2. Agenda
Introduction to SAML
Introduction to Single Sign-ON
Importance of SAML
SAML Characters
SAML Architecture
Use case of SAML – Internet SSO
Active and Passive Profile
3. Introduction to SAML
SAML – Security Assertion Markup Language
SAML is a Secure XML based communication Mechanism
OASIS - Advancing Open Standards for the Information Society
• SAML 1.0 November 2002
• SAML 1.1 September 2003
• SAML 2.0 March 2005
4. Importance of SAML
SAML - Increase Security
SAML - Increase Application Access
SAML - Provides good support for Administrators
Increase Security
Eliminate Multiple Authentication
Eliminate Phishing
Increase Application Access
No Need to type the password often
Administrators
Eliminate duplicate record Maintenance in database
5. Introduction to Single Sign-ON
What is SSO?
Single Sign-ON is a feature of an information system that lets a user login in once
and gain access to the multiple software system without being prompted to login again
6. SAML Characters
Identity Provider (IdP) - Maintain Directory of users
Service Provider (SP) - Salseforce
User
IdP SP
User
Authentication
Access Service
Trust Relationship
7. SAML Architecture
Assertions:
Assertion is a claim, statement, or declaration
of a fact made by a SAML authority
Authentication assertion
- the subject is authenticated
Authorization assertion
- the subject is authorized to access a particular
resource
Attribute assertion
-the subject is associated with the supplied
attribute
Protocol:
SAML defines a request/response protocol for
obtaining assertions.
Bindings:
Details exactly how the SAML protocol maps
onto transport and messaging protocols.
Profiles:
Active Profile – API Call
Passive Profile- Browser