Friday, 4 April 2008

"Dynamic" SAML

In an article at http://www.computer.org Patrick Harding, Leif Johansson, and Nate Klingenstein talk about a way to reduce the time to deploy SAML-based projects.
Dynamic SAML reduces this time through the exchange of configuration information via the metadata:
Dynamic SAML takes advantage of security best practices and the exchange of configuration information to minimize the manual steps that administrators must currently perform to configure SAML connections securely. Although it isn’t yet possible to completely automate a decision of human trust, dynamic SAML can automate the underlying exchanges to make this decision fast, simple, and secure.
Dynamic SAML simplifies the trust establishment between two partners because it allows you to send your keys used to sign and validate SAML SSO messages with the metadata:
Dynamic SAML prescribes that the partner keys used to sign and validate SAML SSO messages are included in the SAML metadata document. Trust in these keys is derived from the established trust in the metadata document itself. In effect, dynamic SAML moves trust management from a runtime issue (applicable to each protocol message) to a configuration-time issue (applicable to the overall metadata document).
Dynamic SAML is also automating the metadata exchange so that partners can retrieve the metadata when needed.

Dynamic SAML handles about the Metadata exchange and how this can help to reduce deployment times. The time reduced from creating partner connections is really signifcant and will absolutely help reducing the overal time.

Source: Patrick Harding, Leif Johansson, and Nate Klingenstein, "Dynamic Security Assertion Markup Language: Simplifying Single Sign-On, " IEEE Security & Privacy, vol. 6, no. 2, March/April 2008, pp. 83-85.

2 comments:

for IT the said...

Great Article
Cyber Security Projects Ideas for CSE
Project Centers in Chennai



JavaScript Training in Chennai
JavaScript Training in Chennai

ahmed599 said...

We at Al-Shamel Company termite control company in Dammam is one of the companies that are characterized by its development from other companies are looking for everything new and developed in the field of termite control because we all know that insects are very annoying infect humans with microbesشركة مكافحة النمل الابيض بحائل
شركة مكافحة حشرات بحائل
شركة رش مبيدات بحائل
افضل شركة رش مبيدات