Proceedings

Track: Large-Scale Architectures

Audience Level: High Level/Technical view

Time: Tuesday, November 15 14:00

Keywords: XML, Identity, Security, Single Sign-on, SAML, Liberty, Federation, Web Services

Abstract:

XML is all about labeling information so that it can be accessed and used more widely, accurately, and interoperably. One of the most valuable kinds of information is related to identity -- the attributes that make each of us unique. Is it possible to achieve a networked world in which individuals and businesses can engage in virtually any transaction, on any network device, using vital identity information to enrich and customize the experience without compromising privacy and security? It turns out that we're well on our way, and XML is playing a key role in getting us there.

This paper explores the use cases, concepts, and interoperability profiles defined by the most mature and widely deployed solutions in the federated identity space to date: the Security Assertion Markup Language (SAML) and Liberty Alliance standards. SAML has been providing XML protocols for single sign-on and identity management since 2001, and Liberty has developed a full suite of SAML-based federated identity specifications, along with business and legal guidelines to make deployment as successful and safe as possible.