0

SAML Definition

KZero Staff
Oct 18, 2023

Security Assertion Markup Language (abbreviated SAML) is an XML-based open-source framework for exchanging authentication and authorization information. It was developed in 2001 by the Security Services Technical Committee of OASIS (Organization for the Advancement of Structured Information Standards) and launched in November 2002 in its first version (SAML v1.0).

Over time, the OASIS team made several changes to the project, resulting in revised SAML 2.0 and SAML 2.1. The SAML standard contains multiple components that provide all relevant functions for the description and transmission of security-related information, representing the optimal basis for Federated Identity Management (FIM).

SAML can also be used to make statements about the characteristics and permissions of a user compared to other users or partner companies and applications (the latter is also defined in ASML as a service provider). To do this, the identity provider, which saves the relevant user information, uses assertions in XML format. Other components of a SAML standards-based verified environment are six different protocols, as well as bindings and profiles.

The scope of the SAML framework is easy to define: with the right amount of expertise, it is possible to create a central authentication system based on declarative languages that is characterized by efficiency and a high standard of security. Security is achieved by the fact that individual applications do not need to store or synchronize any user data, which in turn reduces significantly the number of possible security leaks. The main goal of the framework is to associate this high level of security with the best possible user experience, which is why it also supports Single Sign-On thanks to the related protocols and message formats.

KZero Staff

Explore more insightful content from the knowledgeable KZero staff on our blog and guides section.

Glossary Terms

Stay up to date with the most recent #infosec topics

Trending Topics

Share the page: