Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAML Interoperability Lab RSA Conference 2004. Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo.

Published byEthel Waters Modified over 8 years ago

Similar presentations

Presentation on theme: "SAML Interoperability Lab RSA Conference 2004. Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo."— Presentation transcript:

1 SAML Interoperability Lab RSA Conference 2004

2 Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo

3 SAML and the OASIS SSTC SAML: Security Assertion Markup Language —A framework for the exchange of security-related information Developed within OASIS, a non-profit with a standards creation mission —http://www.oasis-open.orghttp://www.oasis-open.org The OASIS Security Services Technical Committee (SSTC) manages the development of SAML Any OASIS member can participate in the SSTC —~35 active SSTC voting members (up from V1.1) —20+ companies and organizations

4 Brief SAML History SAML is a success because its development was and continues to be driven by real business use cases —Web SSO —Authorization Services —Distributed Transactions Very strong “coopetition” Focus, focus, focus! —Very careful prioritization of work items SAML solutions: —Save $$$ —Create new business opportunities

5 SAML Timeline SAML 1.0 Completed: May 2002 OASIS Standard: Nov 2002 SAML 1.1 Completed: May 2003 OASIS Standard: Sep 2003 LA 1.1 January 2003 ID-FF 1.2 October 2003 Shibboleth 1H 2003 Formally submitted to the SSTC SAML 2.0 mid-2004 LA: Liberty Alliance ID-FF: Identity Federation Framework

6 SAML Interop Lab Participants 12 Participants —Computer Associates —DataPower Technology —Entegrity Solutions —Entrust —GSA/Enspier Technologies —Hewlett-Packard GSA Sponsorship —eGov eAuthentication Initiative —Oblix —OpenNetwork —Ping Identity —RSA Security —Sun Microsystems —Trustgenix

7 SAML Interop Lab Overview 3 Days of Interop Testing Web SSO Interoperability —2 Demos: “eAuthentication” and “generic SAML” —3 Web Sites Portal Identity Provider - where you log in Service Provider - where an application lives —2 SAML Web SSO “Profiles” Browser/Artifact Profile (10 vendors) Browser/POST Profile (8 vendors) Attribute Query for web service authorization (1 scenario) Results in ~100 test cases!

8 SAML Interop Lab Web SSO Demo Focus on eAuthentication Architecture Demonstrate 3-site exchanges 1.Visit Portal 2.Choose an application site and a user logon site 3.Logon with username/password 4.Web SSO to the chosen application 5.Re-visit portal to choose another application 6.Web SSO to next application without re-authenticating Note the application customization based on user attributes obtained from the logon site

9 Wrapup Questions? On to the demo!

10 Browser/Artifact Profile

11 Browser/POST Profile

Download ppt "SAML Interoperability Lab RSA Conference 2004. Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo."

Similar presentations

X509-bindings-profiles-sep061 Bindings and Profiles for Attribute-based Authz in the Grid Tom Scavo NCSA.

X509-bindings-profiles-sep061 Bindings and Profiles for Attribute-based Authz in the Grid Tom Scavo NCSA.
OASIS SAML 2.0 Interoperability Lab RSA Conference February 2005.

OASIS SAML 2.0 Interoperability Lab RSA Conference February 2005.
Security Standards (…and Competing Standards … and Implementations … and Interoperability) Marty Humphrey Assistant Professor Computer Science Department.

Security Standards (…and Competing Standards … and Implementations … and Interoperability) Marty Humphrey Assistant Professor Computer Science Department.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.

Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Network Identity Kai Kang 27 th October 2004. Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.
© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number 09-017 Norman F. Brickman, Roger.

© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number Norman F. Brickman, Roger.
Will Darby 91.514 5 April 2010.  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative.

Will Darby April  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative.
Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.
95-804 Applied Cryptography Week 13 SAML 1 95-804 Applied Cryptography SAML and XACML Mike McCarthy Week 13.

Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.
Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.

Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.
SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.

To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.
Web Service Standards, Security & Management Chris Peiris www.ChrisPeiris.com.

Web Service Standards, Security & Management Chris Peiris

Similar presentations

Ads by Google