[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Apology and SAML contribution for Authentication appendix E
Ray I won't be on the call on Wednesday - I am still recuperating from surgery. Following is a suggested addition to the Authentication Appendix E and was prepared by Dr Chi Nguyen. Chi is: RAMP Project Manager & AAF Project Technical Advisor Macquarie E-Learning Center of Excellence, Macquarie University, The AAF is the Australian Access Federation - ie the Australian Universities implementation of Shibboleth. Chi is also doing implementation work on XACML and SAML with FEDORA I haven't read this in detail being off ill and pass on unedited. regards Kerry Web Services Security and Security Assertion Markup Language (SAML) Security Tokens An important security token format used by WS-Security is the SAML Security Token. The SAML standard[2] specifies how authentication and attribute assertions about a subject can be made from a trusted source. In a federated environment, these assertions would typically come from a trusted authentication and attribute authority (referred to as the Identity Provider), and allow the receiver (often referred to as the Service Provider) to make authorization decisions based on these attributes. The assertions are signed to ensure integrity, and can optionally be encrypted to preserve confidentiality. By leveraging WS-Security and SAML tokens, an SRU/SRW search service (acting as a Service Provider in the SAML scenario above) can authenticate and authorize a search request simply based on the SAML assertions contained in its request header. This allows the search service to be available to a much wider set of users from many different security domains, not just the traditional local security domain. On 19/10/2007, at 5:34 AM, rden@loc.gov wrote:
Kerry Blinco e-Framework and Standards Manager, Link Affiliates, University of Southern Queensland; and Technical Standards Adviser to the Department of Education Science and Training (DEST). Australia. Email: kblinco@powerup.com.au Phone: +61 7 3871 2699 Ph (Mobile) : +61 419 787 992 The information contained in this e-mail message and any files may be confidential information, and may also be the subject of legal professional privilege. If you think you may not be the intended recipient, or if you have received this e-mail in error, please contact the sender immediately and delete all copies of this e-mail. If you are not the intended recipient, you must not reproduce any part of this e-mail or disclose its contents to any other party. This email represents the views of the individual sender, except where the sender expressly states otherwise. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]