The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Welcome to SAML XML.org.

This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.

New Book: Understanding Windows CardSpace

Written by Vittorio Bertocci, Garrett Serack and Caleb Baker, all of whom were part of the original CardSpace project, Understanding Windows CardSpace is deeply grounded in the theory and technology that came out of it... The presentation begins with a problem statement: 'The Advent of Profitable Digital Crime'. There is a systematic introduction to the full panoply of attack vectors we need to withstand, and the book convincingly explains why we need an in-depth solution, not another band-aid leading to some new vulnerability.

Read more

Multivendor identity systems can work together

A unique demonstration showed user-centric identity software from major vendors, start-ups, one-woman projects and open source hackers all working in concert to replace passwords with validated identity-card access to Web-based resources. The two-hour interoperability demonstration hosted at the annual Burton Group Catalyst conference was co-sponsored by the Open Source Identity System (OSIS), which is a working group within the Identity Commons project to unite the leaders of open source efforts around digital identity.

Read more

HCL Announces Release of SOA Security Book

HCL Technologies Ltd, one of India's leading global IT services company, announced two of its executives, Dr. Ramarao Kanneganti and Prasad A. Chodavarapu, have authored the book, "SOA Security." Published by Manning Publications and immediately available in major bookstores and online retailers, or via the Manning Web site, the book provides a bottom-up understanding of security techniques appropriate for use in SOA.

Read more

GSA logs on to standards battle

One of the more interesting wrinkles to the General Services Administration's use of the Security Assertion Markup Language for its E-Authentication initiative is that, by putting its weight behind SAML, it chose one side in what appears to be an emerging standards battle.

Read more

Wireless' Mobile Signatures Provide Anonymous Age Verification With Certification on Demand

The financial sector is searching for better authentication methods and mobile signatures are increasingly accepted as the most convenient and secure choice to work across different banks. Mobile signatures also provide age verification and anonymous access control. Proof that these partial authentication processes are in demand is the German government's announcement that their electronic ID cards will feature a function to use pseudonyms to authenticate oneself to an online service without revealing one's full identity.

Read more

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I