A Credential Conversion Service for SAML-based Scenarios

Coordination of different administrative domains involves several security concerns, especially from an authorization point of view. SAML is getting a lot of popularity as a language that can be used to bridge several isolated authorization systems in order to provide a common interface in a shared...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: CANOVAS, Oscar, LOPEZ, Gabriel, GOMEZ-SKARMETA, Antonio F
Format: Buchkapitel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Coordination of different administrative domains involves several security concerns, especially from an authorization point of view. SAML is getting a lot of popularity as a language that can be used to bridge several isolated authorization systems in order to provide a common interface in a shared target scenario. In this paper, we present a Credential Conversion Service (CCS) that converts non-SAML credentials into SAML assertions following the rules of a conversion policy. CCS provides two different profiles governing how to exchange SAML assertions, and also defines some extensions to SAML in order to express the syntax and semantics of our CCS.
ISSN:0302-9743
1611-3349
DOI:10.1007/978-3-540-25980-0_24