Tips on how to Study and Learn SAML By J. Hodges

 How to Analyze and Learn SAML By T. Hodges Essay

A SAML Whitepaper

T. Hodges

NeuStar

September 6, 2006

How to Study and find out SAML

Summary

This brief whitepaper supplies a functional summary of the SAMLv2 specifications tailored to protocol designer and developer's perspectives. Initial a conceptual introduction is presented, up coming suggestions in order to study and pay attention to SAML are given, and then more in depth aspects are discussed.

1 . Conceptual Introduction to SAML

SAML [OASIS. sstc‑saml‑exec‑overview‑2. 0‑cd‑01] specifies an XML-based framework intended for crafting " security assertions", and swapping them between entities. Throughout creating, or perhaps relying after such statements, SAML system entities might use SAML protocols, or different protocols, to convey an affirmation itself, in order to communicate regarding the " subject" of your assertion.

Hence one can use SAML to make statements just like:

" Alice has these kinds of profile attributes and her domain's qualification is available over there, and I'm creating this statement, and here's who also I are. " Then one can cause this assertion to get conveyed to many party who can then rely on it in a few fashion for some purpose, by way of example input it into a neighborhood policy analysis gating use of some reference.

Such applying SAML are done in a particular " context of use". A particular framework of use could possibly be, for example , deciding whether to take and act upon a SIP-based invitation to initiate a communication session.

The specs of exactly how SAML is required in any presented context useful is known as a " SAML profile". The specification of how SAML assertions and/or protocol emails are conveyed in, or higher, another protocol is known as a " SAML Binding". Typically, a SAML profile specifies the SAML brackets that may be found in its circumstance. Both SAML profiles and SAML bindings in turn reference other SAML specifications, especially the SAML Statements and Protocols, aka " SAML Core", specification [OASIS. saml‑core‑2. 0‑os]. This relationship among SAML specifications, as well as SAML-dependent specifications, is usually illustrated listed below in Number 1 . The relationships between various packing containers in the blueprints is one of dependencies. Be aware how the packing containers representing SAML Profiles—this means any SAML profile—depends upon both the SAML Core specification as well as SAML Bindings, and and of course also upon the specifications in the target profile(s).

+-----------------------------------------+---------------------+

SAML Information

| SAML Assertions &

Protocols

saml-profiles-2. 0-os

aka " SAML Core"

[for example, find:

draft-ietf-sip-saml-00 ]

| saml-core-2. 0-os

+--------------------------+

SAML Bindings

saml-bindings-2. 0-os

+--------------+--------------------------+---------------------+

Target protocol(s)

-----------------

| This kind of a profile might depend upon more

+-----------------------------------------+

| underlying protocols (or technologies)

| --------------------------------------

| for example TLS, and/or TCP, IP, as

| appropriate.

+-----------------------------------------+

Figure one particular: Conceptual Dependencies between SAML Profiles, Brackets, and Primary Figure one particular: Conceptual Dependencies between SAML Profiles, Brackets, and Main Specifications, along with Target Protocols

Specifications, as well as Target Protocols

Note that the SAML Dire & Protocols specification, the SAML Main, is conceptually " abstract". It specifies the odds and ends that make up SAML Assertions, and the nominal semantics, but really does...