sstc-saml-token correlation-profile-v0.8.pdf Details

Document Details     TC Member Document View
Title SAML V2.0 Profile for Token Correlation
Name * SAML V2.0 Profile for Token Correlation (638K)
Description In some advanced SAML use cases, in enterprise context, the execution of a business process might
involve two or more logical transactions that span across one or more intermediaries.
Suppose that an intermediary is involved in almost every process and it needs to call the same services
for different processes, if the authorization to call the services is granted to the intermediary without
correlating this authorization to the process in execution, that would mean to authorize the intermediary
to call every services, as a consequence there wouldn't be real security policy criteria and there would be
reduced logging information.
This profile supply a normative extension to the [SAML2Core] in accord to the philosophy that every
actor owns only the authorizations strictly necessary to do what it needs to do.
Group OASIS Security Services (SAML) TC
Folder A.5: Post-V2.0 Working Documents
Submitter Dr. Federico Rossini
Date Submitted Monday, 21 June 2010 10:35am
Document State Draft (A preliminary unapproved sketch, outline, or version.)
Access This document is visible to OASIS Security Services (SAML) TC and shared with:
  • OASIS Open (General Membership)
  • General Public

Document Revisions
Name # State Submitter Date Action
Dr. Federico Rossini
Dr. Federico Rossini
Dr. Federico Rossini
This doc