Your identity-management system doesn't have to dictate your corporate security strategy anymore. SAML (Security Assertion Markup Language) provides a standard way to exchange authentication and authorization information between different vendors' other applications so you can switch from LDAP to RADIUS authentication, for instance, without recoding your applications.. . .
Your identity-management system doesn't have to dictate your corporate security strategy anymore. SAML (Security Assertion Markup Language) provides a standard way to exchange authentication and authorization information between different vendors' other applications so you can switch from LDAP to RADIUS authentication, for instance, without recoding your applications.

It's all about simplifying security. SAML, which has its roots in consumer-based e-commerce, is catching on in the enterprise because it frees you from getting tied down to one vendor's identity system or authentication method. Rather than having each application use a different authentication scheme, all applications speak SAML.

SAML 1.1 is an XML framework developed by OASIS (Organization for the Advancement of Structured Information Standards). It's used for Web single sign-on in the Liberty Alliance specification 1.1 as well as for authentication services in the alliance's Web Services Security specification. (For more on the Liberty Alliance spec, see "Give Me Liberty?" and "Making ID Management Manageable".) Web services are emerging as a hot spot for SAML: Provisioning packages such as Novell's Nsure and Computer Associates' eTrust Admin soon will support SAML. Meanwhile, key software vendors, including CrossLogix, IBM's Tivoli Systems, Netegrity, Novell, Oblix, RSA Security and Sun Microsystems, offer support for SAML in their security applications. And Microsoft's new .Net Server operating system will come with SAML support, too (for more on Web Services Security, see "Dive Carefully".

The link for this article located at SecurityPipeline is no longer available.