This article can also be found in the Premium Editorial Download "Information Security magazine: How security pros can benefit from information sharing."

Download it now to read this article plus other related content.

SAML's portable trust makes federated identity work.

The way most e-commerce works--B2B and B2C--is that a person signs on to a Web site and provides his credentials, which are verified through stored identities typically only valid for that session and that domain. It's a cumbersome process that slows the user experience and transactions, and requires expensive identity stores and management systems.

The idea behind Web services and federated identities is that you only need one identity to access multiple accounts and resources across different, trusted domains. The magic behind the process is Security Assertion Markup Language (SAML), the standard that breathes life into the growing world of XML-based communications.

SAML, developed by OASIS in collaboration with several identity management vendors, provides a means for trusted parties to leverage federated identities and for trusted third parties to act as an authority for hundreds or thousands of service providers simultaneously. In theory, this means that one identity can be ported across trusted domains to provide transparent access to data, applications and resources. It's the foundation of Web services and promises to improve user experiences and save enterprises money.

SAML 1.1 and 2.0 (pending approval) provide an XML-based framework for entities to make claims, or "assertions," and flexibly allow entities to exchange attribute, authentication and authorization information.

    Requires Free Membership to View

SAML effectively eliminates the spider web of one-to-one trust relationships, which serve as the foundation for most of today's identity-dependent platforms.

This was first published in January 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: