Groups - SAML V2.0 Profile for Token Correlation (sstc-saml-token correlation-profile-v0.13.pdf) uploaded

[federico.rossini@telecomitalia.it]

The document revision named SAML V2.0 Profile for Token Correlation
(sstc-saml-token correlation-profile-v0.13.pdf) has been submitted by Dr.
Federico Rossini to the OASIS Security Services (SAML) TC document
repository.  This document is revision #2 of sstc-saml-token
correlation-profile-v0.8.pdf.

Document Description:
In some advanced SAML use cases, in enterprise context, the execution of a
business process might
involve two or more logical transactions that span across one or more
intermediaries.
Suppose that an intermediary is involved in almost every process and it
needs to call the same services
for different processes, if the authorization to call the services is
granted to the intermediary without
correlating this authorization to the process in execution, that would mean
to authorize the intermediary
to call every services, as a consequence there wouldn't be real security
policy criteria and there would be
reduced logging information.
This profile supply a normative extension to the [SAML2Core] in accord to
the philosophy that every
actor owns only the authorizations strictly necessary to do what it needs
to do.

View Document Details:
http://www.oasis-open.org/committees/document.php?document_id=39245

Download Document:  
http://www.oasis-open.org/committees/download.php/39245/sstc-saml-token%20correlation-profile-v0.13.pdf

Revision:
This document is revision #2 of sstc-saml-token
correlation-profile-v0.8.pdf.  The document details page referenced above
will show the complete revision history.


PLEASE NOTE:  If the above links do not work for you, your email application
may be breaking the link into two pieces.  You may be able to copy and paste
the entire link address into the address field of your web browser.

-OASIS Open Administration