SAML Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 37: Line 37:


==WS-Security==
==WS-Security==
=SAML Profile=
A ''profile'' is essentially a use case for SAML. <font color=red>If that is true, map to use cases above and coalesce</font>. The profile combines [[#SAML_Assertion|assertions]], [[SAML_Protocol|protocols]] and [[SAML_Binding|bindings]] to support a specific use case.
=SAML Binding=
=SAML Protocol=
=SAML Assertion=


=To Deplete=
=To Deplete=

Revision as of 01:28, 21 February 2017

Internal

Security Assertion

Subject

Subjects are entities that have identity related information specific to a security domain.

Security Domain

Identity Provider

The Identity Provider (IdP) is.

The Identity Provider is also known as the asserting party.

Service Provider

The Service Provider (SP) is ....

The Service Provider is also known as the relying party.

Trust Relationship

There is a trust relationship between the Identity Provider and and the Service Provider.

SAML Use Cases

Web Browser Single Sign-On

Web browser single sign-on (SSO) among independent but cooperating parties is the most important SAML use case. Another more recent approach to addressing browser SSO is the OpenID Connect protocol.

Attribute-based Authorization

Identity Federation

WS-Security

SAML Profile

A profile is essentially a use case for SAML. If that is true, map to use cases above and coalesce. The profile combines assertions, protocols and bindings to support a specific use case.

SAML Binding

SAML Protocol

SAML Assertion

To Deplete