Skip to Content.
Sympa Menu

ad-assurance - [AD-Assurance] Revised Diagram now in the Cookbook

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

[AD-Assurance] Revised Diagram now in the Cookbook

Chronological Thread 
  • From: "Capehart,Jeffrey D" <>
  • To: "" <>
  • Subject: [AD-Assurance] Revised Diagram now in the Cookbook
  • Date: Fri, 13 Dec 2013 21:32:12 +0000
  • Accept-language: en-US

Based on our call today, the simpler model was preferred with a few changes:


1)      Revise text for non-IdP apps verifier to be “Strong Encryption Algorithms allowed”

2)      Change color from red  to yellow for non-IdP <-> verifier

3)      Make text for Idp <-> Verifier to be “Approved Algorithms must be used” (green lines)

4)      Add a stacked box for Active Directory as a verifier

5)      New -- Added a green line from Subject <-> IdP

6)      New -- Added a box in the upper right corner to identify the graphic as for AD DS Cookbook

7)      Add diagram to Scope 2.3 section with introductory text (transition paragraph)


The diagram should now:

·         Illustrate a particular scenario and the text as per the cookbook.

·         Show the concept of where approved algorithms are required

·         Not be overly detailed with controls, policies, requirements


I suggest visiting the cookbook to see the size/placement and revisions of the diagram.  (remember you will have to login first, then click the detailed link.)


Note:  The diagram can’t do it all, especially if it is taken out of context.  It is supposed to be illustrative of the scope of the text spelled out in the cookbook -- where the details are.




Jeff Capehart, CISA
IT Audit Manager
University of Florida - Office of Internal Audit
(352) 273-1882


  • [AD-Assurance] Revised Diagram now in the Cookbook, Capehart,Jeffrey D, 12/13/2013

Archive powered by MHonArc 2.6.16.

Top of Page