SAML Protocol Overview - PowerPoint PPT Presentation

About This Presentation
Title:

SAML Protocol Overview

Description:

At its core, SAML is a series of XML-based messages that detail whether a person has authenticted, and frequently information about that person. SAML is primarily used for SSO between organizations and websites that are “external” to the organization. However, it can be used just as well for internal SSO applications. – PowerPoint PPT presentation

Number of Views:83

less

Transcript and Presenter's Notes

Title: SAML Protocol Overview


1
  SAML Protocol Overview
  • Because the SAML Protocol
  •  
  • Is so foundational to the software and service
    Gluu provides, we wanted to lay out the basics of
    SAML for those interested. The following can be
    thought of as a basic guide to getting you
    conversational with the SAML protocol.
  •  
  • What is SAML?
  •  
  • Security Assertion Markup Language, otherwise
    known as SAML, is an XML-based open standard for
    exchanging authentication and attributes (claims)
    between a two factor security and a service
    provider (website). SAML is a product of the
    OASIS Security Services Technical Committee and
    aims to standardize framework for browser based
    single sign-on (SSO). SAML 1.0 was released in
    2002 SAML 2.0 was released in 2006.
  •  
  •  
  • How Does SAML Work?

2
At its core, SAML is a series of XML-based
messages that detail whether a person has
authenticated, and frequently information about
that person. SAML is primarily used for SSO
between organizations and websites that are
external to the organization. However, it can
be used just as well for internal SSO
applications.   The three main components of the
SAML specification are   Assertions The two
most commonly used SAML assertions   Authenticati
on assertions are those in which the user has
proven his identity. Attribute assertions contain
specific information about the user, such as an
email and phone number. Protocol This defines
the way that SAML asks for and gets assertions,
for example, using SOAP over HTTP. Binding
This details exactly how SAML message exchanges
are mapped into SOAP exchanges.   The assertions
are exchanged among sites and services using the
protocol and binding, and those assertions are
what authenticate users among sites.
3
Why is SAML used?   There are many ways to
achieve single sign-on, and as organizations use
an increasing number of cloud applications,
support for various methods of single sign-on
became too expensive and time consuming. SAML
2.0, the newest version currently in use, borrows
protocols and intellectual property from a number
of the most secure frameworks to standardize SSO
across all enterprise cloud applications.   What
are the Benefits of SAML?   User passwords never
cross the ?rewall, since user authentication
occurs inside of the ?rewall and multiple Web
application passwords are no longer
required   Web applications with no passwords are
virtually impossible to hack, as the user must
authenticate against an enterprise-class IdM
?rst, which can include strong authentication
mechanisms   SP-initiated SAML SSO provides
access to Web apps for users outside of the
?rewall. If an outside user requests access to a
Web application, the SP can automatically
redirect the user to an authentication portal
located at the Identity Provider. After
authenticating, the user is granted access to the
application, while their login and password
remains locked safely inside the ?rewall  
4
Centralized federation provides a single point of
Web application access, control and auditing,
which has security, risk and compliance
bene?ts   A properly executed identity federation
layer that satis?es all of the use cases
described above and supports multiple protocols
can provide an enterprise-wide, architecturally
sound Internet SSO solution   Conclusion   SAML
is the oldest federation protocol has the widest
adoption. It has has proven the viability of
organizational federated identity. The Mona Lisa
of federated identity, SAML will be appreciated
and looked to as a model for a long time.
However, newer federation protocols, like
enterprise single sign on 1.0, which have
bubbled-up from the consumer space, may replace
SAML as the standard for organizations. But
before that happens, SAML will continue to be an
important tool in the enterprise security
stack.   Gluus SAML Value Proposition   The
primary reason SAML projects fail or experience
costly delays is because the implementation can
be complex and finding trained resources in SAML
is a challenge. When implementing SAML software
like Shibboleth, using the Gluu Server, which
supports SAML 2.0, can be the difference between
a streamlined setup and configuration or a
multi-month distributed debugging
nightmare.   Article resource-http//www.blogster
.com/thegluuserver/saml-protocol-overview
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SAML Protocol Overview" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!