110 likes | 123 Vues
RSA Conference 2004. SAML Interoperability Lab. Agenda. SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo. SAML and the OASIS SSTC. SAML: Security Assertion Markup Language A framework for the exchange of security-related information
E N D
RSA Conference 2004 SAML Interoperability Lab
Agenda • SAML and the OASIS SSTC • SAML Timeline • Brief SAML History • SAML Interop Lab • Q & A • Demo
SAML and the OASIS SSTC • SAML: Security Assertion Markup Language • A framework for the exchange of security-related information • Developed within OASIS, a non-profit with a standards creation mission • http://www.oasis-open.org • The OASIS Security Services Technical Committee (SSTC) manages the development of SAML • Any OASIS member can participate in the SSTC • ~35 active SSTC voting members (up from V1.1) • 20+ companies and organizations
Brief SAML History • SAML is a success because its development was and continues to be driven by real business use cases • Web SSO • Authorization Services • Distributed Transactions • Very strong “coopetition” • Focus, focus, focus! • Very careful prioritization of work items • SAML solutions: • Save $$$ • Create new business opportunities
SAML Timeline Formally submitted to the SSTC SAML 2.0mid-2004 ID-FF 1.2October 2003 Shibboleth1H 2003 LA 1.1January 2003 SAML 1.1Completed: May 2003OASIS Standard: Sep 2003 SAML 1.0Completed: May 2002OASIS Standard: Nov 2002 LA: Liberty Alliance ID-FF: Identity Federation Framework
12 Participants Computer Associates DataPower Technology Entegrity Solutions Entrust GSA/Enspier Technologies Hewlett-Packard GSA Sponsorship eGov eAuthentication Initiative Oblix OpenNetwork Ping Identity RSA Security Sun Microsystems Trustgenix SAML Interop Lab Participants
SAML Interop Lab Overview • 3 Days of Interop Testing • Web SSO Interoperability • 2 Demos: “eAuthentication” and “generic SAML” • 3 Web Sites • Portal • Identity Provider - where you log in • Service Provider - where an application lives • 2 SAML Web SSO “Profiles” • Browser/Artifact Profile (10 vendors) • Browser/POST Profile (8 vendors) • Attribute Query for web service authorization (1 scenario) • Results in ~100 test cases!
SAML Interop Lab Web SSO Demo • Focus on eAuthentication Architecture • Demonstrate 3-site exchanges • Visit Portal • Choose an application site and a user logon site • Logon with username/password • Web SSO to the chosen application • Re-visit portal to choose another application • Web SSO to next application without re-authenticating • Note the application customization based on user attributes obtained from the logon site
Wrapup • Questions? • On to the demo!