Project news

#XACML #SAML Profile Version 2.0 Committee Specification 02 published

OASIS is pleased to announce the approval and publication of a new Committee Specification by the members of the OASIS eXtensible Access Control Markup Language (XACML) TC:

XACML SAML Profile Version 2.0
Committee Specification 02
19 August 2014

Overview:

This specification defines a profile for the integration of the OASIS Security Assertion Markup Language (SAML) Version 2.0 with all versions of XACML. SAML 2.0 complements XACML functionality in many ways, so a number of somewhat independent functions are described in this profile:

1) use of SAML 2.0 Attribute Assertions with XACML, including the use of SAML Attribute Assertions in a SOAP Header to convey Attributes that can be consumed by an XACML PDP

2) use of SAML to carry XACML authorization decisions, authorization decision queries, and authorization decision responses

3) use of SAML to carry XACML policies, policy queries, and policy query responses

4) use of XACML authorization decisions or policies as Advice in SAML Assertions

5) use of XACML responses in SAML Assertions as authorization tokens.

Particular implementations may provide only a subset of these functions.

URIs:
The prose specification and related files are available here:

Editable source (Authoritative):
http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/xacml-saml-profile-v2.0-cs02.doc

HTML:
http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/xacml-saml-profile-v2.0-cs02.html

PDF:
http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/xacml-saml-profile-v2.0-cs02.pdf

XML schemas:
http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/schemas/

Distribution ZIP files

For your convenience, OASIS provides a complete package of each prose specification and related files in a ZIP distribution file. You can download the ZIP files here:

http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/xacml-saml-profile-v2.0-cs02.zip

Members of the XACML SAML Profile Version 2.0 [1] requested a Special Majority Vote to approve this specification as a Committee Specification. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the approved CS02 is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone.

========== Additional references:

[1] XACML SAML Profile Version 2.0
https://www.oasis-open.org/committees/xacml/

[2] Public reviews:
– 15-day public review, 03 June 2014: https://lists.oasis-open.org/archives/tc-announce/201406/msg00001.html
– Comment resolution logs: http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/csprd04/xacml-saml-profile-v2.0-csprd04-comment-resolution-log.txt

– 15-day public review, 14 October 2011: https://lists.oasis-open.org/archives/members/201110/msg00011.html

– 30-day public review, 7 May 2010: http://lists.oasis-open.org/archives/tc-announce/201005/msg00003.html

– 60-day public review, 21 May 2009: http://lists.oasis-open.org/archives/tc-announce/200905/msg00006.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=2658