OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Posted to SAML list - Note high interest in XACML




-----Original Message-----
From: Philpott, Robert [mailto:rphilpott@rsasecurity.com]
Sent: Friday, January 23, 2004 12:08 PM
To: 'security-services@lists.oasis-open.org'
Subject: [security-services] FW: SAML tops federation projects survey


-----Original Message-----
From: Jeff Bohren [mailto:jbohren@opennetwork.com]
Sent: Friday, January 23, 2004 11:49 AM
To: provision@lists.oasis-open.org
Subject: [provision] FW: SAML tops federation projects survey

Interesting federation article that mentions developer interest in SPML. The
SPML reference is near the bottom of the article.

Jeff Bohren
Product Architect
OpenNetwork Technologies, Inc

Try the industry's only 100% .NET-enabled identity management software.
Download your free copy of Universal IdP Standard Edition today. Go to
www.opennetwork.com/eval.



-----Original Message-----
From: NW on Identity Management [mailto:IdentityManagement@nwfnews.com]
Sent: Tuesday, January 20, 2004 8:00 PM
To: Jeff Bohren
Subject: SAML tops federation projects survey


NETWORK WORLD NEWSLETTER: DAVE KEARNS ON IDENTITY MANAGEMENT 01/19/04
Today's focus:  SAML tops federation projects survey

Dear jbohren@opennetwork.com,

In this issue:

* Results of Ping Identity's survey of federation projects
* Links related to Identity Management
* Featured reader resource
_______________________________________________________________

FREE WHITE PAPER: CONVERGENCE AT THE NETWORK EDGE: FIVE
PREREQUISITES OF THE NEW MULTISERVICE EDGE PLATFORM

This white paper presents a closer look at five key attributes
for successful convergence, as well as providing additional
background on why simple evolution of today's routers, WAN
switches, Ethernet switches, and IP services platforms won't be
sufficient for next-generation converged network architectures.
Click here to download your free copy (registration required)
at: http://www.fattail.com/redir/redirect.asp?CID=55203
_______________________________________________________________

NETWORK WORLD SPECIAL REPORT - WIRELESS LAN ADVANCES:
A CONCISE ASSESSMENT

This SPECIAL REPORT written by Network World editors is a snap
shot in time, examining how companies are putting wireless
technology to work, the critical developments in wireless
security, and the emergence of a whole new class of wireless LAN
switch products that promise to redress many of the short
comings of first generation wireless LAN solutions. Click here
to download your free copy (registration required).
http://www.fattail.com/redir/redirect.asp?CID=55198
_______________________________________________________________

Today's focus:  SAML tops federation projects survey

By Dave Kearns

Last issue we looked at some of the responses that Ping
Identity, sponsor of the SourceID Web site, received when it
recently surveyed folks who downloaded its open-source Liberty
Alliance tool kit. Ping wanted to find out more about the
downloaders' federation projects. While there weren't many
surprises in the survey results (e.g., more than 50% of the 157
respondents were with U.S. companies and almost three-fourths
were from English-speaking countries), the results to questions
about standards and protocols might raise an eyebrow or two.

When asked about the priority of federation protocols, it wasn't
surprising that the Liberty Alliance protocols out-polled the
WS-Federation protocol (favored by IBM and Microsoft) since the
respondents were specifically those who downloaded a Liberty
Alliance tool kit. But even adding together those who preferred
Liberty phase II with those who preferred Liberty phase I (a
total of 42% of the respondents) they were still outweighed (at
49%) by those who favored Versions 1.0, 1.1 and 2.0 of the
Security Assertion Markup Language (SAML).

SAML is the transport mechanism for the Liberty Alliance
proposals, and one of the allowed transports for WS-Federation,
but it appears that a number of projects are working directly
with SAML and by-passing the "higher" layers of the two
competing standards.

It might be that the projects being talked about are all early
stage developments, with the SAML parts being worked on now
while the developers look to see which of the two competing
standards will emerge with an edge - or, perhaps, a
consolidation or merger might occur with one standard being
created from the two we currently have. If you think that's a
likely scenario, then it would be wise to put off any
development at that upper level until the parameters of the
eventual standard begin to take shape.

Another of the survey questions asked downloaders what
additional protocols were "of interest" to them vis-à-vis
federation. The big winner there was OASIS' eXtensible Access
Control Markup Language (XACML), with 49%, followed by Service
Provisioning Markup Language (SPML) at 29%, and eXtensible
Resource Identifier (XRI) with 14%. A scattering of other
protocols took 8% of the responses.

XRI could be considered a competitor to Universal Description,
Discovery and Integration, if UDDI had ever amounted to
anything. It's to be the output of an OASIS Technical Committee
and purports to be a Uniform Resource Identifier (URI) scheme
and a corresponding Uniform Resource Name (URN) namespace for
distributed directory services. We'll take a closer look at this
in an upcoming newsletter.

Where XRI is involved with finding resources, XACML is all about
accessing resources, or perhaps protecting resources. XACML,
language for the expression of authorization policies, should be
looked at by anyone working on an SAML (framework for exchanging
authentication and authorization information) projects while XRI
should be in the toolkit of those with provisioning (i.e., SPML)
projects in the works. These protocols shouldn't be developed -
or developed to - in a vacuum. Without interaction among them
all (and that includes Liberty and WS-Federation) it's going to
be difficult to get beyond the experimental phase and into real,
working federation projects.

RELATED EDITORIAL LINKS

SourceID
http://www.sourceid.org/
_______________________________________________________________
To contact: Dave Kearns

Dave Kearns is a writer and consultant in Silicon Valley. He's
recognized as being among the first to identify the directory
and directory-enabled applications as the foundation of identity
management and 21st century computing. His musings can be found
at Virtual Quill <http://www.vquill.com/>. Comments on this
newsletter should be sent to him at
<mailto:identity@vquill.com>.

Kearns provides content services to network vendors: books,
manuals, white papers, lectures and seminars, marketing,
technical marketing and support documents. Virtual Quill
provides "words to sell by..." Find out more by e-mail at
<mailto:info@vquill.com>
_______________________________________________________________

SIGN UP FOR NW'S NEW NEWSLETTER ON DATACENTERS

Soon to launch is NW's newsletter on Datacenters. Written by
Johna Till Johnson and the team at Nemertes Research, this
weekly newsletter will include an ongoing assessment of current
business drivers and future trends, and provides concrete advice
and guidance for IT executives seeking to consolidate data
centers, improve disaster recovery, and deploy virtualization
techniques. Sign up today at:
http://www.fattail.com/redir/redirect.asp?CID=55200
_______________________________________________________________
ARCHIVE LINKS

Breaking identity management news from Network World, updated
daily: http://www.nwfusion.com/topics/directories.html

Archive of the Identity Management newsletter:
http://www.nwfusion.com/newsletters/dir/index.html
_______________________________________________________________
FEATURED READER RESOURCE

NW FUSION PARTNERS' SITES NOW AVAILABLE

Network World Fusion Partners is a collaborative effort between
Network World and sponsoring Partner companies. Each microsite
contains best-of-breed information as well as custom content not
found anywhere else, including a custom email newsletter and
special offers. It is current, top-of-mind information that is
readily accessible and bundled into one comprehensive package..
Visit the NWFusion Partner sites to learn about storage
solutions, network access solutions, optical networking and
more. Visit NWFusion Partners at
<http://www.nwfusion.com/go/nwprr>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To unsubscribe from promotional e-mail go to:
<http://www.nwwsubscribe.com/Preferences.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: jbohren@opennetwork.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Alonna Doucette, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2004

------------------------
This message was sent to:  jbohren@opennetwork.com

To unsubscribe from this mailing list (and be removed from the roster of the
OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/provision/members/leave_workgro
up.php.

To unsubscribe from this mailing list (and be removed from the roster of the
OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave
_workgroup.php.




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]