The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Revision of Security Standards – Why they are so Critical for the Cloud from Wed, 2011-05-11 13:45

Matthew Gardiner writes: Why is it that everyone loves standards in concept, including those for security, but often standards definition and deployment is less than speedy? Why doesn’t everyone involved just pull together and solve this obvious problem now, instead of waiting until we are all suffering from lack of standards? While this is a general issue with standards, let’s look at this issue through the lens of the emerging public cloud-based services (public IaaS, PaaS, & SaaS). There are both rational and less rational reasons why standards are developed and used at a rate slower than they should be for maximum benefit...While no vendor will come out explicitly against standards (remember that everybody loves them), when pressed on the issue, they will come back with answers such as, "existing standards are too immature" or the "market is moving too fast to standardize yet" to explain why they are not moving more quickly to standardize their interfaces. Of course they might be partially right, but these are not objections that generally hold up under explicit and consistent customer demand for standardization. See the broad adoption of SAML by cloud providers as an example of what this pressure can accomplish...

Read the complete article in Infosecurity. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I