•Before the IdP sends out the Authentication assertion he embeds a SubjectConfirmation element within the assertion.
•The SubjectConfirmation element contains a digital version of a lock.
•When the Bad Guy presents the Authentication assertion to the SP, the SP sees the lock in the SubjectConfirmation and asks the Bad Guy for the key. Since he
can't provide it, the SP doesn't grant access to its resources.