SlideShare una empresa de Scribd logo

SAML Protocol Overview

Mike Schwartz
Mike Schwartz

This document provides an overview of the Security Assertion Markup Language (SAML) protocol. SAML allows sites to exchange user authentication, authorization, and attribute information via XML messages. It enables single sign-on, single logout, and attribute sharing across applications. SAML 2.0 uses standards like XML, HTTP, and SOAP to standardize single sign-on across enterprise cloud apps. It works by exchanging assertions about users via protocols and bindings to authenticate users among sites. Benefits include centralized identity control and single sign-on without exposing passwords.

Tecnología
1 de 11
Descargar para leer sin conexión
SAML Protocol Overview Security Assertion Markup Language Brought to You By:
What is SAML? A series of XML-based messages that detail: ● Whether users are authenticated. ● What rights, roles, and access they have. ● How they can use data and resources based on those rights and roles.
What is SAML Used For? ● Single Sign On (SSO) ● Single Logout ● Attribute Sharing ● Account Linking
Why SAML? The newest version, SAML 2.0, uses intellectual property and protocols from secure frameworks to standardize SSO across all enterprise cloud applications.
Existing Standards used by SAML 2.0: ● Extensible Markup Language (XML) ○ XML Schema ○ XML Signature ○ XML Encryption ● Hypertext Transfer Protocol (HTTP) ● Simple Object Access Protocol (SOAP)
How Does SAML Work? 3 Main Protocols: ● Assertions a. Authentication statements b. Attribute statements c. Authorization decision statements ● Protocol - the way SAML asks for and gets assertions, for example, using SOAP over HTTP. ● Bindings - how SAML message exchanges are mapped into SOAP exchanges.
How Does SAML Work? Assertions are PROTOCOL exchanged among sites and services using the protocol and binding - and ASSERTIONS those assertions authenticate users among sites. BINDINGS
How Does SAML Work?
Benefits of SAML ● User passwords never cross the firewall ● Web applications with no passwords are virtually impossible to hack ● “SP-initiated” SAML SSO provides access to Web apps for users outside the firewall. ● Enterprise-wide, architecturally sound Internet SSO
Centralized Federation with SAML Provides: ● One single point of web app access ● Identity control and auditing ● Security, risk aversion, and compliance
For more SAML related Information... visit us at http://gluu.org

Recomendados

Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML Programming Talents
 
LDAP
LDAPLDAP
LDAPKhemnath Chauhan
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectDemystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectVinay Manglani
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuthDan Brinkmann
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The BasicsIshan A B Ambanwela
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Anil Saldanha
 

Recomendados

Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML Programming Talents
 
LDAP
LDAPLDAP
LDAPKhemnath Chauhan
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectDemystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectVinay Manglani
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuthDan Brinkmann
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The BasicsIshan A B Ambanwela
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Anil Saldanha
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best PracticesAmazon Web Services
 
PKI & SSL
PKI & SSLPKI & SSL
PKI & SSLRitaThakkar1
 
Introduction to SAML & OIDC
Introduction to SAML & OIDCIntroduction to SAML & OIDC
Introduction to SAML & OIDCForgeRock Identity Tech Talks
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Amazon Web Services
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectSaran Doraiswamy
 
Role based access control - RBAC
Role based access control - RBACRole based access control - RBAC
Role based access control - RBACAjit Dadresa
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolS. Hasnain Raza
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
Kerberos
KerberosKerberos
KerberosSutanu Paul
 
SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Okta docs
Okta docsOkta docs
Okta docsSam Bauch
 
Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOOliver Mueller
 
User Identity and Authentication
User Identity and AuthenticationUser Identity and Authentication
User Identity and AuthenticationAmazon Web Services
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
kerberos
kerberoskerberos
kerberossameer farooq
 
SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectUbisecure
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An OverviewPat Patterson
 
Aws IAM
Aws IAMAws IAM
Aws IAMChamali Liyanage
 
Authentication vs authorization
Authentication vs authorizationAuthentication vs authorization
Authentication vs authorizationFrank Victory
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM IntroductionAmazon Web Services
 
Attacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of AuthenticationAttacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of AuthenticationAmit Kumar
 
Saml in cloud
Saml in cloudSaml in cloud
Saml in cloudNagraj Rao
 

Más contenido relacionado

La actualidad más candente

IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best PracticesAmazon Web Services
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Amazon Web Services
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectSaran Doraiswamy
 
Role based access control - RBAC
Role based access control - RBACRole based access control - RBAC
Role based access control - RBACAjit Dadresa
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolS. Hasnain Raza
 
Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOOliver Mueller
 
User Identity and Authentication
User Identity and AuthenticationUser Identity and Authentication
User Identity and AuthenticationAmazon Web Services
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectUbisecure
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An OverviewPat Patterson
 
Authentication vs authorization
Authentication vs authorizationAuthentication vs authorization
Authentication vs authorizationFrank Victory
 

La actualidad más candente (20)

IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best Practices
 
PKI & SSL
PKI & SSLPKI & SSL
PKI & SSL
 
Introduction to SAML & OIDC
Introduction to SAML & OIDCIntroduction to SAML & OIDC
Introduction to SAML & OIDC
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
 
Role based access control - RBAC
Role based access control - RBACRole based access control - RBAC
Role based access control - RBAC
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access Protocol
 
SSL
SSLSSL
SSL
 
Kerberos
KerberosKerberos
Kerberos
 
SSO introduction
SSO introductionSSO introduction
SSO introduction
 
Okta docs
Okta docsOkta docs
Okta docs
 
Enterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSOEnterprise Single Sign-On - SSO
Enterprise Single Sign-On - SSO
 
User Identity and Authentication
User Identity and AuthenticationUser Identity and Authentication
User Identity and Authentication
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
 
kerberos
kerberoskerberos
kerberos
 
SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID Connect
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
 
Aws IAM
Aws IAMAws IAM
Aws IAM
 
Authentication vs authorization
Authentication vs authorizationAuthentication vs authorization
Authentication vs authorization
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM Introduction
 

Similar a SAML Protocol Overview

Attacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of AuthenticationAttacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of AuthenticationAmit Kumar
 
Product update sso authentication method released for orangescrum
Product update sso authentication method released for orangescrumProduct update sso authentication method released for orangescrum
Product update sso authentication method released for orangescrumOrangescrum
 
Open source wso2 identity server sso with drupal 8
Open source wso2 identity server sso with drupal 8Open source wso2 identity server sso with drupal 8
Open source wso2 identity server sso with drupal 8Iwantha Lekamge
 
SAML Executive Overview
SAML Executive OverviewSAML Executive Overview
SAML Executive OverviewPortalGuard
 
Introducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and PerformanceIntroducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and PerformanceAmin Saqi
 
A recipe for standards-based Cloud IdM
A recipe for standards-based Cloud IdMA recipe for standards-based Cloud IdM
A recipe for standards-based Cloud IdMPaul Madsen
 
Unified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebUnified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebAkana
 
Unified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebUnified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebAkana
 
Identity and Client Management using OpenID Connect and SAML
Identity and Client Management using OpenID Connect and SAMLIdentity and Client Management using OpenID Connect and SAML
Identity and Client Management using OpenID Connect and SAMLpqrs1234
 
RMLL 2013 - The SAML Protocol: Single Sign On for skilled people
RMLL 2013 - The SAML Protocol: Single Sign On for skilled peopleRMLL 2013 - The SAML Protocol: Single Sign On for skilled people
RMLL 2013 - The SAML Protocol: Single Sign On for skilled peopleClément OUDOT
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock
 
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-OnCIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-OnCloudIDSummit
 
Flows in mule
Flows in muleFlows in mule
Flows in muleSindhu VL
 
Service Oriented Architecture Updated Luqman
Service Oriented Architecture Updated LuqmanService Oriented Architecture Updated Luqman
Service Oriented Architecture Updated Luqmanguesteb791b
 

Similar a SAML Protocol Overview (20)

Attacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of AuthenticationAttacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of Authentication
 
Saml in cloud
Saml in cloudSaml in cloud
Saml in cloud
 
SAML101
SAML101SAML101
SAML101
 
Product update sso authentication method released for orangescrum
Product update sso authentication method released for orangescrumProduct update sso authentication method released for orangescrum
Product update sso authentication method released for orangescrum
 
Open source wso2 identity server sso with drupal 8
Open source wso2 identity server sso with drupal 8Open source wso2 identity server sso with drupal 8
Open source wso2 identity server sso with drupal 8
 
SAML Smackdown
SAML SmackdownSAML Smackdown
SAML Smackdown
 
SAML 101
SAML 101SAML 101
SAML 101
 
SAML Executive Overview
SAML Executive OverviewSAML Executive Overview
SAML Executive Overview
 
Introducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and PerformanceIntroducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and Performance
 
A recipe for standards-based Cloud IdM
A recipe for standards-based Cloud IdMA recipe for standards-based Cloud IdM
A recipe for standards-based Cloud IdM
 
Unified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebUnified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the Web
 
Unified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebUnified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the Web
 
Identity and Client Management using OpenID Connect and SAML
Identity and Client Management using OpenID Connect and SAMLIdentity and Client Management using OpenID Connect and SAML
Identity and Client Management using OpenID Connect and SAML
 
RMLL 2013 - The SAML Protocol: Single Sign On for skilled people
RMLL 2013 - The SAML Protocol: Single Sign On for skilled peopleRMLL 2013 - The SAML Protocol: Single Sign On for skilled people
RMLL 2013 - The SAML Protocol: Single Sign On for skilled people
 
Single Sign On 101
Single Sign On 101Single Sign On 101
Single Sign On 101
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016
 
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-OnCIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
 
Flows in mule
Flows in muleFlows in mule
Flows in mule
 
Presentation1REVIEW
Presentation1REVIEWPresentation1REVIEW
Presentation1REVIEW
 
Service Oriented Architecture Updated Luqman
Service Oriented Architecture Updated LuqmanService Oriented Architecture Updated Luqman
Service Oriented Architecture Updated Luqman
 

Más de Mike Schwartz

LASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthLASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthMike Schwartz
 
OTTO - Internet2 TechX 2017
OTTO - Internet2 TechX 2017OTTO - Internet2 TechX 2017
OTTO - Internet2 TechX 2017Mike Schwartz
 
The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...Mike Schwartz
 
LASCON: Three Profiels of OAuth2 for Identity and Access Management
LASCON: Three Profiels of OAuth2 for Identity and Access ManagementLASCON: Three Profiels of OAuth2 for Identity and Access Management
LASCON: Three Profiels of OAuth2 for Identity and Access ManagementMike Schwartz
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!Mike Schwartz
 
RSA Conference 2016: Who Are You? From Meat to Electrons and Back Again
RSA Conference 2016: Who Are You? From Meat to Electrons and Back AgainRSA Conference 2016: Who Are You? From Meat to Electrons and Back Again
RSA Conference 2016: Who Are You? From Meat to Electrons and Back AgainMike Schwartz
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 
OAuth2 for IoT Security: Why OpenID Connect & UMA Are They Key
OAuth2 for IoT Security: Why OpenID Connect & UMA Are They KeyOAuth2 for IoT Security: Why OpenID Connect & UMA Are They Key
OAuth2 for IoT Security: Why OpenID Connect & UMA Are They KeyMike Schwartz
 
Who Are You? From Meat to Electrons - SXSW 2014
Who Are You? From Meat to Electrons - SXSW 2014Who Are You? From Meat to Electrons - SXSW 2014
Who Are You? From Meat to Electrons - SXSW 2014Mike Schwartz
 
OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2Mike Schwartz
 
ID Next 2013 Keynote Slides by Mike Schwartz
ID Next 2013 Keynote Slides by Mike SchwartzID Next 2013 Keynote Slides by Mike Schwartz
ID Next 2013 Keynote Slides by Mike SchwartzMike Schwartz
 
Requirements for Personal Clouds : Tech Ranch Talk 8/7/13
Requirements for Personal Clouds : Tech Ranch Talk 8/7/13Requirements for Personal Clouds : Tech Ranch Talk 8/7/13
Requirements for Personal Clouds : Tech Ranch Talk 8/7/13Mike Schwartz
 
Cloud Identity: A Recipe for Higher Education
Cloud Identity: A Recipe for Higher EducationCloud Identity: A Recipe for Higher Education
Cloud Identity: A Recipe for Higher EducationMike Schwartz
 
Gluu EDU Webinar: Shibboleth/SAML SSO
Gluu EDU Webinar: Shibboleth/SAML SSOGluu EDU Webinar: Shibboleth/SAML SSO
Gluu EDU Webinar: Shibboleth/SAML SSOMike Schwartz
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityMike Schwartz
 

Más de Mike Schwartz (17)

LASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. OauthLASCON 2017: SAML v. OpenID v. Oauth
LASCON 2017: SAML v. OpenID v. Oauth
 
OTTO - Internet2 TechX 2017
OTTO - Internet2 TechX 2017OTTO - Internet2 TechX 2017
OTTO - Internet2 TechX 2017
 
The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...
 
LASCON: Three Profiels of OAuth2 for Identity and Access Management
LASCON: Three Profiels of OAuth2 for Identity and Access ManagementLASCON: Three Profiels of OAuth2 for Identity and Access Management
LASCON: Three Profiels of OAuth2 for Identity and Access Management
 
Kantara OTTO slides
Kantara OTTO slidesKantara OTTO slides
Kantara OTTO slides
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
 
RSA Conference 2016: Who Are You? From Meat to Electrons and Back Again
RSA Conference 2016: Who Are You? From Meat to Electrons and Back AgainRSA Conference 2016: Who Are You? From Meat to Electrons and Back Again
RSA Conference 2016: Who Are You? From Meat to Electrons and Back Again
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
 
OAuth2 for IoT Security: Why OpenID Connect & UMA Are They Key
OAuth2 for IoT Security: Why OpenID Connect & UMA Are They KeyOAuth2 for IoT Security: Why OpenID Connect & UMA Are They Key
OAuth2 for IoT Security: Why OpenID Connect & UMA Are They Key
 
Who Are You? From Meat to Electrons - SXSW 2014
Who Are You? From Meat to Electrons - SXSW 2014Who Are You? From Meat to Electrons - SXSW 2014
Who Are You? From Meat to Electrons - SXSW 2014
 
OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2
 
ID Next 2013 Keynote Slides by Mike Schwartz
ID Next 2013 Keynote Slides by Mike SchwartzID Next 2013 Keynote Slides by Mike Schwartz
ID Next 2013 Keynote Slides by Mike Schwartz
 
Federation registry
Federation registryFederation registry
Federation registry
 
Requirements for Personal Clouds : Tech Ranch Talk 8/7/13
Requirements for Personal Clouds : Tech Ranch Talk 8/7/13Requirements for Personal Clouds : Tech Ranch Talk 8/7/13
Requirements for Personal Clouds : Tech Ranch Talk 8/7/13
 
Cloud Identity: A Recipe for Higher Education
Cloud Identity: A Recipe for Higher EducationCloud Identity: A Recipe for Higher Education
Cloud Identity: A Recipe for Higher Education
 
Gluu EDU Webinar: Shibboleth/SAML SSO
Gluu EDU Webinar: Shibboleth/SAML SSOGluu EDU Webinar: Shibboleth/SAML SSO
Gluu EDU Webinar: Shibboleth/SAML SSO
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud Identity
 

Último

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Último (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

SAML Protocol Overview

  • 1. SAML Protocol Overview Security Assertion Markup Language Brought to You By:
  • 2. What is SAML? A series of XML-based messages that detail: ● Whether users are authenticated. ● What rights, roles, and access they have. ● How they can use data and resources based on those rights and roles.
  • 3. What is SAML Used For? ● Single Sign On (SSO) ● Single Logout ● Attribute Sharing ● Account Linking
  • 4. Why SAML? The newest version, SAML 2.0, uses intellectual property and protocols from secure frameworks to standardize SSO across all enterprise cloud applications.
  • 5. Existing Standards used by SAML 2.0: ● Extensible Markup Language (XML) ○ XML Schema ○ XML Signature ○ XML Encryption ● Hypertext Transfer Protocol (HTTP) ● Simple Object Access Protocol (SOAP)
  • 6. How Does SAML Work? 3 Main Protocols: ● Assertions a. Authentication statements b. Attribute statements c. Authorization decision statements ● Protocol - the way SAML asks for and gets assertions, for example, using SOAP over HTTP. ● Bindings - how SAML message exchanges are mapped into SOAP exchanges.
  • 7. How Does SAML Work? Assertions are PROTOCOL exchanged among sites and services using the protocol and binding - and ASSERTIONS those assertions authenticate users among sites. BINDINGS
  • 9. Benefits of SAML ● User passwords never cross the firewall ● Web applications with no passwords are virtually impossible to hack ● “SP-initiated” SAML SSO provides access to Web apps for users outside the firewall. ● Enterprise-wide, architecturally sound Internet SSO
  • 10. Centralized Federation with SAML Provides: ● One single point of web app access ● Identity control and auditing ● Security, risk aversion, and compliance
  • 11. For more SAML related Information... visit us at http://gluu.org