SecurityAssertionMarkupLanguage is designed to provide WebServicesSecurity at a fine grain level. * note sometimes it is called "SecurityAssertionsMarkupL''''''anguage" (used less frequently), and both forms are seen at the OasisOrganization which created the term. At early 2005, version 2 is ratified and it provides convergence with the LibertyAlliance ID-FF (Identity Management Federated Framework), and has attended to some WebServicesInteroperabilityConcerns (privacy). See http://www.xml.com/pub/a/2005/01/12/saml2.html V2.0 draft was made available in Aug 2004. Features (ref http://searchwebservices.techtarget.com/tip/1,289483,sid26_gci1002183,00.html) include: * Session support, for session creation, maintenance, and teardown to maintain unique security contexts. * Exchange of metadata about assertions and message protocols and formats to ensure better interoperability. * Various mechanisms for collection and management of security credentials. '' See also '' http://xml.coverpages.org/ni2004-08-19-a.html It was said SAML v2 is important as it enabled "federation" of IdentityManagement schemes. ---- '''Resources''' ''SAML 2.0 unifies support for federation'' at http://searchwebservices.techtarget.com/originalContent/0,289142,sid26_gci951843,00.html ''ID-FF specs '' at http://www.projectliberty.org/resources/specifications.php ---- CategoryWebServices CategorySecurity