The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Group examining SAML, Information Card for European identity system

A group co-funded by the European Union has reversed its thinking and is considering both SAML and Information Card as technologies to help create an interoperable identity and authentication system to link EU members.

The Secure Identity Across Borders Linked (STORK) interoperable electronic identity project decided late last month to consider both SAML 2.0 and Information Card technology to help EU member countries integrate their identity systems, according to Drummond Reed, executive director of the Information Card Foundation, which includes Deutsche Telekom, Equifax, Google, Intel, Microsoft, Novell and Oracle among its steering committee members.

Both technologies can help entities, including countries, federate identities.

At the Stork's Industry Group meeting late last month, the group outlined its plans to explore a SAML 2.0 profile called "holder of key" as a means for preventing man-in-the-middle attacks when countries exchange identity information.

Industry members at the meeting, including Reed and Microsoft's Kim Cameron, who helped develop the Information Card specification, were among those arguing that Information Card technology was designed to prevent such attacks and should be considered alongside SAML 2.0...

See the complete article by John Fontana. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I