Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAML 2.1 Building on Success. Outline n Summary of SAML 2.0 n Work done since 2.0 n Objectives of SAML 2.1 n Proposed Task List n Undecided Issues n Invitation.

Published byAmbrose Chambers Modified over 8 years ago

Similar presentations

Presentation on theme: "SAML 2.1 Building on Success. Outline n Summary of SAML 2.0 n Work done since 2.0 n Objectives of SAML 2.1 n Proposed Task List n Undecided Issues n Invitation."— Presentation transcript:

1 SAML 2.1 Building on Success

2 Outline n Summary of SAML 2.0 n Work done since 2.0 n Objectives of SAML 2.1 n Proposed Task List n Undecided Issues n Invitation to Participate

3 Status Overview n SAML 2.0 - OASIS Standard - March 2005 n ITU-T Rec. X.1141 – June 2006 n Work since 2005 has consisted of defining additional Profiles l 3 Oasis Standards l 24 Committee Specifications l 1 Committee Draft l Errata & Updated Technical Overview

4 SAML Deployments n Do we need to say something about successful deployments of SAML here?

5 SAML 2.0 Specifications n Conformance Requirements l Required “Operational Modes” for SAML implementations n Assertions and Protocols l The “Core” specification n Bindings l Maps SAML messages onto common communications protocols n Profiles l “How-to’s” for using SAML to solve specific business problems n Metadata l Configuration data for establishing agreements between SAML entities n Authentication Context l Detailed descriptions of user authentication mechanisms n Security and Privacy Considerations l Security and privacy analysis of SAML 2.0 n Glossary l Terms used in SAML 2.0

6 Post 2.0 Profiles by Category CategoryNumber of Profiles Metadata7 Attributes2 Holder-of-Key2 Deployment2 New Protocols4 Authentication Context3 Kerberos3 Other5

7 Errata and Non-normative n Approved Errata l Official under OASIS TC process n SAML 2.0 Technical Overview l Greatly improved l Many diagrams, usecases, etc.

8 SAML 2.1 Objectives n Make specifications easier to use n Retain backward compatibility n Improve specification quality n Make small improvements

9 Improve Usability n Apply errata n Remove deprecated text n Provide everything needed to implement a component (e.g. SP) in one place n Provided detailed guidance on how to counter threats

10 Backward Compatibility n Retain formats, protocols, namespaces, except to correct errors n Retain interoperability with deployed implementations l Where not possible minimize and clearly identify differences n Retain Version=“2.0” in XML

11 Improve Specification Quality n Incorporate popular Profiles in core n Update normative references l e.g. XML Signature n Re-factor Conformance Requirements n Better integration of Metadata l Some Metadata support mandatory

12 Uncommitted Work n Add minor extension Profiles to core n Improved SSO based on field experience n Use HTML5 features n Additional session semantics n Limited unlinkability between SP and IDP n Emphasize data format compatibility n Remove unused features

13 Get Involved n An opportunity to influence the future of SAML n Resolve issues your organization has with SAML n Join the Security Services TC n All work available online and by email n Telephone meetings alternate Tuesdays 12:00 PM ET

14 Questions?

Download ppt "SAML 2.1 Building on Success. Outline n Summary of SAML 2.0 n Work done since 2.0 n Objectives of SAML 2.1 n Proposed Task List n Undecided Issues n Invitation."

Similar presentations

OGSA-WG charter discussion Dec. 3, 2003 F2F meeting at ANL.

OGSA-WG charter discussion Dec. 3, 2003 F2F meeting at ANL.
Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.

Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.
1© Nokia Siemens Networks SAML Name Identifier Request-Response Protocol Contribution to OASIS Security Services TC Christian Günther, Thinh Nguyenphu.

1© Nokia Siemens Networks SAML Name Identifier Request-Response Protocol Contribution to OASIS Security Services TC Christian Günther, Thinh Nguyenphu.
Step Up Authentication in SAML (and XACML) Hal Lockhart February 6, 2014.

Step Up Authentication in SAML (and XACML) Hal Lockhart February 6, 2014.
OOI-CI–Ragouzis–2007.10.15 Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop 17-19 October 2007.

OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.
Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.

Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.
State Services Commission New Zealand Government Crown Copyright 2007 www.ssc.govt.nz “Standards are only the beginning.. …of the beginning.. … of interoperability”

State Services Commission New Zealand Government Crown Copyright “Standards are only the beginning.. …of the beginning.. … of interoperability”
1. Introduction 1.3.4 OASIS Reference Model for Service Oriented Architecture 2. ECF 4.0 Architecture 2.1 Core vs. Profiles 2.2 Major Design Elements 2.3.

1. Introduction OASIS Reference Model for Service Oriented Architecture 2. ECF 4.0 Architecture 2.1 Core vs. Profiles 2.2 Major Design Elements 2.3.
December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
EbXML Registry Technical Committee n Defining and managing interoperable registries and repositories n The OASIS ebXML Registry TC develops specifications.

EbXML Registry Technical Committee n Defining and managing interoperable registries and repositories n The OASIS ebXML Registry TC develops specifications.
GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.

GFIPM Web Services Concept and Normative Standards GFIPM Delivery Team Meeting November 2011.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.

A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.
Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.

Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.

Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.
SWITCHaai Team Introduction to Shibboleth.

SWITCHaai Team Introduction to Shibboleth.
Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

Similar presentations

Ads by Google