Presentation is loading. Please wait.

Presentation is loading. Please wait.

Why a special Danish SAML 2.0 profile? Cultural extensions – e.g Attributes like Business number, etc. Remove complexity in subset of standard that fulfills.

Similar presentations


Presentation on theme: "Why a special Danish SAML 2.0 profile? Cultural extensions – e.g Attributes like Business number, etc. Remove complexity in subset of standard that fulfills."— Presentation transcript:

1 Why a special Danish SAML 2.0 profile? Cultural extensions – e.g Attributes like Business number, etc. Remove complexity in subset of standard that fulfills our use cases Less variations to test Less variations to do risk analysis on Less implementation requirements for federation members that want to implement their own SAML- integration Absence of a common eGov profile The profile is to a large degree adopted from the US eAuthentication SAML profile.

2 History – Getting to the OIOSAML profile Development of first Danish SAML profile mainly an adoption of the architecture and standards developed in the US eAuthentication project – but going with SAML 2.0 instead of SAML 1.1 w GSA modifications Public hearing and formal approval DK-SAML 1.0 – SAML 2.0 profile Definition of 4 Levels of Authentication Frequent consultation with other governments regarding national standards and solutions for federation and eID – also dialog with Microsoft… GSA shares actual deployment feedback and plans to revise its SAML profile DK decides to do the same to asap to allow for the NemLog- in solution not having to support DK-SAML 1.0 Public hearing and formal approval same year of version 2.0 of the profile – which now is named OIOSAML 2.0.6

3 Common infrastructure without loss of bilateral flexibility Citizens Private companies Authorities External Services Software as a service + Other Gov

4 The Liberty eGov Profile Version 1.0 Based on requirements in US eAuthentication SAML profile. Used in Liberty Interoperable testing 2008 Version 1.5 Based on US, NZ and DK requirements In use in Liberty Interoperable testing 2009

5 Follow-on work Help for developers and deployers Having a profile drives little implementation Patterns, referenceimplementations, workshops, etc. Getting international eGov profile and OIOSAML profile aligned as much as possible

6 IdP SP Hvad er der af hjælp? – til test eller udvikling OIOSAML.JAVA + BRS OIOSAML.NET + BRS SimpleSAMLphp Metadatachecker *) *) på vej

7 Effort Quite a lot However, - for countries similar to Denmark – much less effort is required to adopt our profile and reference implementations - Only topic that REQUIRES updates are ”Core attributes”

8 Supporting tools Group on Digitaliser.dk: Profile spec's OSS libraries in.Net, Java and PHP Guidelines and documentation Test website:


Download ppt "Why a special Danish SAML 2.0 profile? Cultural extensions – e.g Attributes like Business number, etc. Remove complexity in subset of standard that fulfills."

Similar presentations


Ads by Google