Identity Federation Standards

The Security Assertion Markup Language (SAML) thread is driven by the Organization for the Advancement of Structured Information Standards (OASIS). SAML provides an XML dialect for embedding identity data in an XML message. SAML versions 1.2 and 2.0 are currently used in federation deployments. SAML 2.0 can be looked at as the convergence of SAML 1.2 and the Liberty Identity Federation Framework (ID-FF) 1.1 specification. For more information, go to http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security.

The Liberty ID-FF 1.2 and Liberty Identity Web Services Framework (ID-WSF) 1.1 threads are driven by the Liberty Alliance, an industry consortium of more than 150 companies and organizations that focuses on standardizing identity federation. For more information, go to http://www.projectliberty.org.

The WS-Federation thread is driven by IBM, Microsoft, and VeriSign and is a portion of a larger set of specifications for Web services. WS-Federation has been a relatively independent thread that overlaps somewhat with the Liberty Alliance threads. In 2005, Sun Microsystems and Microsoft announced specifications that allow interoperability between the WS-Federation and Liberty ID-FF standards for Web single sign-on (SSO). For more information about WS-Federation, go to http://schemas.xmlsoap.org/ws/2003/07/secext; for more about interoperability of WS-Federation and Liberty ID-FF, go to http://xml.coverpages.org/WebSSO-InteropProfile200505.pdf.