SAML: Difference between revisions
| Line 12: | Line 12: | ||
=Overview= | =Overview= | ||
SAML stands for Security Assertion Markup Language. It is an XML-based open-standard data format and a set of conventions for exchanging authentication and authorization information between heterogenous parties, designated by the standard as [[SAML Concepts#Identity_Provider|Identity Provider (IdP)]] and [[SAML Concepts#Service_Provider|Service Provider (SP)]]. The parties exchange [[SAML_Concepts# | SAML stands for Security Assertion Markup Language. It is an XML-based open-standard data format and a set of conventions for exchanging authentication and authorization information between heterogenous parties, designated by the standard as [[SAML Concepts#Identity_Provider|Identity Provider (IdP)]] and [[SAML Concepts#Service_Provider|Service Provider (SP)]]. The parties exchange [[SAML_Concepts#SAML_Assertion|security assertions]] in a vendor-independent manager. The type of information being exchanged is whether user are authenticated, what rights, roles and access those users have, and how they can use data and resources based on those rights and roles. However, SAML does not specifies the underlying user authentication mechanism. | ||
SAML is an OASIS approved standard. SAML 2.0 specification was released in March 2005. SAML was designed to be flexible and extensible, and as such is used by other standards. It is platform-neutral and vendor-netural. | SAML is an OASIS approved standard. SAML 2.0 specification was released in March 2005. SAML was designed to be flexible and extensible, and as such is used by other standards. It is platform-neutral and vendor-netural. | ||
Revision as of 03:39, 21 February 2017
External
- Introduction to SAML 2.0 http://www.slideshare.net/koivimik/introduction-to-saml-20
- Core Security Patterns: Identity Management Standards and Technologies, Introduction to SAML http://www.informit.com/articles/article.aspx?p=1398625&seqNum=3
- http://en.wikipedia.org/wiki/SAML
Relevance
SAML 2.0
Overview
SAML stands for Security Assertion Markup Language. It is an XML-based open-standard data format and a set of conventions for exchanging authentication and authorization information between heterogenous parties, designated by the standard as Identity Provider (IdP) and Service Provider (SP). The parties exchange security assertions in a vendor-independent manager. The type of information being exchanged is whether user are authenticated, what rights, roles and access those users have, and how they can use data and resources based on those rights and roles. However, SAML does not specifies the underlying user authentication mechanism.
SAML is an OASIS approved standard. SAML 2.0 specification was released in March 2005. SAML was designed to be flexible and extensible, and as such is used by other standards. It is platform-neutral and vendor-netural.
The most important use case for SAML is web browser single sign-on (SSO) between independent but cooperating parties. Other use cases are attribute-based authorization, identity federation and WS-Security. SAML use cases are defined by the standard documents as profiles. A profile combines assertions, protocols and bindings to support a specific use case.