Standards Catalogue

A Resource for the UK HE/FE Technical Development Community, managed by UKOLN

In light of the cessation of core funding for the Innovation Support Centre at UKOLN after 31 July 2013 we are providing notification of the planned withdrawal of this service after 31 April 2013.

SAML

From JISC Standards Catalogue

Entry: SAML

Area: Identity and Access Management Standards

Standard: Security Assertion Markup Language (SAML) is an XML standard for exchanging authentication and authorization data between security domains, that is (commonly), between an identity provider and a service provider. SAML also defines functions to create and manage federated networks that combine and appropriately share pre-existing repositories of identity information.

Standardisation: SAML is a product of the OASIS Security Services Technical Committee.

Versions: SAML 1.0 was adopted as an OASIS standard in Nov 2002. SAML has undergone one minor (SAML 1.1) and one major revision (SAML 2.0) since V 1.0. SAML 2.0 was approved in March 2005.

Maturity: Endorsement and adoption of V 2.0 by open source projects (notably Shibboleth) and commercial vendors (e.g. Oracle, Nokia, RSA, Sun) should ensure relative maturity and stability.

Risk Assessment

Take-up Elsewhere: Underlying standard of Shibboleth. Also adopted widely in commercial products - see (e.g.) [1], SC Magazine UK edition

Further Information

[[2][Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML)]], OASIS, <http://www.oasis-open.org/committees/security/>
SAML, Wikipedia, <http://en.wikipedia.org/wiki/SAML>
SAML, Cover Pages, <http://xml.coverpages.org/saml.html>

Author: John Paschoud

Contributors

Date Created: October 2005; Last updated: 6 October 2006

Version: v1

Retrieved from "http://standards-catalogue.ukoln.ac.uk/index/SAML"