Next steps for security assertion markup language (saml)
暂无分享,去创建一个
The Security Assertion Markup Language (SAML) has established itself as one of the most advanced and popular standards in the Identity Federation and Assertion management space. SAML 2.0 has proved to be an almost complete specification, without requiring any frequent updates to handle various existing Federation scenarios. This paper attempts to analyze and propose incremental enhancements to the SAML core specification, without breaking any of the existing functionality. The goal is to identify such generic extensions, which in turn can enable various other functional usages, inline with SAML.s design goals of Federation Enablement and Asserted Information exchange. The utility of the proposed extensions is proved, by showing how they enable various higher level concepts in SAML, which in turn can enable a richer suite of Federation and Assertion-based interactions. These extensions include Dependent Assertions, Action Assertions, Assertion Queries and Requests, with the final consolidation into a proposed extended SAML framework. This extended SAML framework is used to build a prototype implementation of a Mobile-Device based Web Services framework, for enabling Mobile-Messaging based Service invocations, within a Federation of the Mobile Service Provider and multiple Mobile Application Providers.
[1] K. Cameron,et al. The Laws of Identity , 2005 .
[2] Jun Wang,et al. Extending the security assertion markup language to support delegation for Web services and grid services , 2005, IEEE International Conference on Web Services (ICWS'05).
[3] Tim Moses,et al. EXtensible Access Control Markup Language (XACML) version 1 , 2003 .
[4] Jeff Hodges,et al. Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2. 0 , 2001 .