Diff for Attribute-Based Authorization

About this site

The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Diff for Attribute-Based Authorization

--- Wed, 2007-12-12 23:07 by carolgeyer
+++ Wed, 2007-12-12 23:10 by carolgeyer
 <p>
 SAML is being applied in a number of different
 ways, one of which is Attribute-based authorization.
 </p>
 <p>
 not important, should not be shared (for privacy reasons), or is
 insufficient on its own.
+</p>
+<p>
+&nbsp;
+</p>
+<h3>See also:</h3>
+<p>
+- <a rel="nofollow" href="http://www.oasis-open.org/committees/download.php/11785/sstc-saml-exec-overview-2.0-draft-06.pdf">SAML Executive Overview</a><br />
+- <a rel="nofollow" href="http://www.oasis-open.org/committees/download.php/11511/sstc-saml-tech-overview-2.0-draft-03.pdf">SAML Technical Overview</a>
+</p>
+<p>
+&nbsp;
 </p>

Current revision:

Attribute-Based Authorization

SAML is being applied in a number of different ways, one of which is Attribute-based authorization.

The attribute-based authorization model has one web site communicating identity information about a subject to another web site in support of some transaction. However, the identity information may be some characteristic of the subject (such as a person's role in a B2B scenario) rather than, or in addition to, information about when and how the person was authenticated. The attribute-based authorization model is important when the individual's particular identity is either not important, should not be shared (for privacy reasons), or is insufficient on its own.

Diff for Attribute-Based Authorization

Attribute-Based Authorization

See also:

Search

BROWSE

CONTRIBUTE

SUBSCRIBE

RECENT CONTENT

SITE INFO

WHO'S WHO

Navigation

Hosted by: