Microsoft ADFS based Single Sign On
(SSO) Solution for
Imam University
22-‫فبراير‬-14
TABLE OF CONTENTS
Table of Contents ............................................................................................................ 2
Executive Overview ........................................................................................................ 3
Top Features ..................................................................................................................... 7
Solution architecture ...................................................................................................... 8
Requirements for Deploying the Active Directory based Federation services
Single Sign on .................................................................................................................. 9
The Architecture components....................................................................................... 9
A brief Description on each and every component: ............................................... 10
General Architecture Notes......................................................................................... 11
Solution Authorization Architecture ........................................................................ 11
Benefits of using proposed solution ......................................................................... 12
About Addvantum ..................................................................................................... 16
Relevant Experience - Oracle Fusion Middleware ................................................ 20
Royal Saudi Air Force: ........................................................................................... 20
University of Dammam: ........................................................................................ 22
The General Organization for Social Insurance (GOSI) .................................... 23
National manufacturing and Gas Company (GASCO): ................................... 24
Samba Bank: ............................................................................................................ 25
Financial Proposal ......................................................................................................... 27
EXECUTIVE OVERVIEW
The goal of the project is to deploy Single Sign on Solution for the Current
SharePoint 2013 Farm Environment in Imam University. The Microsoft ADFS based
solution will provide a seamless integration for the existing SharePoint environment
using Active Directory Federation services.
After the Deployment of the solution the existing SharePoint 2013 Farm will be
available online with integration with current student and staff portals. The solution
will provide single sign on ability for users and it will provide the authentication for
all existing SharePoint portals using only one time login password. These credentials
will be automatically being available to the user without any repetition providing
ease of use and enhancing usability and efficiency.
The initial goals of this project include, but are not limited to finding a solution that
will be able to:
! Provide an efficient and seamless Single Sign on solution for existing
SharePoint Portal for all users local (LAN) as well as online.
! Increase the accessibility of information documents to those who need it
while maintaining a secure environment
! Align with Information and IT Governance to establish a maintainable ECM
foundation
In order to achieve such goals we understand that the desired solution must be
extensible.
In other words, the required components must be available in the
existing setup without the need to be purchased and could be configured as needed
and ‘snapped’ into the overall existing SharePoint2013 platform. This will provide
Imam University with the necessary flexibility to implement Single Sign on without
any changes in the current licensing model.
The Microsoft Active Directory, industry-leading solution that delivers a new level of
integration and productivity across the entire spectrum of unstructured content.
Active Directory Federation Services (ADFS) is based on the emerging, industrysupported Web Services Architecture, which is defined in WS-* specifications. ADFS
helps provide single sign-on (SSO) to authenticate users to multiple, related Web
applications over the life of a single online session. ADFS accomplishes this by
securely sharing digital identity and entitlement rights across security and enterprise
boundaries.
The macro-level features of the Single Sign on Solution include:
Terminology used in proposed Solution
ADFS uses terminology from several different technologies, including
certificate services, Internet Information Services (IIS), Active Directory,
ADAM, and Web Services (WS-*). The following table describes these terms.
Term
account partner
Active Directory
Federation Services
(ADFS)
Description
A federation partner that is trusted by the Federation
Service to provide security tokens. The account partner
issues these tokens to its users (that is, users in the
account partner realm) so that they can access Webbased applications in the resource partner.
A Windows Server 2012 R2 component that provides
Web SSO technologies to authenticate a user to multiple
Web applications over the life of a single online session.
ADFS accomplishes this by securely sharing digital
identity and entitlement rights across security and
enterprise boundaries. ADFS in Windows Server 2012
R2 supports the WS-F PRP.
claim
claim mapping
claims-aware
application
client account
partner discovery
Web page
federation
Federation Service
Federation Service
Proxy
passive client
resource partner
security token
security token
service (STS)
A statement that an issuer makes (for example, name,
identity, key, group, privilege, or capability) about a
client.
The act of mapping, removing or filtering, or passing
claims between various claim sets.
An ASP.NET application that performs authorization
based on the claims that are present in an ADFS
security token, such as SharePoint 2013.
The Web page that is used to interact with the user to
determine which account partner the user belongs to
when ADFS cannot automatically determine which of
the account partners should authenticate the user.
A pair of realms or domains that have established a
federation trust.
A security token service that is built into Windows
Server 2012 R2. The Federation Service provides tokens
in response to requests for security tokens.
A proxy to the Federation Service in the perimeter
network (also known as a DMZ or a screened subnet).
The Federation Service Proxy uses WS-F PRP protocols
to collect user credential information from browser
clients and Web applications and send the information
to the Federation Service on their behalf.
A Hypertext Transfer Protocol (HTTP) browser, capable
of broadly supported HTTP, which can make use of
cookies. ADFS in Windows Server 2012 R2 supports
only passive clients, and it adheres to the WS-F PRP
specification.
A federation partner that trusts the Federation Service
to issue claims-based security tokens. The resource
partner contains published Web-based applications that
users in the account partner can access.
A cryptographically signed data unit that expresses one
or more claims.
A Web service that issues security tokens. An STS
makes assertions based on evidence that it trusts, to
whoever trusts it (or to specific recipients). To
communicate trust, a service requires proof, such as a
signature, to prove knowledge of a security token or set
of security tokens. A service itself can generate tokens
or it can rely on a separate STS to issue a security token
with its own trust statement. This forms the basis of
trust brokering. In ADFS, the Federation Service is an
STS.
In ADFS, a collection of load-balanced federation
server farm
servers, federation server proxies, or Web servers
hosting the ADFS Web Agent.
An optimization of the authentication sequence to
single sign-on (SSO) remove the burden of repeated logon actions by an end
user.
token-signing
An X509 certificate whose associated public/private
certificate
key pair is used to provide integrity for security tokens.
A compact string of characters that identifies an
Uniform Resource
abstract resource or physical resource. In ADFS, URIs
Identifier (URI)
are used to uniquely identify partners and account
stores.
The specifications for a Web Services Architecture that
is based on industry standards such as Simple Object
Access Protocol (SOAP); XML; Web Service Description
Language (WSDL); and Universal Description,
Discovery, and Integration (UDDI). WS-* provides a
foundation for delivering complete, interoperable
business solutions for the extended enterprise,
including the ability to manage federated identity and
security.
Web Services (WS-*)
The Web services model is based on the idea that
enterprise systems are written in different languages,
with different programming models, which run on and
are accessed from many different types of devices. Web
services are a means of building distributed systems
that can connect and interact with one another easily
and efficiently across the Internet, regardless of what
language they are written in or what platform they run
on.
A series of specifications that describes how to attach
signature and encryption headers to SOAP messages. In
addition, WA series of specifications that describes how
Web Services
to attach signature and encryption headers to SOAP
Security (WSmessages. In addition, WS-Security describes how to
Security)
attach security tokens, including binary security tokens
such as X.509 certificates and Kerberos tickets, to
messages. In ADFS, WS-Security is used when Kerberos
signs security tokens.
A specification that defines a model and set of messages
for brokering trust and the federation of identity and
WS-Federation
authentication information across different trust realms.
WS-Federation
Passive Requestor
Profile (WS-F PRP)
The WS-Federation specification identifies two sources
of identity and authentication requests across trust
realms: active requestors, such as SOAP-enabled
applications, and passive requestors, which are defined
as HTTP browsers capable of supporting broadly
supported HTTP, for example, HTTP 1.1.
An implementation of the WS-Federation specification
that proposes a standard protocol for how passive
clients (such as Web browsers) apply the federation
framework. Within this protocol, Web service
requestors are expected to understand the new security
mechanisms and be capable of interacting with Web
service providers.
Top Features
! Authenticate only once and use multiple portals or partner sites or resources.
! Improved User Productivity
! Ease of Administration
These and many other features, combined with a reputation for industry leading
technology, will help drive rapid success, increased user adoption and a faster ROI
for Imam University. Addvantum innovative technology is proposing Microsoft
Active Directory based Single sign on solution and associated consulting services
meet Imam University initial requirements.
Solution architecture
Figure 1: Recommended Architecture (courtesy by Microsoft)
Requirements for Deploying the Active Directory based
Federation services Single Sign on
•
Active Directory running in Windows Server 2008, Windows Server
2012, or Windows Server 2012 R2 with a functional level of mixed or
native mode
•
AD FS 2.x deployed on separate Windows Server 2008/R2 or Windows
Server 2012
•
AD FS 2.x Proxy deployed, as users are connecting from outside the
company’s network
•
Windows Azure Active Directory Module for Windows PowerShell to
establish a trust
•
Required updates installations
•
A unique third-party certificate when installing and configuring
federation servers and federation server proxies
The Architecture components
•
Windows Server 2008/2008 R2 or Windows Server 2012
•
PowerShell
•
Web Server (IIS)
•
.NET 3.5 SP1
•
Windows Identity Foundation
•
Publicly registered domain name
•
SSL Trusted Public Certificates
•
High-availability design
End User in the primary can connect directly from intranet to the SharePoint
web front end Server.
While remote site users can connect through internet (HTTP/HTTPS) with
the user friendly web-based interface.
A brief Description on each and every component:
Component
SharePoint 2013
Function
-
Document Management & Archiving
In-context Web site contribution, preview,
updates, and approvals
Library services, including full-text search,
check-in or check-out, and version control
Native content conversion to Webviewable
formats, including HTML, XML, and PDF
Full digital asset and records management
features included
ADFS 2.0 Server
DC1 (co-hosted with the domain controller) ( Required
server)
Microsoft Active Directory
Federation Services component based on MS ADFS
V2.0
Profile and user Synchronization
IIS
Microsoft Internet information Server V7.0
SSL Certificate
This is to be used by the IP-STS and RP-STS, and will be
the “glue” for establishing trust between these token
services.
Identity server configuration
Making SharePoint based Identity aware server using
federation services
SSO web verification
Configuration and single sign on web based
verifications.
DNS Configurations
Configure DNS for external user’s access.
Group Policy
Configuration of Group policy for Active directory
users.
Synchronization Manager
Monitor Synchronization after deploying
synchronization.
Network Configurations
Placing the ADFS Server in DMZ and allowing access
by enhancing Firewall/ Network access related
configurations.
Load Balancing
Optimization of Load balancing devices for external
and internal access management.
General Architecture Notes
By using the recommended architecture, Imam University has the advantage of
starting deployment with fewer servers. If Imam University discovers when user
population starts to grow over time that the initial servers are becoming saturated,
they can simply add more nodes to the configuration (horizontal scalability).
Solution Authorization Architecture
This particular SharePoint 2013 custom made solution for Imam University
has three-tier architecture. After the successful deployment of the solution for
Single sign on SharePoint Portal the users both on premises/ Local intranet
and online users will be able to experience same single sign on capability
without the redundancy of multiple login for each portal. The installation and
configuration of the client consists of logging in with an appropriate name
and password and dynamically executing using the browser based
authentication. Specific configuration information for the client is stored in
the other tiers (STS a SharePoint based store) not on the desktop/web
browser.
Benefits of using proposed solution
•
Web single sign on (SSO)
AD FS provides Web SSO to federated partners outside your organization,
which enables their users to have a SSO experience when they access your
organization’s Web-based applications.
•
Web Services (WS)-* interoperability
AD FS provides a federated identity management solution that interoperates
with other security products that support the WS-* Web Services
Architecture. AD FS follows the WS-Federation specification (for passive
clients; that is, browsers), which makes it possible for environments that do
not use the Windows identity model to federate with Windows
environments.
•
External user account management not required
the federated partner's Identity Provider (IP) sends claims that reflect its
users' identity, groups, and attribute data. Therefore, your organization no
longer needs to revoke, change, or reset the credentials for the partner's users,
since the credentials are managed by the partner organization. Additionally,
if a partnership needs to be terminated, it can be performed with a single
trust policy change. Without AD FS, individual accounts for each partner
user would need to be deactivated.
•
Claim mapping
Claims are defined in terms that each partner understands and appropriately
mapped in the AD FS trust policy for exchange between federation partners.
•
Centralized federated partner management
All federated partner management is performed using the AD FS Microsoft
Management Console (MMC) snap-in.
•
Extensible architecture
AD FS provides an extensible architecture for claim augmentation, for
example, adding or modifying claims using custom business logic during
claims processing. Organizations can use this extensibility to modify AD FS
to finely support their business policies.
SharePoint 2013 Tasks Schedule for SSO
implementation
Deployment task
Task Description
1. System Analysis and
Prepare for implementing
SSO.
Analysis Phase
2. Review the Imam
university infrastructure
requirements for deploying
AD FS.
Review the requirements for Imam
university infrastructure deploying
AD FS
3. Planning and
installation of AD FS
server
Plan your AD FS deployment
4. Prepare your network
infrastructure for
federation servers.
Prepare your network infrastructure for
federation servers
5. Deploy your federation
server farm. Depending on
the version of AD FS that
you want to use, complete
the tasks in either of these
checklists.
Checklist: Deploy your federation server
farm on Windows Server 2012 R2 or
Checklist: Deploy your federation server
farm on legacy versions of Windows
Server
6. Prepare your network
infrastructure for
configuring extranet
access.
Prepare your network infrastructure for
configuring extranet access
7. Configure extranet
access. Depending on the
version of AD FS that you
want to use, complete the
tasks outlined in either the
following topic or
checklist.
Configure extranet access for AD FS on
Windows Server 2012 R2 or Checklist:
Configure extranet access for AD FS on
legacy versions of Windows Server
Duration
5 days
2 days
5 days
5 days
4 days
2 days
2 days
8. Install Windows
PowerShell for SSO with
AD FS.
Install Windows PowerShell for single
sign-on with AD FS
1 day
9. Set up a trust between
AD FS and Windows AD.
Set up a trust between AD FS and
Windows AD
5 days
10 Enabling auditing for
AD FS.
Enabling auditing for AD FS might be
beneficial in situations in which you
place a high value on the security of your
identity deployment and prefer to
monitor it closely for suspicious or
unintended activity. The process of
enabling auditing for AD FS requires
changes that you make using the Local
Security Policy snap-in for your
federation server as well as changes in
the Service properties that you set using
the AD FS Management console. For
more information, see the “Configure
Auditing for AD FS 2.0” section in
11. Set up Active Directory
synchronization.
Directory synchronization roadmap
12. Verify and manage your
SSO implementation with
AD FS.
Verify and manage single sign-on with
AD FS
2 days
2 days
3 days
Note: The tasks listed and timelines mentioned does not include any time
required for the network and infrastructure related changes such as Firewall,
Load balancer changes, as well as acquiring and deploying SSL certificate
required for Single sign on web portal authentication. Also it must be kept in
consideration that the setup changes required for domain level changes will
be managed and updated by Imam University as well.
While the whole process of solution deployment and configuration will be
carried on the current environment further time will be required for moving
the setup to new production environment.
About Addvantum
Addvantum Innovative Technologies is a technology partner of choice for
global organizations looking to strategically transform, grow, and lead in
today’s challenging business environment.
Head quartered in UAE, Addvantum is a global provider of IT Consulting,
Business Process Outsourcing, Business Technology Services, Enterprise
Application Services, Software Testing, Product Engineering, Engineering
Design and Product Support. Addvantum’s mainly focuses on EMEA and
ASEAN regions and maintains offices in USA, UK, Riyadh, Al-Khobar,
Bahrain, Lahore, Islamabad and Karachi. Addvantum stands ready to assist
your enterprise with the most up-to-date IT solutions and consulting services.
Addvantum matches the most advanced global IT expertise to today’s
challenging information technology projects. Addvantum is a global IT
consulting and IT services company specializing in providing your
organization with true integration of Enterprise applications and middleware
solutions. The world of business is increasingly shaped by globalization
creating pressures to constantly adapt and change. These pressures can be
mitigated by the creation of efficient IT platforms that possess the flexibility to
meet the ever-changing requirements within today’s business environment.
Addvantum continues to expand the focus on providing the best in class
unconventional workflows to a global community through new international
onshore and offshore centers, business partnerships and acquisitions in areas
of strategic interest.
Backed with unmatched technical expertise and insights through global
delivery centers, we have maintained the highest levels of compliance and
quality that go with the changing times and technologies. Our Global
Partners’ knowledge investments are backed by years of R&D and have led to
the creation of labs and ‘Centers of Excellence’ that have produced innovative
solutions. Addvantum has set up Centers of Excellence in partnership with
Oracle Corporation in, Riyadh, Dubai and Lahore. The centers of excellence
focus on providing innovative solutions to Education sector globally.
Addvantum’s client list includes major global enterprises from various
different Industry verticals. Addvantum has traditionally focused on
education, telecom & media, banking, energy, manufacturing and
retail/distribution sectors.
Our core expertise lies in Middleware and Higher Education Solutions. Our
middlware practise inculdes Core Technologies ( Virtualization, Security,
Server Consolidation & High availibilty Solution) and Fusion Middleware
(SOA, IDAM, BPM, BI, Content management and WebCenter Portal). Higher
education Solutions include PeopleSoft Campus Solutions, PeopleSoft HRMS
& Financials. Addvantum also focuses on providing Oracle ERP Applications
and is exponentially growing in MEA and ASEAN regions respectively.
Addvantum provides domain experts and strong technology implementation
teams in PeopleSoft Campus Solutions, PeopleSoft HRMS & Financials,
Oracle ERP Applications and Middleware solutions who deliver
breakthrough performance for our customers. With over 1,000 employees
worldwide, we have the ability to deliver complex solutions for large
enterprises. A key factor in our success are practice specific methodologies
developed by Addvantum which have been optimized for delivering
solutions on key platforms. Leveraging these, Addvantum is able to deliver
fixed price implementations for our largest projects.
Company Details
Saudi Arabia Office
Dubai Office Address
Global Offices
Office # G 01-02, Building # 11
Dubai Internet City
Dubai, UAE
(T) +971 4448 3026
(F) +971 4449 6085
Addvantum Innovative Technologies Pvt. Ltd.
Contact Details
Lahore Office:
4th Floor 4th Office,
Arfa Software Technology Park
Ferozepur Road, Lahore
Pakistan
(T) +92 423 597 2005
(F) +92 423 5972006
Doha Office:
Level 14, Commercial Bank Plaza
West Bay, Doha, Qatar
P.O. Box 27111
(T) +974 4 452 8165
(F) +974 4 452 8165
U.S. Office:
Suite 4925
300 North Lasalle Street,
Chicago, IL 60654,USA
(T) +1 312 803 0363
(F) +1 312 803 0363
Email: sales@addvantum.com
Website
www.addvantum.com
Email
sales@addvantum.com
aon.rana@ddvantum.com
noman.mazoor@addvantum.com
Relevant Experience - Oracle Fusion Middleware
Royal Saudi Air Force:
Background:
The Royal Saudi Air Force is the aviation branch of the Saudi Arabian armed
forces. The RSAF has developed from a largely defensive military force into
one with an advanced offensive capability. The RSAF maintains the third
largest fleet of F-15s after the USAF and the JASDF with a user base of 5000+.
The client was undergoing a transformation towards a more secure and
centralized model to manage various applications running in there. RSAF was
looking for a solution for de-provisioning users from 8 different bases by
using IDM solution and to provide thousands of its employees, staff members
and a few external stakeholders with direct, online access to the information
within the air force.
Solution:
There were 11 different applications running in there that need to be
integrated. Addvantum suggested Oracle IDM Solution for the client that
included: IDM Software Components, Oracle Internet Directory, Oracle
Identity Manager, IDM Management Pack, Access Manager, Adaptive Access
Manager, Oracle database, ESSO and Web Server (Oracle HTTP Server).
Addvantum implemented IDM on all the 8 bases along with Disaster
Recovery site for HQ.
Outcomes:
The solution helped realizing the vision for a more secure and centralized
approach to share information between different applications and client staff
members. The Oracle Identity Manager (OIM) enabled the right employees to
gain access to the right information at the right time for the right purpose,
while ensuring and enhancing the security and confidentiality of RSAF.
Applications integrated at RSAF S/No
Resources
1
MS Exchange
2
SharePoint Portal
3
BMC Remedy Business Service
Management
EMC Documentum
4
5
7
ASG Safari Business Intelligence
System
AQD Quality and Safety Management
System
Servisgistics SPM
8
Gold system
9
Morasalat
10
Oracle E-Business Suite
11
Active Directory (AD)
6
University of Dammam:
Background:
Established in 1975, the University of Dammam (UoD) is one of the largest
and oldest Universities in Saudi Arabia. The university consists of 24
Colleges, 123 departments, 1,414 faculty members and 24,950 students. In
addition to a higher education solution, the university was looking for a
solution to integrate all the existing applications such as learning
management system, Blackboard LMS, Symphony library management
system, and Active Directory.
Solution:
Addvantum implemented Oracle WebCenter Suite, consisting of Content
Management System and complete Portal at University of Dammam. For all
integrations we suggested Single Sign-on, using Oracle Identity Manager that
took care of all security concerns as well. In addition, a custom integrated
mobile application was also developed for students and faculty of UoD.
Outcomes:
The solution enabled all system users (with 16000 concurrent users for
admission are with total no. of 60000-70000 users) to access the applications in
a secure and convenient manner with multiple ways to access information.
The information is accurate as well as a reliable, serving the needs of
management, faculty, students and even their parents.
The General Organization
for Social Insurance (GOSI)
Background:
The General Organization for Social Insurance (GOSI) administers the
Kingdom's national insurance scheme. GOSI pays allowances and makes
payments for compensation to individuals and families within the scheme.
GOSI was looking to change their SUN directory services solution and
migrate to Oracle Internet Directory. Having in excess of 500,000 users was
really causing them repeated issues and their existing solution was not being
able to manage the user load and change requests. With Oracle’s solution, we
were able to swiftly migrate 500,000 users into Oracle Internet Directory and
integrate with their Critical Applications.
Solution
• Implementation of OID in clustered environment
• Migration of users to OID
• Migrate Objects from Sun One to OID
• Integrate with One Application “SIMS”
• Test the OID in the Pre-Production environment
• Read/Write on the Directory Server “LDAP”
Outcomes
User provisioning, de-provisioning times reduced significantly and
considerable performance improvements achieved.
National manufacturing and
Gas Company (GASCO):
Background:
National manufacturing and Gas Company (GASCO) serves consumer via
provision of LPG at the highest efficiency levels and commitment to protect
and develop the local environment. It transports, fills and markets LPG
(butane and/or propane). GASCO’s had a host of IT Applications in
following areas of technology: an ERP System based on Oracle E-Business
Suite, a CRM System based on Oracle Siebel CRM, a SOA Architecture that
will compose of Oracle Fusion Middleware and a few third party applications
(Motabi, Avaya, and others). GASCO was looking for some middleware
solution to integrate its various IT applications across the board for its 10,000+
users.
Solution
Addvantum suggested and implemented a host of Oracle middleware
applications including Weblogic Suite, SOA Suite, Oracle Applications
Adapter, SOA Management Pack, WebLogic Management Pack and Oracle
Enterprise Gateway. The SOA layer composed of two main parts, the
Enterprise Service Bus Layer and a Service Consumers layer on one side, and
a Service Providers Layer., on the other. Each service in the ESB layer was
architected and implemented with its own tools/components to achieve the
intended business and functional objectives. With the fulfillment of these
requirements, application (Service Consumers and Service Providers) become
eligible to exchange data and information in a transparent manner.
Outcomes
Oracle SOA Suite's hot-pluggable architecture helped GASCO lowered
upfront costs by allowing maximum re-use of existing IT investments and
assets, regardless of the environment (OS, application server, etc.) they run in,
or the technology they were built upon. It’s easy-to-use, re-use focused,
unified application development tooling and end-to-end lifecycle
management support further reduced development and maintenance cost
and complexity.
Samba Bank:
Background:
Samba Financial Group was formed, to take over the then existing branches of
Citibank, N.A. in Jeddah and Riyadh. Samba was formed in accordance with
a program adopted by the Kingdom in the mid-1970s, under which all foreign
banks were required to sell majority equity interests to Saudi nationals.
Samba Bank requires a middleware solution to integrate its various
applications, especially in the post T24 implementation scenario. It has over
2500 users. For this purpose, Samba Bank has invited various vendors to
demonstrate their products.
Solution:
Oracle Saudi Arabia has brought its implementation partner, Addvantum
onboard, based on its experience in implementing Oracle applications and
technologies for a large number of customers, especially in the Oracle Fusion
Middleware and Oracle Applications implementations. Addvantum
suggested implementation of Enterprise Service Bus (ESB). EBS is a piece of
software that connects multiple applications together through reusing
application to application interfaces, covering a wide variety of disparate
protocols and transport mechanisms. EBS also has the ability to transform
messages on the fly, and perform message routing between multiple
applications, based on the contents of the message.
Outcomes:
A good number of messages and integrations have been accommodated as
per Samba’s requirements. The implementation integrated multiple
applications and heterogeneous messages relatively quickly, and with a
reasonably low engagement of development resources. It successfully
provided the client an integration middleware platform between the existing
and future Systems.
Applications integrated at Samba Bank Financial Proposal
Addvantum will charge around SAR 144,956/-­‐ for the two months project. This is exclusive of all taxes.