|
URL: http://www.oasis-open.org/committees/download.php/2290/oasis-sstc-saml-1.0.zip
Security
Assertion Markup Language (SAML) is an XML-based framework standard from OASIS
for ensuring that transmitted communications are secure. SAML defines
mechanisms to exchange authentication, authorization
and non-repudiation information, allowing single sign on capabilities for Web
services.
SAML
allows a user to log on once for affiliated but separate Web sites. SAML is
designed for business-to-business (B2B) and business-to-consumer (B2C)
transactions.
SAML
specifies three components: assertions, protocol, and binding.
Assertion.
There are three assertions: authentication, attribute, and authorization. Authentication
assertion validates the user's identity. Attribute assertion
contains specific information about the user. And authorization assertion
identifies what the user is authorized to do.
Protocol.
Protocol defines how SAML asks for and receives assertions.
Binding.
Binding defines how SAML message exchanges are mapped to Simple
Object Access Protocol (SOAP) exchanges. SAML works with multiple protocols
including Hypertext Transfer Protocol (HTTP), Simple Mail Transfer Protocol
(SMTP), File Transfer Protocol (FTP) and also supports
SOAP, BizTalk®, and Electronic Business XML (ebXML). The Organization for the
Advancement of Structured Information Standards (OASIS) is the standards group
for SAML.
Keywords:
Security exchange, authentication, authorization, non-repudiation,
single sign-on
|
