1. Orchard-Maler Assertion Proposal SAML F2F #3 David Orchard, Eve Maler This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep track of these action items during your presentation In Slide Show, click on the right mouse button Select “Meeting Minder” Select the “Action Items” tab Type in action items as they come up Click OK to dismiss this box This will automatically create an Action Item slide at the end of your presentation with your points entered.

2. Outline Principles Principle: Top-typing Principle: Namespaces and Schema Principle: Vocabulary re-use Queries Responses Assertion Packages Subject Assertion Attribute Assertion Authorization Assertion Claim vs Assertion

3. Principles “Constrain Early and Often” –Top-typing Fully leverage Namespaces and Schema for extensibility and re-use –Extension mechanisms –Attribute Values –Subject Assertions Re-use Existing vocabularies –Ie Xquery if complex Queries Usage of Attributes Optimize for the Simple cases

4. Principle:Top-Typing OM defines cardinalities for all assertions –Ie subjectAssertion MUST have 1 subject Assertions are not re-used for queries If Assertions re-used, should be additional types(s) Cardinalities of 0..* for all elements have dubious type safety.

5. Principle:Namespaces & Schema Wherever possible, use namespaces for mixing content and schema for extensibility All Assertions are types –Place for adding new Assertions –Subject Assertions have a required subject Reduces need for 3+ subject references And allows SubjectAssertionsPackage Attributes are vocabulary specific –Mixed in using Schema wildcard, –Attributes are in attribute language, not SAML language

6. Principle: Vocabulary re-use Never re-invent the wheel, unless our wheel is much simpler than others IFF we have complex queries, then re-use Xquery Allow vocabularies to define their own attributes

7. Request Contain a query Currently Xquery –Allows complex Queries –Clients loosely coupled to Server Clients can change queries without changing the specification –High performance –Allows queries against XML defined attributes Also contains optional SubjectAssertionPackage –For passing in subject info, like authentication, attribute assertions

8. Response Contain AssertionsPackage Little controversy here

9. AssertionsPackage Container for Assertions Little controversy here

10. SubjectAssertions & SAPackage Assertions that contain a subject Example of Top-typing in action Attribute, Authentication, AuthorizationAssertions do not need to declare subject SubjectAssertionsPackage can make use of, so it’s stronger typed than Assertions Package

11. AuthorizationAssertion Binds resources, permissions to subjects Used for query operations –How does one ask “Can alice Read Y” without one of these? Optimized for simple case –1 subject has 1 permission for 1 resource Possible for multiple resources by having multiple Resources and/or Permissions –Or multiple AuthorizationAssertions

12. AttributeAssertion Contains attributes for a subject The use of XML Schema wildcard allows arbitrary elements We expect these are defined in external vocabularies Optimized for the simple case, which is 1 XML vocabulary that expresses open-ended attribs.

13. Claim vs Assertion OM defines an Assertion as facts relating to 1 subject –Attributes, Authentication, Authorization Further allows arbitrary # of attribute facts, yet only 1 authorization fact per assertion This difference in style is due to the source of the facts. –Attributes are defined externally, so there is no way for SAML to control how many –Authorizations are defined by SAML, so SAML can control an assertion to exactly 1.