment Eligibility Verification Form I-9 (Form I-9) Immigration Reform and Control Act of 1986 Requires employers to utilize the Form
More informationGUIDELINES FOR THE ADMINISTRATION OF SANCTIONS AGAINST SLOT MISUSE IN IRELAND
GUIDELINES FOR THE ADMINISTRATION OF SANCTIONS AGAINST SLOT MISUSE IN IRELAND October 2017 Version 2 1. BACKGROUND 1.1 Article 14.5 of Council Regulation (EEC) No 95/93, as amended by Regulation (EC) No
More information1. Please tell us about new features, functions or information that you made available on the new website for the first time?
1 of 6 6/21/2010 10:35 AM 1. Please tell us about new features, functions or information that you made available on the new website for the first time? USCIS Response: Where to Start Widget: There are
More informationPutting NDC into Practice: Reference Architecture and Technology Providers. Author: Hanna Schaal. Senior Consultant.
2015 Putting NDC into Practice: Reference Architecture and Technology Providers Author: Copyright @ 2015 PROLOGIS AG All rights reserved. This study or any portion thereof may not be reproduced or Hanna
More informationCA SiteMinder Web Services Security
CA SiteMinder Web Services Security WSS Agent for IBM WebSphere Guide 12.52 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as
More informationComfort Pro A Hotel. User Manual
Comfort Pro A Hotel User Manual Contents ComfortPro A Hotel 5 Software Features............................................................6 Scope of Delivery.............................................................7
More informationAer Lingus Case Study - AeroDocs deployment to Aer Lingus. Aer Lingus cuts CASK with AeroDocs
Aer Lingus Case Study - AeroDocs deployment to Aer Lingus Aer Lingus cuts CASK with AeroDocs Paul Stanley, EFB Project Manager, Aer Lingus and Capt. Eamon Kierans, Manager Flight Ops Compliance, Aer Lingus
More informationmyldtravel USER GUIDE
myldtravel USER GUIDE Page 2 of 32 Welcome to myidtravel a self service tool that allows you to book travel on other airlines at a discount rate based on standby travel. And by end of Summer 2017 you will
More informationTRAVEL AGENT NEW USER MANUAL
TRAVEL AGENT NEW USER MANUAL WE LC O M E TO HO M EP O R T TR AVE L AGE NT POR TA L Your one-stop destination for all Royal Caribbean s tools of the trade. WHY SHO ULD I SIGN- U P FO R HO M E PO R T? HomePort
More informationWho s Eyeing your Forms I-9
Agenda Who s Eyeing your Forms I-9 Background Completing Revised Form I-9 www.uscis.gov/i-9central Storage and Retention Resources Dave Basham 2 Immigrant and Employee Rights Section (IER) The anti-discrimination
More informationAviation ICT Forum 2014
Aviation ICT Forum 2014 More ground to break Shaping the future. Together 16 17 October 2014 Panel Name: Biometrics: Securing future passenger self service at the airport Discussion points Biometrics recap
More informationEcolabel Toolbox Synergie for CB partners. CB forum- June, 26th
Ecolabel Toolbox Synergie for CB partners CB forum- June, 26th CONTENT 1. Ecolabel Toolbox features 2. Interface presentation 3. How can European partners use Ecolabel Toolbox 4. Toward dissemination in
More informationFAASafety.gov Help Manual for WINGS - Pilot Proficiency Program Federal Aviation Administration May 1, 2007
FAASafety.gov Help Manual for WINGS - Pilot Proficiency Program Federal Aviation Administration May 1, 2007 Gold Systems Inc. FAASafety.gov WINGS Pilot Proficiency Program 1 FAASafety.gov Help Manual for
More informationYour guide to making a booking
Contents Booking online Booking offline Air Fares Explained Hotels Explained UK Rail Explained Amendments and Cancellations Creating Traveller Profiles Visa applications Booking European/International
More informationPLANNING & ADVICE. Print this page. Introducing Holland America Line Express Docs
Call your travel professional or 1-877-932-4259 For Booked Guests > Planning & Advice PLANNING & ADVICE Print this page Introducing Holland America Line Express Docs NEW: Online Check-in can now be completed
More informationAttracting tourists all year round challenges and opportunities in seasonality and responsibility
Attracting tourists all year round challenges and opportunities in seasonality and responsibility Terhi Hook, product development manager, Visit Finland 11.4.2008 Alatunniste teksti 11.4.2008 Alatunniste
More informationFOR SMALL AND MEDIUM SIZED AIRPORTS Velocity FIDS
is a FIDS solution for small and medium sized airports. It is available as an installed and as a cloud solution and it is multi airport solution. The package contains many use full features like a flight
More informationOrder. March 2013 ISSUE,RENEWALORRE-ISSUE OF A MEDICAL CERTIFICATE 1.0 PURPOSE 2.0 REFERENCES
Order TCAA-O- PEL021B March 2013 ISSUE,RENEWALORRE-ISSUE OF A MEDICAL CERTIFICATE 1.0 PURPOSE 1.1 This Order is issued to provide guidance and procedures for issue, renewal and re-issue of a Class 1, 2
More informationCA SiteMinder Federation Standalone
CA SiteMinder Federation Standalone Installation and Upgrade Guide r12.52 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as
More informationUser Reference Manual
User Reference Manual Of Food Licensing & Registration System (FLRS) (Version 2.0) For Food Business Operator (FBO) 1 1. Login Page Type the URL: - http://foodlicensing.fssai.gov.in and first create Username
More informationWho s Eyeing your Forms I-9
Who s Eyeing your Forms I-9 www.uscis.gov/i-9central Dave Basham Agenda Completing Revised Form I-9 Storage and Retention Resources 2 Employment Verification To comply with the employment eligibility verification
More informationConcur Travel FAQs. 5. How do I log in to Concur Travel? Visit or the link is available on the Travel page of the Compass.
General 1. What is Concur Travel? Concur Travel is a hosted, web-based system that allows users to book travel using a web browser or mobile device instead of booking travel through a travel agent. Concur
More informationWTF? ANOTHER NEW Form I-9? Compliance By September 17, Form I-9 1. Disclaimer
WTF? ANOTHER NEW Form I-9? Compliance By September 17, 2017 Form I-9 1 Disclaimer Immigration law can be complex and it is not possible to describe every aspect of the process. This presentation provides
More information