[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Posted to SAML list - Note high interest in XACML
-----Original Message----- From: Philpott, Robert [mailto:rphilpott@rsasecurity.com] Sent: Friday, January 23, 2004 12:08 PM To: 'security-services@lists.oasis-open.org' Subject: [security-services] FW: SAML tops federation projects survey -----Original Message----- From: Jeff Bohren [mailto:jbohren@opennetwork.com] Sent: Friday, January 23, 2004 11:49 AM To: provision@lists.oasis-open.org Subject: [provision] FW: SAML tops federation projects survey Interesting federation article that mentions developer interest in SPML. The SPML reference is near the bottom of the article. Jeff Bohren Product Architect OpenNetwork Technologies, Inc Try the industry's only 100% .NET-enabled identity management software. Download your free copy of Universal IdP Standard Edition today. Go to www.opennetwork.com/eval. -----Original Message----- From: NW on Identity Management [mailto:IdentityManagement@nwfnews.com] Sent: Tuesday, January 20, 2004 8:00 PM To: Jeff Bohren Subject: SAML tops federation projects survey NETWORK WORLD NEWSLETTER: DAVE KEARNS ON IDENTITY MANAGEMENT 01/19/04 Today's focus: SAML tops federation projects survey Dear jbohren@opennetwork.com, In this issue: * Results of Ping Identity's survey of federation projects * Links related to Identity Management * Featured reader resource _______________________________________________________________ FREE WHITE PAPER: CONVERGENCE AT THE NETWORK EDGE: FIVE PREREQUISITES OF THE NEW MULTISERVICE EDGE PLATFORM This white paper presents a closer look at five key attributes for successful convergence, as well as providing additional background on why simple evolution of today's routers, WAN switches, Ethernet switches, and IP services platforms won't be sufficient for next-generation converged network architectures. Click here to download your free copy (registration required) at: http://www.fattail.com/redir/redirect.asp?CID=55203 _______________________________________________________________ NETWORK WORLD SPECIAL REPORT - WIRELESS LAN ADVANCES: A CONCISE ASSESSMENT This SPECIAL REPORT written by Network World editors is a snap shot in time, examining how companies are putting wireless technology to work, the critical developments in wireless security, and the emergence of a whole new class of wireless LAN switch products that promise to redress many of the short comings of first generation wireless LAN solutions. Click here to download your free copy (registration required). http://www.fattail.com/redir/redirect.asp?CID=55198 _______________________________________________________________ Today's focus: SAML tops federation projects survey By Dave Kearns Last issue we looked at some of the responses that Ping Identity, sponsor of the SourceID Web site, received when it recently surveyed folks who downloaded its open-source Liberty Alliance tool kit. Ping wanted to find out more about the downloaders' federation projects. While there weren't many surprises in the survey results (e.g., more than 50% of the 157 respondents were with U.S. companies and almost three-fourths were from English-speaking countries), the results to questions about standards and protocols might raise an eyebrow or two. When asked about the priority of federation protocols, it wasn't surprising that the Liberty Alliance protocols out-polled the WS-Federation protocol (favored by IBM and Microsoft) since the respondents were specifically those who downloaded a Liberty Alliance tool kit. But even adding together those who preferred Liberty phase II with those who preferred Liberty phase I (a total of 42% of the respondents) they were still outweighed (at 49%) by those who favored Versions 1.0, 1.1 and 2.0 of the Security Assertion Markup Language (SAML). SAML is the transport mechanism for the Liberty Alliance proposals, and one of the allowed transports for WS-Federation, but it appears that a number of projects are working directly with SAML and by-passing the "higher" layers of the two competing standards. It might be that the projects being talked about are all early stage developments, with the SAML parts being worked on now while the developers look to see which of the two competing standards will emerge with an edge - or, perhaps, a consolidation or merger might occur with one standard being created from the two we currently have. If you think that's a likely scenario, then it would be wise to put off any development at that upper level until the parameters of the eventual standard begin to take shape. Another of the survey questions asked downloaders what additional protocols were "of interest" to them vis-à-vis federation. The big winner there was OASIS' eXtensible Access Control Markup Language (XACML), with 49%, followed by Service Provisioning Markup Language (SPML) at 29%, and eXtensible Resource Identifier (XRI) with 14%. A scattering of other protocols took 8% of the responses. XRI could be considered a competitor to Universal Description, Discovery and Integration, if UDDI had ever amounted to anything. It's to be the output of an OASIS Technical Committee and purports to be a Uniform Resource Identifier (URI) scheme and a corresponding Uniform Resource Name (URN) namespace for distributed directory services. We'll take a closer look at this in an upcoming newsletter. Where XRI is involved with finding resources, XACML is all about accessing resources, or perhaps protecting resources. XACML, language for the expression of authorization policies, should be looked at by anyone working on an SAML (framework for exchanging authentication and authorization information) projects while XRI should be in the toolkit of those with provisioning (i.e., SPML) projects in the works. These protocols shouldn't be developed - or developed to - in a vacuum. Without interaction among them all (and that includes Liberty and WS-Federation) it's going to be difficult to get beyond the experimental phase and into real, working federation projects. RELATED EDITORIAL LINKS SourceID http://www.sourceid.org/ _______________________________________________________________ To contact: Dave Kearns Dave Kearns is a writer and consultant in Silicon Valley. He's recognized as being among the first to identify the directory and directory-enabled applications as the foundation of identity management and 21st century computing. His musings can be found at Virtual Quill <http://www.vquill.com/>. Comments on this newsletter should be sent to him at <mailto:identity@vquill.com>. Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail at <mailto:info@vquill.com> _______________________________________________________________ SIGN UP FOR NW'S NEW NEWSLETTER ON DATACENTERS Soon to launch is NW's newsletter on Datacenters. Written by Johna Till Johnson and the team at Nemertes Research, this weekly newsletter will include an ongoing assessment of current business drivers and future trends, and provides concrete advice and guidance for IT executives seeking to consolidate data centers, improve disaster recovery, and deploy virtualization techniques. Sign up today at: http://www.fattail.com/redir/redirect.asp?CID=55200 _______________________________________________________________ ARCHIVE LINKS Breaking identity management news from Network World, updated daily: http://www.nwfusion.com/topics/directories.html Archive of the Identity Management newsletter: http://www.nwfusion.com/newsletters/dir/index.html _______________________________________________________________ FEATURED READER RESOURCE NW FUSION PARTNERS' SITES NOW AVAILABLE Network World Fusion Partners is a collaborative effort between Network World and sponsoring Partner companies. Each microsite contains best-of-breed information as well as custom content not found anywhere else, including a custom email newsletter and special offers. It is current, top-of-mind information that is readily accessible and bundled into one comprehensive package.. Visit the NWFusion Partner sites to learn about storage solutions, network access solutions, optical networking and more. Visit NWFusion Partners at <http://www.nwfusion.com/go/nwprr> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: jbohren@opennetwork.com Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:jcaruso@nww.com> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Alonna Doucette, V.P. of Online Development, at: <mailto:sponsorships@nwfusion.com> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: jbohren@opennetwork.com To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/provision/members/leave_workgro up.php. To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave _workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]