Web Single Sign-On Interoperability Profile

Last updated

Web Single Sign-On Interoperability Profile is a Web Services and Federated identity specification, published by Microsoft and Sun Microsystems that defines interoperability between WS-Federation and the Liberty Alliance protocols. [1]

A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.

Microsoft U.S.-headquartered technology company

Microsoft Corporation is an American multinational technology company with headquarters in Redmond, Washington. It develops, manufactures, licenses, supports, and sells computer software, consumer electronics, personal computers, and related services. Its best known software products are the Microsoft Windows line of operating systems, the Microsoft Office suite, and the Internet Explorer and Edge Web browsers. Its flagship hardware products are the Xbox video game consoles and the Microsoft Surface lineup of touchscreen personal computers. As of 2016, it is the world's largest software maker by revenue, and one of the world's most valuable companies. The word "Microsoft" is a portmanteau of "microcomputer" and "software". Microsoft is ranked No. 30 in the 2018 Fortune 500 rankings of the largest United States corporations by total revenue.

Sun Microsystems Defunct American computer hardware and software company

Sun Microsystems, Inc. was an American company that sold computers, computer components, software, and information technology services and created the Java programming language, the Solaris operating system, ZFS, the Network File System (NFS), and SPARC. Sun contributed significantly to the evolution of several key computing technologies, among them Unix, RISC processors, thin client computing, and virtualized computing. Sun was founded on February 24, 1982. At its height, the Sun headquarters were in Santa Clara, California, on the former west campus of the Agnews Developmental Center.

Contents

See also

Web Single Sign-On Metadata Exchange Protocol is a Web Services and Federated identity specification, published by Microsoft and Sun Microsystems that defines mechanisms for a service to query an identity provider for metadata concerning the protocol suites it supports. The goal of this operation is to increase the ability of a given service to interoperate with a given identity provider.

Security Assertion Markup Language is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions. SAML is also:

XACML stands for "eXtensible Access Control Markup Language". The standard defines a declarative fine-grained, attribute-based access control policy language, an architecture, and a processing model describing how to evaluate access requests according to the rules defined in policies.

Related Research Articles

Web Services Security is an extension to SOAP to apply security to Web services. It is a member of the Web service specifications and was published by OASIS.

The Web Services Interoperability Organization (WS-I) is an industry consortium chartered to promote interoperability amongst the stack of web services specifications. WS-I does not define standards for web services; rather, it creates guidelines and tests for interoperability. It is part of OASIS, another standards body.

Liberty Alliance organization

The Liberty Alliance Project was an organization formed in September 2001 to establish standards, guidelines and best practices for identity management in computer systems. It grew to more than 150 organizations, including technology vendors, consumer-facing companies, educational organizations and governments. It released frameworks for federation, identity assurance, an Identity Governance Framework, and Identity Web Services.

Web Services Discovery provides access to software systems over the Internet using standard protocols. In the most basic scenario there is a Web Service Provider that publishes a service and a Web Service Consumer that uses this service. Web Service Discovery is the process of finding suitable web services for a given task.

WS-Management is a DMTF open standard defining a SOAP-based protocol for the management of servers, devices, applications and various Web services. WS-Management provides a common way for systems to access and exchange management information across the IT infrastructure.

WS-MetaDataExchange is a web services protocol specification, published by BEA Systems, IBM, Microsoft, and SAP. WS-MetaDataExchange is part of the WS-Federation roadmap; and is designed to work in conjunction with WS-Addressing, WSDL and WS-Policy to allow retrieval of metadata about a Web Services endpoint.

Windows CardSpace

Windows CardSpace, is Microsoft's now-canceled client software for the Identity Metasystem. CardSpace is an instance of a class of identity client software called an Identity Selector. CardSpace stores references to users' digital identities for them, presenting them to users as visual Information Cards. CardSpace provides a consistent UI designed to help people to easily and securely use these identities in applications and web sites where they are accepted. Resistance to phishing attacks and adherence to Kim Cameron's "7 Laws of Identity" were goals in its design.

Web Services Interoperability Technology (WSIT) is an open-source project started by Sun Microsystems to develop the next-generation of Web service technologies. It provides interoperability between Java Web Services and Microsoft's Windows Communication Foundation (WCF).

Web Services Enhancements (WSE) is an obsolete add-on to the Microsoft .NET Framework, which includes a set of classes that implement additional WS-* web service specifications chiefly in areas such as security, reliable messaging, and sending attachments. Web services are business logic components which provide functionality via the Internet using standard protocols such as HTTP. Web services communicate via either SOAP or REST messages. WSE provides extensions to the SOAP protocol and allows the definition of custom security, reliable messaging, policy, etc. Developers can add these capabilities at design time using code or at deployment time through the use of a policy file.

WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchange.

WS-Federation is an Identity Federation specification, developed by a group of companies: BEA Systems, BMC Software, CA Inc., IBM, Microsoft, Novell, HP Enterprise, and VeriSign. Part of the larger Web Services Security framework, WS-Federation defines mechanisms for allowing different security realms to broker information on identities, identity attributes and authentication.

WS-Federation Active Requestor Profile is a Web Services specification - intended to work with the WS-Federation specification - which defines how identity, authentication and authorization mechanisms work across trust realms. The specification deals specifically with how applications, such as SOAP-enabled applications, make requests using these mechanisms. By way of contrast, WS-Federation Passive Requestor Profile deals with "passive requestors" such as web-browsers. WS-Federation Active Requestor Profile was created by IBM, BEA Systems, Microsoft, VeriSign, and RSA Security.

WS-Federation Passive Requestor Profile is a Web Services specification - intended to work with the WS-Federation specification - which defines how identity, authentication and authorization mechanisms work across trust realms. The specification deals specifically with how applications, such as web browsers, make requests using these mechanisms. In this context, the web-browser is known as a "passive requestor." By way of contrast, WS-Federation Active Requestor Profile deals with "active requestors" such as SOAP-enabled applications. WS-Federation Passive Requestor Profile was created by IBM, BEA Systems, Microsoft, VeriSign, and RSA Security.

The Microsoft Open Specification Promise is a promise by Microsoft, published in September 2006, to not assert its patents, in certain conditions, against implementations of a certain list of specifications.

Information Card

Information cards are personal digital identities that people can use online, and the key component of an identity metasystem. Visually, each i-card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select one they want to use for any given interaction. The information card metaphor is implemented by identity selectors like Windows CardSpace, DigitalMe or Higgins Identity Selector.

In computer networking, Identity Web Services Framework is a protocol stack that profiles WS-Security, WS-Addressing, SAML and adds new protocol specifications of its own, such as the Discovery Service, for open market per user service discovery, and the People Service for delegation and social networking.

References