Download presentation
Presentation is loading. Please wait.
Published byTyler Hoover Modified over 8 years ago
1
SAML in Authorization Policies draft-guenther-geopriv-saml-policy-01
2
SAML Security Assertion Markup Language XML language to exchange security information Example of SAML assertion: SAML Version 2: OASIS standard (March, 2005) „Assertion Issuer I has authenticated Assertion Subject S using Authentication Method M“
3
saml-policy draft common-policy: policy rule = (conditions, actions, transformations) saml-policy: support for SAML assertions as conditions This means, support for policy rules such as saml-policy extends common-policy framework in the same way as geopriv-policy does „If Assertion Issuer I has issued a SAML assertion assuring that the Assertion Subject S has been authenticated by means of Authentication Method M, then S is permitted to...“
4
Basic Scenario +-------------+ 1: Authentication +------------+ | | | Asserting | | Subject (S) | | Party | | |<------------------| (AP) | +-------------+ 2: SAML Assertion +------------+ | 3:| Service Request | + Assertion v +-------------+ +------------+ | Relying | 4: Policy | Policy | | Party |<------------------| Server | | (RP) | | (PS) | +-------------+ +------------+
5
I-D version 01 element to replace 'anyType' child element of specifies properties that a SAML assertion must satisfy in order to make the SAML condition match To date, these properties are: Which Assertion Issuers are acceptable? defined For which Assertion Subjects (=Requestors)? defined Which Authentication Methods are acceptable? defined
6
example idp.com bob@example.com urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
7
saml-policy open issues 1)SAML assertions with authorization decision statements 2)SAML assertions with attribute statements 3)Alignment with Common Policy markup language 4)Security Considerations 5)IANA considerations
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.