SecurityAssertionMarkupLanguage is designed to provide WebServicesSecurity at a fine grain level.

* note sometimes it is called "SecurityAssertionsMarkupL''''''anguage" (used less frequently), and both forms are seen at the OasisOrganization which created the term.

At early 2005, version 2 is ratified and it provides convergence with the LibertyAlliance ID-FF (Identity Management  Federated Framework), and has attended to some WebServicesInteroperabilityConcerns (privacy). See http://www.xml.com/pub/a/2005/01/12/saml2.html

V2.0 draft was made available in Aug 2004. Features (ref http://searchwebservices.techtarget.com/tip/1,289483,sid26_gci1002183,00.html) include:
* Session support, for session creation, maintenance, and teardown to maintain unique security contexts. 
* Exchange of metadata about assertions and message protocols and formats to ensure better interoperability. 
* Various mechanisms for collection and management of security credentials.


'' See also '' http://xml.coverpages.org/ni2004-08-19-a.html

It was said SAML v2 is important as it enabled "federation" of IdentityManagement schemes.

----
'''Resources'''

''SAML 2.0 unifies support for federation'' at http://searchwebservices.techtarget.com/originalContent/0,289142,sid26_gci951843,00.html

''ID-FF specs '' at http://www.projectliberty.org/resources/specifications.php

----
CategoryWebServices CategorySecurity