The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Diff for About SAML

Tue, 2007-10-23 21:12 by carolgeyerWed, 2007-12-12 21:48 by carolgeyer
Changes to Body
Line 1Line 1
-
SAML provides an XML-based framework for creating and exchanging security information between online partners.
+
<p>
  +
The Security Assertion Markup Language (SAML) is an XML-based framework for communicating user
  +
authentication, entitlement, and attribute information. As its name
  +
suggests, SAML allows business entities to make assertions regarding
  +
the identity, attributes, and entitlements of a subject (an entity that
  +
is often a human user) to other entities, such as a partner company or
  +
another enterprise application.
  +
</p>
  +
<p>
  +
Prior to SAML, there was no XML-based standard that enabled exchange
  +
of security information between a security system (such as an
  +
authentication authority) and an application that trusts the security
  +
system. SAML provides a standard XML representation for specifying this
  +
information and interoperable ways to exchange and obtain it.
  +
</p>
  +
<p>
  +
SAML is a flexible and extensible standard designed to be used - and customized if necessary - by other by other standards. The <a href="http://www.projectliberty.org/">Liberty Alliance</a>, the <a href="http://shibboleth.internet2.edu/">Internet2 Shibboleth</a> project, and the <a href="http://www.oasis-open.org/committees/wss/">OASIS Web Services Security (WS- Security) Technical Committee</a> have all adopted SAML as a technological underpinning for various purposes.<br />
  +
</p>
  +
<h3>See also:</h3>
  +
<p>
  +
&nbsp;
  +
</p>
  +
<p>
  +
&nbsp;
  +
</p>
 
 
Revision of Wed, 2007-12-12 21:48:

About SAML

The Security Assertion Markup Language (SAML) is an XML-based framework for communicating user authentication, entitlement, and attribute information. As its name suggests, SAML allows business entities to make assertions regarding the identity, attributes, and entitlements of a subject (an entity that is often a human user) to other entities, such as a partner company or another enterprise application.

Prior to SAML, there was no XML-based standard that enabled exchange of security information between a security system (such as an authentication authority) and an application that trusts the security system. SAML provides a standard XML representation for specifying this information and interoperable ways to exchange and obtain it.

SAML is a flexible and extensible standard designed to be used - and customized if necessary - by other by other standards. The Liberty Alliance, the Internet2 Shibboleth project, and the OASIS Web Services Security (WS- Security) Technical Committee have all adopted SAML as a technological underpinning for various purposes.

See also:

 

 

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I