Wikipedia

Security Assertion Markup Language: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
External links: Link not to tutorial video
m Hyphen to dash for ranges
Line 19:
== History ==
 
[[File:History of SAML.svg|thumb|right |History of SAML (2002--20052002–2005)]]
 
The [[OASIS (organization)|OASIS]] Security Services Technical Committee (SSTC), which met for the first time in January 2001, was chartered "to define an XML framework for exchanging authentication and authorization information."<ref name="QmSYw">{{Cite mailing list | last = Maler | first = Eve | mailing-list = security-services at oasis-open | title = Minutes of 9 January 2001 Security Services TC telecon | date= 9 Jan 2001 | url = http://lists.oasis-open.org/archives/security-services/200101/msg00014.html | access-date = 7 April 2011}}</ref> To this end, the following intellectual property was contributed to the SSTC during the first two months of that year:
Line 27:
* ''Information Technology Markup Language'' (ITML) from Jamcracker
 
Building on these initial contributions, in November 2002 OASIS announced the Security Assertion Markup Language (SAML)&nbsp;V11.0 specification as an OASIS Standard.<ref name="hVZwx">{{cite web|url=http://saml.xml.org/history |title=History of SAML |publisher=SAMLXML.org |date=2007-12-05|access-date=2014-05-22}}</ref>
 
Meanwhile, the [[Liberty Alliance]], a large consortium of companies, non-profit and government organizations, proposed an extension to the SAML standard called the Liberty Identity Federation Framework (ID-FF).<ref name="D9bCd">{{cite web|url=http://www.projectliberty.org/liberty/content/download/800/5730/file/SpecsOverviewAOL.pdf |title=Liberty Technology Overview |author=Conor P. Cahill |publisher=Liberty Alliance |access-date=2017-08-25}}</ref> Like its SAML predecessor, Liberty ID-FF proposed a standardized, cross-___domain, web-based, single sign-on framework. In addition, Liberty described a ''circle of trust'' where each participating ___domain is trusted to accurately document the processes used to identify a user, the type of authentication system used, and any policies associated with the resulting authentication credentials. Other members of the circle of trust could then examine these policies to determine whether to trust such information.<ref name="OiGthD" />
 
While Liberty was developing ID-FF, the SSTC began work on a minor upgrade to the SAML standard. The resulting SAML&nbsp;V11.1 specification was ratified by the SSTC in September 2003. Then, in November of that same year, [https://lists.oasis-open.org/archives/security-services/200311/msg00060.html Liberty contributed ID-FF&nbsp;1.2 to OASIS], thereby sowing the seeds for the next major version of SAML. In March 2005, SAML&nbsp;V2.0 was announced as an OASIS Standard. SAML&nbsp;V2.0 represents the convergence of Liberty&nbsp;ID-FF and proprietary extensions contributed by the [[Shibboleth (Shibboleth Consortium)|Shibboleth]] project, as well as early versions of SAML itself. Most SAML implementations support V2v2.0 while many still support V1v1.1 for backward compatibility. By January 2008, deployments of SAML&nbsp;V2.0 became common in government, higher education, and commercial enterprises worldwide.<ref name="OiGthD">{{cite web|url=http://oracle.sys-con.com/node/492156 |title=Google, NTT and the US GSA Deploy SAML 2.0 for Digital Identity Management |publisher=Oracle Journal |date=2008-01-29|access-date=2014-05-22}}</ref>
 
== Versions ==
 
SAML has undergone one minor and one major revision since V11.0.
* SAML&nbsp;1.0 was adopted as an OASIS Standard in November 2002
* [[SAML 1.1]] was ratified as an OASIS Standard in September 2003
Retrieved from "https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language"