The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Authenticating the cloud

...Google’s recent announcement that it is providing two-factor authentication (2FA) for Google Apps reflects a move away from simple password access to stronger authentication for cloud-based applications. And it’s about time; over the past five to 10 years the ‘traditional’ world of IT has already seen a major shift from relying solely on user name and password to strong two-factor authentication...Solutions to log-in once to multiple applications are common-place at the intranet level using networking protocols and directory services, such as Kerberos, which provides a centralised authentication system that can be utilised by other network applications.

Extending these solutions to the cloud has been problematic. However, the SAML authentication protocol developed by OASIS, is emerging as the enterprise standard underlying many browser-based authentication solutions.

SAML assumes that a user has enrolled with at least one identity provider that is expected to provide local authentication services. At the user’s request, the identity provider passes a SAML assertion to a new service or application provider to provide access...

Read the complete article by Dave Abraham of Signify in InfoSecurity. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I