Download
1 / 4
40 likes | 56 Views
Explore the draft on SAML policies to empower security frameworks with efficient assertions, conditions, and transformations. Leverage SAML version 2 committee drafts for OASIS standardization. Enhance authorization decision and attribute assertions in Geopriv and simplify SAML condition evaluation with XML parsing. Implement specialized XML schema for precise policy rules.
E N D
SAML inAuthorization Policies draft-guenther-geopriv-saml-policy-00
SAML Security Assertion Markup Language XML language to exchange security information Example of SAML assertion: SAML Version 2 Committee Drafts to get OASIS standard status „Assertion Issuer I has authenticated Assertion Subject S using Authentication Method M“
saml-policy draft common-policy: policy rule = (conditions, actions, transformations) saml-policy: support for SAML assertions as conditions This means, support for policy rules such as saml-policy to extend common-policy framework in the same way as geopriv-policy does „If Assertion Issuer I has issued a SAML assertion assuring that the Assertion Subject S has been authenticated by means of Authentication Method M, then S is permitted to ...“
saml-policy open issues SAML authorization decision and attribute assertionsSAML has not only authentication assertions, but also authorization decision and attribute assertions. Usefulness of these latter types of assertions in the scope of Geopriv, Simple, ...? SAML condition evaluation by XML parsing?This means: Instead of defining policy rules of the form „If the following elements of a SAML assertion have the following values, then ...“, you could also derive specializations of the OASIS SAML Assertion schema that reflect desired constraints on the SAML assertions, and then use such a specialized XML schema in policy rules of the form „If a SAML assertion is valid with respect to the following XML schema, then ...“. Complete schema definition; Security and IANA Considerations
