Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAML in Authorization Policies draft-guenther-geopriv-saml-policy-00.

Published byAmy Flynn Modified over 8 years ago

Similar presentations

Presentation on theme: "SAML in Authorization Policies draft-guenther-geopriv-saml-policy-00."— Presentation transcript:

1 SAML in Authorization Policies draft-guenther-geopriv-saml-policy-00

2 SAML  Security Assertion Markup Language  XML language to exchange security information  Example of SAML assertion:  SAML Version 2 Committee Drafts to get OASIS standard status „Assertion Issuer I has authenticated Assertion Subject S using Authentication Method M“

3 saml-policy draft  common-policy:  policy rule = (conditions, actions, transformations)  saml-policy:  support for SAML assertions as conditions  This means, support for policy rules such as  saml-policy to extend common-policy framework in the same way as geopriv-policy does „If Assertion Issuer I has issued a SAML assertion assuring that the Assertion Subject S has been authenticated by means of Authentication Method M, then S is permitted to...“

4 saml-policy open issues 1)SAML authorization decision and attribute assertions SAML has not only authentication assertions, but also authorization decision and attribute assertions. Usefulness of these latter types of assertions in the scope of Geopriv, Simple,...? 2)SAML condition evaluation by XML parsing? This means: Instead of defining policy rules of the form „If the following elements of a SAML assertion have the following values, then...“, you could also derive specializations of the OASIS SAML Assertion schema that reflect desired constraints on the SAML assertions, and then use such a specialized XML schema in policy rules of the form „If a SAML assertion is valid with respect to the following XML schema, then...“. 3)Complete schema definition; Security and IANA Considerations

Download ppt "SAML in Authorization Policies draft-guenther-geopriv-saml-policy-00."

Similar presentations

802.1AF - directions define requirements to find and create connections in terms of Discovery - Authentication - Enable 1.Discover of what can be done.

802.1AF - directions define requirements to find and create connections in terms of Discovery - Authentication - Enable 1.Discover of what can be done.
SAML CCOW Work Item: Task 2

SAML CCOW Work Item: Task 2
1 Authorization XACML – a language for expressing policies and rules.

1 Authorization XACML – a language for expressing policies and rules.
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.

Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
1 CPCP Hisham Khartabil XCON WG IETF 60, San Diego 2 nd August, 2004

1 CPCP Hisham Khartabil XCON WG IETF 60, San Diego 2 nd August, 2004
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.
Will Darby 91.514 5 April 2010.  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.

Will Darby April  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
Authz work in GGF David Chadwick

Authz work in GGF David Chadwick
Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.
95-804 Applied Cryptography Week 13 SAML 1 95-804 Applied Cryptography SAML and XACML Mike McCarthy Week 13.

Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.
Copyright B. Wilkinson, 2008. This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.

Copyright B. Wilkinson, This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.
XACML By Ganesh Godavari Craig Peltier. Information Sharing Information Sharing relates to the sharing of information between two or more entities. Entities.

XACML By Ganesh Godavari Craig Peltier. Information Sharing Information Sharing relates to the sharing of information between two or more entities. Entities.
Web services security I

Web services security I
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.

A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.
Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.

Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.
XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.

XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
XACML OASIS eXtensible Access Control Markup Language Steve Carmody July 10, 2003 Steve Carmody July 10, 2003.

XACML OASIS eXtensible Access Control Markup Language Steve Carmody July 10, 2003 Steve Carmody July 10, 2003.

Similar presentations

Ads by Google