OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Groups - SAML V2.0 Profile for Token Correlation (sstc-saml-token correlation-profile-v0.8.pdf) uploaded

I have been trying to write the second of the docs that meets the
requirements still untreated defined by SOA TC.
I kindly ask to the group to see if the formulation is correct.

 -- Dr. Federico Rossini

The document named SAML V2.0 Profile for Token Correlation (sstc-saml-token
correlation-profile-v0.8.pdf) has been submitted by Dr. Federico Rossini to
the OASIS Security Services (SAML) TC document repository.

Document Description:
In some advanced SAML use cases, in enterprise context, the execution of a
business process might
involve two or more logical transactions that span across one or more
Suppose that an intermediary is involved in almost every process and it
needs to call the same services
for different processes, if the authorization to call the services is
granted to the intermediary without
correlating this authorization to the process in execution, that would mean
to authorize the intermediary
to call every services, as a consequence there wouldn't be real security
policy criteria and there would be
reduced logging information.
This profile supply a normative extension to the [SAML2Core] in accord to
the philosophy that every
actor owns only the authorizations strictly necessary to do what it needs
to do.

View Document Details:

Download Document:  

PLEASE NOTE:  If the above links do not work for you, your email application
may be breaking the link into two pieces.  You may be able to copy and paste
the entire link address into the address field of your web browser.

-OASIS Open Administration

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]